How to disable REST API in WordPress

The WordPress REST API allows developers to interact with sites remotely by sending and receiving JSON (JavaScript Object Notation) objects. Although the REST API is useful for developers, most WordPress site owners may not need it all. The WordPress REST API is also known to slow down the site and opens up for DDOS attacks, and these are probably valid reasons to disable the REST API. Disable REST API is a plugin that allows you to control access points to the WordPress REST API without touching the functions.php file. This article shows you how to use the Disable REST API plugin to manage and whitelist endpoints registered with the WordPress REST API.

Installing Disable REST API Plugin for WordPress

To install and configure Disable REST API plugin, follow these steps:

  1. Log in to your WordPress site with an administrator account.
  2. On the Dashboard in the left sidebar, click Plugins and then click Add New:

  3. Search for “Disable REST API” click Install, and then click Activate the plugin:

  4. To access the plugin, in the main menu, click on Settings, and then click on Disable REST API:

  5. Select and whitelist endpoints registered with the REST API:

  6. Click on Save to save the changes. If you need to reset changes,click on Reset Whitelisted:

Get Managed WordPress Hosting

Article Details

Other Articles in This Category

Show More

Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.

We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. Further information about cookies can be found in our Privacy Policy.