Title: Disable REST API Author: Dave McHale Published: 3 spalio, 2014 Last modified: 14 rugsėjo, 2023 --- Ieškoti įskiepiuose ![](https://ps.w.org/disable-json-api/assets/banner-772x250.png?rev=1001011) Šis įskiepis **nebuvo išbandytas su 3 vėliausiomis WordPress versijomis**. Jis tikriausiai nėra prižiūrimas ir palaikomas, todėl gali neveikti su naujausiomis WordPress versijomis. ![](https://ps.w.org/disable-json-api/assets/icon-256x256.png?rev=1001011) # Disable REST API Autorius [Dave McHale](https://profiles.wordpress.org/dmchale/) [Parsisiųsti](https://downloads.wordpress.org/plugin/disable-json-api.zip) * [Informacija](https://lt.wordpress.org/plugins/disable-json-api/#description) * [Atsiliepimai](https://lt.wordpress.org/plugins/disable-json-api/#reviews) * [Diegimas](https://lt.wordpress.org/plugins/disable-json-api/#installation) * [Kūrimas](https://lt.wordpress.org/plugins/disable-json-api/#developers) [Pagalba](https://wordpress.org/support/plugin/disable-json-api/) ## Aprašymas The most comprehensive plugin for controlling access to the WordPress REST API! Works as a „set it and forget it” install. Just upload and activate, and the entire REST API will be inaccessible to your general site visitors. But if you do need to grant access to some endpoints, you can do that too. Go to the Settings page and you can quickly whitelist individual endpoints (or entire branches of endpoints) in the REST API. You can even do this on a per-user-role basis, so your unauthenticated users have one set of rules while WooCommerce customers have another while Subscribers and Editors and Admins all have their own. NOTE: Out of the box, all defined user roles will still be granted full access to the REST API until you choose to manage those settings. For most versions of WordPress, this plugin will return an authentication error if a user is not allowed to access an endpoint. For legacy support, WordPress 4.4, 4.5, and 4.6 use the provided `rest_enabled` filter to disable the entire REST API. ## Ekrano nuotraukos [⌊The JSON returned by a website with the API disabled via filters (WP versions 4.4, 4.5, 4.6)⌉⌊The JSON returned by a website with the API disabled via filters( WP versions 4.4, 4.5, 4.6)⌉[ The JSON returned by a website with the API disabled via filters (WP versions 4.4, 4.5, 4.6) [⌊The JSON returned by a website with the API disabled via authentication methods( WP versions 4.7+)⌉⌊The JSON returned by a website with the API disabled via authentication methods (WP versions 4.7+)⌉[ The JSON returned by a website with the API disabled via authentication methods ( WP versions 4.7+) [⌊The Settings page lets you selectively whitelist endpoints registered with the REST API, on a per-user-role basis.⌉⌊The Settings page lets you selectively whitelist endpoints registered with the REST API, on a per-user-role basis.⌉[ The Settings page lets you selectively whitelist endpoints registered with the REST API, on a per-user-role basis. ## Diegimas 1. Upload the `disable-json-api` directory to the `/wp-content/plugins/` directory via FTP 2. Alternatively, upload the `disable-json-api_v#.#.zip` file to the ‘Plugins->Add New’ page in your WordPress admin area 3. Aktyvuokite įskiepį per WordPress meniu „Įskiepiai” ## DUK ### How do I know if this plugin is working? While logged into WordPress as any user, the REST API will function as intended. Because of this, you must use a new browser – or Chrome’s incognito mode – to test your website with a clean session. Go to yourdomain.com/wp-json/ (or yourdomain. com/?rest_route=/ if you have pretty permalinks disabled) while NOT LOGGED IN to test the results. You will see an authentication error returned if the plugin is active. „DRA: Only authenticated users can access the REST API.” ### Does this plugin disable every REST API that is installed on my site? This plugin is ONLY meant to disable endpoints accessible via the core REST API that is part of WordPress itself. If a plugin or theme has implemented their own REST API (not to be confused with implementing their own endpoints within the WordPress API) this plugin will have no effect. ## Atsiliepimai ![](https://secure.gravatar.com/avatar/cd718b2b1b89af40b305136d24c22af2d8bfd11a113206d562d97467b6ff7862? s=60&d=retro&r=g) ### 󠀁[Excellent](https://wordpress.org/support/topic/excellent-13544/)󠁿 [graphicvision1](https://profiles.wordpress.org/graphicvision1/) 19 rugpjūčio, 2024 What else can I say, this plugin does exactly what its supposed to do. It’s easy to understand and works perfectly. So well done! ![](https://secure.gravatar.com/avatar/28f29c0bd22c800b94380bab32f1d21f509dcfd23c6a04c25d2577971ca70616? s=60&d=retro&r=g) ### 󠀁[Fantastic](https://wordpress.org/support/topic/fantastic-3276/)󠁿 [Wombat Plugins](https://profiles.wordpress.org/maartenbelmans/) 29 gruodžio, 2023 The plugin does what it says on the tin, without being pretentious. Absolutely fantastic! ![](https://secure.gravatar.com/avatar/2575687b68f004ac334b350150c3a0fe3ae1872f5b07bcb28e082ee2d0ba9f73? s=60&d=retro&r=g) ### 󠀁[One of the must have plugins.](https://wordpress.org/support/topic/one-of-the-must-have-plugins-4/)󠁿 [ucsendre](https://profiles.wordpress.org/ucsendre/) 14 rugsėjo, 2023 I always start my WordPress installations with this plugin (among a few other ones). A must have on all sites. Thank you. ![](https://secure.gravatar.com/avatar/6ee556d084a00f6d8da3d00fb4abd769110d2c1abefdbe4c0411bda05e1a0826? s=60&d=retro&r=g) ### 󠀁[Still works on WP 6.2](https://wordpress.org/support/topic/still-works-on-wp-6-2/)󠁿 [mw815371](https://profiles.wordpress.org/mw815371/) 3 balandžio, 2023 The plugin still works for me on WordPress 6.2. It’s great to have the option to allow API access where I need it and block everything else. ![](https://secure.gravatar.com/avatar/021af8b59a1c6fdd0d92b71f2a1a8d5bf6c40395d059fdbede4bb520af0cb33a? s=60&d=retro&r=g) ### 󠀁[Just what I was looking for](https://wordpress.org/support/topic/just-what-i-was-looking-for-535/)󠁿 [Ronny Adsetts](https://profiles.wordpress.org/ronnyadsetts/) 26 sausio, 2023 Allows locking the WP API behind auth and selectively allowing it where needed. Despite the lack of plugin updates, the author does have an active github repo so don’t let that put you off. ![](https://secure.gravatar.com/avatar/300547007f18e9a5b8eab3d451fd11f18a1c008b405403387d36656247e2d962? s=60&d=retro&r=g) ### 󠀁[Excellent solution](https://wordpress.org/support/topic/excellent-solution-67/)󠁿 [Ben Sibley](https://profiles.wordpress.org/bensibley/) 20 sausio, 2023 Blocking the REST API entirely breaks plugins that require this functionality, so being able to selectively enable routes is perfect. I recommend this plugin to everyone who uses Independent Analytics to secure their site while still enabling analytics to be recorded. [ Perskaityti visus atsiliepimus (38) ](https://wordpress.org/support/plugin/disable-json-api/reviews/) ## Programuotojai ir komandos nariai “Disable REST API” yra atviro kodo programa. Prie jos sukūrimo prisidėję žmonės surašyti toliau. Autoriai * [ Dave McHale ](https://profiles.wordpress.org/dmchale/) * [ Tang Rufus ](https://profiles.wordpress.org/tangrufus/) Įskiepis “Disable REST API” išverstas į 14 kalbų. Dėkojame [vertėjams](https://translate.wordpress.org/projects/wp-plugins/disable-json-api/contributors) už jų darbą. [Išverskite “Disable REST API” į savo kalbą.](https://translate.wordpress.org/projects/wp-plugins/disable-json-api) ### Domina programavimas? [Peržiūrėkite kodą](https://plugins.trac.wordpress.org/browser/disable-json-api/), naršykite [SVN repozitorijoje](https://plugins.svn.wordpress.org/disable-json-api/), arba užsiprenumeruokite [kodo pakeitimų žurnalą](https://plugins.trac.wordpress.org/log/disable-json-api/) per [RSS](https://plugins.trac.wordpress.org/log/disable-json-api/?limit=100&mode=stop_on_copy&format=rss). ## Pakeitimų istorija #### 1.8 * Tested up to WP v6.3 * Added `dra_error_message` filter so devs can customize the access error message * Fixed bug that caused fatal errors if activating plugin on installations running the LearnPress plugin * Changed minimum requirements to PHP 5.6 (up from 5.3) and WordPress 4.9 (up from 4.4). Adding docblock comments to support minimums. #### 1.7 * Tested up to WP v5.8 * Replace use of filemtime() with plugin version number for static file enqueues. Props @tangrufus for bringing this up! * Fixed logic bug for role-based default_allow rules. Props @msp1974 for the report! * Few small code-style updates #### 1.6 * Tested up to WP v5.6 * Added support for managing endpoint access on a per-user-role basis * Soooooooo many small changes behind the scenes to support the above #### 1.5.1 * Tested up to WP v5.5 #### 1.5 * Tested up to WP v5.3 * Added enforcement for WordPress and PHP minimum version requirements * Fixed minor bug to prevent unintended empty routes * Minor text updates and adding textdomain to translation functions that didn’t have them #### 1.4.3 * Added `load_plugin_textdomain()` for i18n #### 1.4.2 * Fixed issue causing unintentional unlocking of endpoints when another WP_Error existed before this plugin did its job #### 1.4.1 * Fixed echo of text URL to primary Plugins page in WP Dashboard #### 1.4 * Tested for WP v4.8 * Tested for PHP 5.3+ * Added settings screen * Site Admins may now whitelist routes that they wish to allow unauthenticated access to * Added `dra_allow_rest_api` filter to the is_logged_in() check, so developers can get more granular with permissions * Props to @tangrufus for all of the help that went into this release #### 1.3 * Tested for WP v4.7 * Adding new functionality to raise authentication errors in 4.7+ for non-logged- in users #### 1.2 * Tested for WP v4.5 * Removal of actions which publish REST info to the head and header #### 1.1 * Updated to support the new filters created in the 2.0 beta API #### 1.0 * Pradinė versija ## Metainformacija * Version **1.8** * Atnaujinta **prieš 3 metai** * Aktyvių instaliacijų **90 000+** * WordPress versija ** 4.9 ar naujesnė ** * Ištestuota iki **6.3.8** * PHP versija ** 5.6 ar naujesnė ** * Kalbos * [Asturian](https://ast.wordpress.org/plugins/disable-json-api/), [Chinese (Taiwan)](https://tw.wordpress.org/plugins/disable-json-api/), [Dutch](https://nl.wordpress.org/plugins/disable-json-api/), [Dutch (Belgium)](https://nl-be.wordpress.org/plugins/disable-json-api/), [English (US)](https://wordpress.org/plugins/disable-json-api/), [French (France)](https://fr.wordpress.org/plugins/disable-json-api/), [German](https://de.wordpress.org/plugins/disable-json-api/), [Portuguese (Portugal)](https://pt.wordpress.org/plugins/disable-json-api/), [Russian](https://ru.wordpress.org/plugins/disable-json-api/), [Spanish (Colombia)](https://es-co.wordpress.org/plugins/disable-json-api/), [Spanish (Ecuador)](https://es-ec.wordpress.org/plugins/disable-json-api/), [Spanish (Mexico)](https://es-mx.wordpress.org/plugins/disable-json-api/), [Spanish (Spain)](https://es.wordpress.org/plugins/disable-json-api/), [Spanish (Venezuela)](https://ve.wordpress.org/plugins/disable-json-api/) ir [Swedish](https://sv.wordpress.org/plugins/disable-json-api/). * [Išversti į savo kalbą](https://translate.wordpress.org/projects/wp-plugins/disable-json-api) * Žymos * [admin](https://lt.wordpress.org/plugins/tags/admin/)[api](https://lt.wordpress.org/plugins/tags/api/) [JSON](https://lt.wordpress.org/plugins/tags/json/)[rest](https://lt.wordpress.org/plugins/tags/rest/) [rest-api](https://lt.wordpress.org/plugins/tags/rest-api/) * [Daugiau](https://lt.wordpress.org/plugins/disable-json-api/advanced/) ## Įvertinimai 4.8 out of 5 stars. * [ 36 5-star reviews ](https://wordpress.org/support/plugin/disable-json-api/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/disable-json-api/reviews/?filter=4) * [ 1 3-star review ](https://wordpress.org/support/plugin/disable-json-api/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/disable-json-api/reviews/?filter=2) * [ 1 1-star review ](https://wordpress.org/support/plugin/disable-json-api/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/disable-json-api/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/disable-json-api/reviews/) ## Autoriai * [ Dave McHale ](https://profiles.wordpress.org/dmchale/) * [ Tang Rufus ](https://profiles.wordpress.org/tangrufus/) ## Pagalba Turite pastabų? Reikia pagalbos? [Peržiūrėti pagalbos forumą](https://wordpress.org/support/plugin/disable-json-api/)