The most comprehensive plugin for controlling access to the WordPress REST API!
最全面的插件,用于控制对WordPress REST API的访问! p>
Works as a “set it and forget it” install.
以“设置并忘记设置”的方式工作。
Just upload and activate, and the entire REST API will be inaccessible to
只需上传并激活,整个REST API将无法访问
your site visitors.
您的网站访问者。
Or if you have a plugin or theme installed which needs some of its endpoints to be accessible to
或者,如果您安装的插件或主题需要某些端点可以访问
site visitors, you can do that too.
网站访问者,您也可以这样做。
Go to the Settings page and you can quickly whitelist individual endpoints – or
转到“设置”页面,您可以快速将各个端点列入白名单–或
entire branches of endpoints – registered with the REST API.
端点的整个分支–已向REST API注册。 p>
The engine for the API has existed in WordPress since v4.4 and additional functionality and endpoints are a
自v4.4起,API的引擎就已经存在了,而v4.4和其他功能以及端点都是
continual project.
连续项目。
While this is very exciting news for many reasons, it is also not functionality that every site
尽管由于许多原因,这是一个令人振奋的新闻,但并不是每个站点都具有功能性
admin wants enabled on their website if not necessary.
管理员希望在不必要的情况下在其网站上启用。 p>
As of WordPress 4.7, the filters provided for disabling the REST API were removed.
从WordPress 4.7开始,已删除了用于禁用REST API的过滤器。
To compensate, this plugin will
为了补偿,此插件将
forcibly return an authentication error to any API requests from sources who are not logged into your website, which
对未登录您网站的来源的所有API请求强制返回身份验证错误,
will effectively still prevent unauthorized requests from using the REST API to get information from your website.
仍将有效地防止未经授权的请求使用REST API从您的网站获取信息。 p>
For WordPress versions 4.4, 4.5 and 4.6, this plugin makes use of the rest_enabled
filter provided by the API to
对于WordPress 4.4、4.5和4.6版本,此插件使用API提供的 rest_enabled code>过滤器来
disable the API functionality.
禁用API功能。
However, it is strongly recommended that all site owners run the most recent version
但是,强烈建议所有网站所有者都运行最新版本
of WordPress except where absolutely necessary.
WordPress,除非绝对必要。 p>