Skip to content

Instantly share code, notes, and snippets.

@maddisondesigns
Last active March 25, 2019 19:38
Show Gist options
  • Save maddisondesigns/edb5df6c4549627f601e335e668592f3 to your computer and use it in GitHub Desktop.
Save maddisondesigns/edb5df6c4549627f601e335e668592f3 to your computer and use it in GitHub Desktop.
Remove the WP REST API JSON Endpoints for everyone except Administrators
<?php
/*
* Only allow Admin users to view WP REST API JSON Endpoints
*/
function mytheme_only_allow_logged_in_rest_access( $access ) {
if( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) {
return new WP_Error( 'rest_cannot_access', __( 'Only authenticated users can access the REST API.', 'disable-json-api' ), array( 'status' => rest_authorization_required_code() ) );
}
return $access;
}
add_filter( 'rest_authentication_errors', 'mytheme_only_allow_logged_in_rest_access' );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment