/functions.php
Last active Jan 21, 2018
Remove the WP REST API JSON Endpoints for everyone except Administrators
| <?php | |
| /* | |
| * Only allow Admin users to view WP REST API JSON Endpoints | |
| */ | |
| function mytheme_only_allow_logged_in_rest_access( $access ) { | |
| if( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) { | |
| return new WP_Error( 'rest_cannot_access', __( 'Only authenticated users can access the REST API.', 'disable-json-api' ), array( 'status' => rest_authorization_required_code() ) ); | |
| } | |
| return $access; | |
| } | |
| add_filter( 'rest_authentication_errors', 'mytheme_only_allow_logged_in_rest_access' ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment