Title: Disable REST API for Real Author: Samuel Aguilera Published: 2015 年 12 月 17 日 Last modified: 2019 年 11 月 14 日 --- 搜索插件 ![](https://ps.w.org/sar-disable-rest-api/assets/banner-772x250.png?rev=2106977) **该插件尚未通过WordPress的最新3个主要版本进行测试**。 当与较新版本的WordPress一起 使用时,可能不再受到维护或支持,并且可能会存在兼容性问题。 ![](https://ps.w.org/sar-disable-rest-api/assets/icon-128x128.png?rev=2106977) # Disable REST API for Real 作者:[Samuel Aguilera](https://profiles.wordpress.org/samuelaguilera/) [下载](https://downloads.wordpress.org/plugin/sar-disable-rest-api.2.1.1.zip) * [详情](https://cn.wordpress.org/plugins/sar-disable-rest-api/#description) * [评价](https://cn.wordpress.org/plugins/sar-disable-rest-api/#reviews) * [开发进展](https://cn.wordpress.org/plugins/sar-disable-rest-api/#developers) [支持](https://wordpress.org/support/plugin/sar-disable-rest-api/) ## 描述 The WordPress REST API is a great resource, but if you don’t want to use it probably you will want to close this door to your WordPress. Unlike other popular plugins that aims to disable the REST API but **only return an error, processed by the REST API**, when a request is received, by default, this plugin **removes all filters and actions related to WordPress REST API, and returns a 404 error for requests sent to the REST API URL endpoints, effectively blocking any use of the REST API**. Optionally you can set the **REST API setting in Settings -> General page** to “ Logged In Only” for a less drastical action, to keep REST API access enabled but require the user to be logged in to accept the requests. If you’re happy with the plugin [please don’t forget to give it a good rating](https://wordpress.org/plugins/sar-disable-rest-api/reviews/?filter=5), it will motivate me to keep sharing and improving this plugin (and others). **SUPPORT:** If you have any support question, please [create an issue at the Github repository](https://github.com/samuelaguilera/sar-disable-rest-api/issues). #### 必需条件 * WordPress 4.7 or higher. #### Features * Disable WordPress core REST API **for real** by removing all filters and actions related to it and returning a 404 error for requests sent to REST API URL endpoints( e.g. https://example.com/wp-json/whatever ). * Option to require user to be logged in to use the REST API instead of completely disable it. #### Usage To disable the REST API completely simply install the plugin from the Plugins page and enable it. If you don’t want to disable the REST API but require user to be logged in instead, go to Settings -> General page and set the REST API to option to “Logged In Only”, and click Save Changes. You can change the option back to “Off” if you want to disable the REST API again. To return to WordPress default, simply deactivate the plugin. ## 屏幕截图 [⌊REST API option in Settings -> General page.⌉⌊REST API option in Settings -> General page.⌉[ REST API option in Settings -> General page. [⌊Jetpack's settings page confirming REST API is disabled.⌉⌊Jetpack's settings page confirming REST API is disabled.⌉[ Jetpack’s settings page confirming REST API is disabled. ## 常见问题 How can I test if the plugin is working? Use your browser to go to http://example.com/wp-json (replace example.com with your site domain). Your site will return a 404 error. You can also check any regular page of your site to confirm the link to the REST API URL was removed from the HTTP header and from the HTML header. If you have set the plugin to “Logged In Only”, no changes are made to the page headers, but you will receive the following response if you try the REST API without being logged in: ``` {"code":"rest_not_logged_in","message":"External REST API requests not allowed for this site.","data":{"status":401}} ``` ## 评价 ![](https://secure.gravatar.com/avatar/a9ea1c80a77738d03a2d68b5671566da7bbc9330c98c32ec16d43a3d069a0f63? s=60&d=retro&r=g) ### 󠀁[works perfectly](https://wordpress.org/support/topic/works-perfectly-341/)󠁿 [huskehn](https://profiles.wordpress.org/huskehn/) 2016 年 9 月 20 日 Much easier than editing functions.php. This removed the “Link” HTTP header entirely. Perfect! ![](https://secure.gravatar.com/avatar/7701881f08ff5e1f1feaacb1f62058b6ec0abc74ef8a69d6e6618d87a12b2963? s=60&d=retro&r=g) ### 󠀁[Simple to disable REST API](https://wordpress.org/support/topic/simple-to-disable-rest-api/)󠁿 [sergeymk](https://profiles.wordpress.org/sergeymk/) 2016 年 9 月 3 日 Thank you for this plug-in, glad I don’t have to dig around in WordPress code to disable the API functionality. I don’t use it and don’t want another door for potential exploits. ![](https://secure.gravatar.com/avatar/4fb994b83cf336056a11a1ffd861dcc4f15fc0993fbb18d05e2c440d47ad84e9? s=60&d=retro&r=g) ### 󠀁[One click plugin](https://wordpress.org/support/topic/one-click-plugin/)󠁿 [Denis Yanchevskiy](https://profiles.wordpress.org/denisco/) 2016 年 9 月 3 日 A simple way to disable WordPress REST API. [ 阅读所有3条评价 ](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/) ## 贡献者及开发者 「Disable REST API for Real」是开源软件。 以下人员对此插件做出了贡献。 贡献者 * [ Samuel Aguilera ](https://profiles.wordpress.org/samuelaguilera/) 「Disable REST API for Real」插件已被翻译至 2 种本地化语言。 感谢[所有译者](https://translate.wordpress.org/projects/wp-plugins/sar-disable-rest-api/contributors) 为本插件所做的贡献。 [帮助将「Disable REST API for Real」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/sar-disable-rest-api) ### 对开发感兴趣吗? 您可以[浏览代码](https://plugins.trac.wordpress.org/browser/sar-disable-rest-api/), 查看[SVN仓库](https://plugins.svn.wordpress.org/sar-disable-rest-api/),或通过[RSS](https://plugins.trac.wordpress.org/log/sar-disable-rest-api/?limit=100&mode=stop_on_copy&format=rss) 订阅[开发日志](https://plugins.trac.wordpress.org/log/sar-disable-rest-api/)。 ## 更新日志 #### 2.1.1 * Fixed typo. Thanks to Mike D for reporting it. #### 2.1 * Minor changes to make code 100% WordPress Coding Standards compliant. #### 2.0 * Added option in Settings -> General page to choose between completely disable the REST API (default), or “Logged In Only” to keep REST API access enabled but require the user to be logged in to accept the requests. * Removed support for WordPress 4.6.1 and older. #### 1.0 * Initial release. ## 额外信息 * 版本 **2.1.1** * 最后更新:**7 年前** * 活跃安装数量 **200+** * WordPress 版本 ** 4.7 或更高版本 ** * 已测试的最高版本为 **5.3.21** * 语言 * [Dutch](https://nl.wordpress.org/plugins/sar-disable-rest-api/) 、 [English (US)](https://wordpress.org/plugins/sar-disable-rest-api/) 和 [German](https://de.wordpress.org/plugins/sar-disable-rest-api/). * [翻译成简体中文](https://translate.wordpress.org/projects/wp-plugins/sar-disable-rest-api) * 标签 * [api](https://cn.wordpress.org/plugins/tags/api/)[JSON](https://cn.wordpress.org/plugins/tags/json/) [rest](https://cn.wordpress.org/plugins/tags/rest/)[rest-api](https://cn.wordpress.org/plugins/tags/rest-api/) [wp-json](https://cn.wordpress.org/plugins/tags/wp-json/) * [高级视图](https://cn.wordpress.org/plugins/sar-disable-rest-api/advanced/) ## 评级 5 星(最高 5 星)。 * [ 3 条 5 星评价 ](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/?filter=5) * [ 0 条 4 星评价 ](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/?filter=4) * [ 0 条 3 星评价 ](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/?filter=3) * [ 0 条 2 星评价 ](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/?filter=2) * [ 0 条 1 星评价 ](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/#new-post) [查看全部评论](https://wordpress.org/support/plugin/sar-disable-rest-api/reviews/) ## 贡献者 * [ Samuel Aguilera ](https://profiles.wordpress.org/samuelaguilera/) ## 支持 有话要说吗?是否需要帮助? [查看支持论坛](https://wordpress.org/support/plugin/sar-disable-rest-api/)