-
Notifications
You must be signed in to change notification settings - Fork 0
/
README.txt
88 lines (51 loc) · 2.43 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
=== SMNTCS Disable REST API User Endpoints ===
Contributors: nielslange
Tags: REST API, Endpoints, Security
Stable tag: 2.2
Tested up to: 6.4
Requires PHP: 5.6
Requires at least: 5.0
License: GPL v2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Disable the REST API user endpoints due to obscure user slugs.
== Description ==
With WordPress 4.7 the REST API is part of the core. At the moment everyone has read access to the REST API. As a result of that a potential intruder can retrieve a list of all user slugs via `/wp-json/wp/v2/users`. This plugin disables the REST API user endpoints to obscure the user slugs.
== Contribute ==
Contributions are more than welcome. Simply head over to [Github](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/) and open an issue or a pull request.
== Installation ==
1. Upload `smntcs-disable-rest-api-user-endpoints` to the `/wp-content/plugins/` directory.
2. Activate the plugin through the `Plugins` menu in WordPress.
== Screenshots ==
Simple activate the plugin and you're done.
== Changelog ==
= 2.2 (2023.10.15) =
- Test up to WP 6.4
- Convert code to OOP
= 2.1 (2023.03.11) =
- Test up to WP 6.2
= 2.0 (2022.12.03) =
- Test up to WP 6.1
= 1.9 (2022.06.09) =
- Test up to WP 6.0
= 1.8 (2021.12.31) =
- Test up to WP 5.8
= 1.7 (2021.05.01) =
- [Add build tools](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/21)
- [Add GitHub Actions](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/23)
- [Test up to WP 5.7](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/25)
= 1.6 (2021.01.08) =
- Test up to WP 5.6
= 1.5 (2020.05.10) =
- [Remove load_plugin_textdomain()](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/7)
= 1.4 (2020.05.10) =
- [Update plugin header](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/5)
- Test up to WP 5.4
= 1.3 (2019.12.26) =
- [Add build tools](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/3)
- [Test up to 5.3](https://github.com/nielslange/smntcs-disable-rest-api-user-endpoints/issues/2)
= 1.2 (2019.04.05) =
- Refactor based on PHPCS and WPCS
= 1.1 (2019.02.20) =
- Test up to WP 5.1
= 1.0 (2018.03.27) =
- Initial release