Black list function

  • Plugin information ”Works as a “set it and forget it” install. ”

    Its a great plugin but i would like to have a blacklist function as i am using the plugin only to disable the api for user enumeration in WordPress and would like to blacklist this api as for now when new APIs are added by plugins and WordPress I need to manually whitelist them or I am missing something? Thank you

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Dave McHale

    (@dmchale)

    Hi @ipajen

    Unfortunately yes, it works as “set it and forget it” if you use it the way the name says… you want to Disable the REST API, period. If you want to customize the controls (like ONLY turning off access to the users routes) then the current rules default to “disallow” since you need to manually approve only those routes you wish to allow.

    Per the info on the admin page, NOTE: New routes may be added in the future by plugins, themes, or WordPress itself. If you choose to manage access for a user role, you will have to come back and add permissions for any new routes later.

    An override to this behavior is on my roadmap but unfortunately just not something I’ve had time to add yet. I’ll see what I can do to get this in the next release though. ?? Cheers!

    Thread Starter Jarko Piironen

    (@ipajen)

    Best would be a blacklist a route but if its easier and possible a notification in the WordPress admin panel that new routes has been found could work also as a option.

    Thanks

    Agreed, this would be a great way to go about it. Especially since WordPress and plugins in the future will start relying even more heavily on the API being accessible.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Black list function’ is closed to new replies.