wp-json exposing my website content

It’s just the REST API operating as it’s supposed to, not exposing anything that isn’t already publicly accessible on your site via a browser: https://developer.www.ads-software.com/rest-api/

There are plugins to disable it, but since it’s an expect and normal core function of WordPress, you could run into problems down the line: https://www.ads-software.com/plugins/search/disable+rest+api/

Generally posts on a website are public, but if we open api then using some tools, anyone can copy my whole website data within a day.

If we protect api using authentication then other people can’t access. Only installed plugin can access. I can see that, yoast, jetpack etc needs api access. Also when I edit a post and want to publish a post then still one request sent to wp-josn. There is no possibility to protect wp-json? Only my website plugins can access wp-josn. No abusers can access it?

I linked to plugins for that in my previous reply.

your given link has results in 41 pages. I am confused among them.

In that search listing, on the first page, https://www.ads-software.com/plugins/disable-wp-rest-api/ is the second result, https://www.ads-software.com/plugins/disable-json-api/ is the third, and https://www.ads-software.com/plugins/wp-rest-api-authentication/ is the ninth.