Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Restrict WordPress Rest API requests to my domain

I have a WordPress website which I use just to populate blog posts and some private posts under custom post types. In another website, I am using the REST API to display the posts. If I use software like Postman, I can display data from the REST API.

How can I prevent any unauthorized REST API requests to domain www.example.com ? so if the request is not coming from www.mysite.com, it is blocked?

Basically prevent my custom post types (example.com) to be visible to the rest api if it is not coming from mysite.com

like image 699
Rain Man Avatar asked Dec 17 '22 18:12

Rain Man


1 Answers

You can Disable External request by adding this in your wp-config.php ( Also, you can specify domain which you don't want to block like this).

 define( 'WP_HTTP_BLOCK_EXTERNAL', TRUE );
 define( 'WP_ACCESSIBLE_HOSTS', 'example.com, domain.com' );
like image 127
Jigar Avatar answered Dec 28 '22 11:12

Jigar