The WordPress JSON REST API allows developers to interact with the WordPress site using JSON format. However, there may be cases where you want to disable this API for security or performance reasons. Here’s how you can achieve that:
To disable the WordPress JSON REST API, you can add the following code snippet to your theme’s functions.php file or in a custom plugin:
add_filter( 'json_enabled', '__return_false' );
add_filter( 'json_jsonp_enabled', '__return_false' );
This code snippet uses the add_filter() function to modify the behavior of two filters: and . By returning false for both filters, you are effectively disabling the JSON REST API and preventing it from being accessed.
This code snippet can be useful in scenarios where you want to restrict access to your site’s data and prevent unauthorized users from making requests to the JSON REST API.
Note that disabling the JSON REST API may affect any plugins or custom code that rely on it. Make sure to thoroughly test your site after implementing this code snippet to ensure that everything functions as expected.
Examples
Example 1: Disable the WordPress JSON REST API using a Plugin
This example demonstrates how to disable the WordPress JSON REST API by using a plugin. The code snippet below registers an activation hook that disables the REST API when the plugin is activated.
<?php
/**
* Plugin Name: Disable REST API
* Description: Disables the WordPress JSON REST API.
* Version: 1.0
* Author: Your Name
* Author URI: https://yourwebsite.com
*/
function wpsnippets_disable_rest_api() {
// Disable REST API
add_filter('rest_authentication_errors', '__return_true');
add_filter('rest_enabled', '__return_false');
add_filter('rest_jsonp_enabled', '__return_false');
}
register_activation_hook(__FILE__, 'wpsnippets_disable_rest_api');
The code uses the register_activation_hook function to register a callback function that disables the REST API when the plugin is activated. The wpsnippets_disable_rest_api function adds filters to rest_authentication_errors, rest_enabled, and rest_jsonp_enabled hooks, returning true or false to disable the REST API.
Example 2: Disable the WordPress JSON REST API using a Theme
This example demonstrates how to disable the WordPress JSON REST API by adding code to your theme’s functions.php file. The code snippet below disables the REST API by adding filters to the appropriate hooks.
<?php
// Disable REST API
add_filter('rest_authentication_errors', '__return_true');
add_filter('rest_enabled', '__return_false');
add_filter('rest_jsonp_enabled', '__return_false');
The code adds filters to rest_authentication_errors, rest_enabled, and rest_jsonp_enabled hooks, returning true or false to disable the REST API. Simply add this code to your theme’s functions.php file to disable the REST API.
Example 3: Disable the WordPress JSON REST API using a Custom Plugin
This example demonstrates how to disable the WordPress JSON REST API by creating a custom plugin. The code snippet below creates a custom plugin file that disables the REST API.
<?php
/**
* Plugin Name: Disable REST API
* Description: Disables the WordPress JSON REST API.
* Version: 1.0
* Author: Your Name
* Author URI: https://yourwebsite.com
*/
function wpsnippets_disable_rest_api() {
// Disable REST API
add_filter('rest_authentication_errors', '__return_true');
add_filter('rest_enabled', '__return_false');
add_filter('rest_jsonp_enabled', '__return_false');
}
add_action('plugins_loaded', 'wpsnippets_disable_rest_api');
The code creates a custom plugin file that disables the REST API. The wpsnippets_disable_rest_api function adds filters to rest_authentication_errors, rest_enabled, and rest_jsonp_enabled hooks, returning true or false to disable the REST API. The add_action function hooks the wpsnippets_disable_rest_api function to the plugins_loaded action, ensuring the REST API is disabled when the plugin is loaded.