Follow

If you are using you should know that the JSON REST API can reveal sensitive info about the site admins for everyone on the Internet such as login name and ID:

<your-blog.tld>/wp-json/wp/v2/users

The info can be used to prepare attacks.

You can turn this off with WordPress board tools: Open the functions.php of your theme and add a filter.

If you don't have a functions.php create one and add

<?php wp_head(); ?>

to your header.php file before the closing tag </head>.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.