If you are using #WordPress you should know that the JSON REST API can reveal sensitive info about the site admins for everyone on the Internet such as login name and ID:
The info can be used to prepare #bruteforce attacks.
You can turn this off with WordPress board tools: Open the functions.php of your theme and add a filter.
If you don't have a functions.php create one and add
<?php wp_head(); ?>
to your header.php file before the closing tag </head>.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.