すべて無効にするのではなく,特定の機能を使う場合は,たとえば,
disable_rest_api( false, [ 'oembed', 'contact-form-7' ] );
のように呼び出します(これで埋め込み機能とContact Form 7は有効のままとなります).
stinc/src/basic/blocker.php
function disable_rest_api( $force = true, $permitted_route = [] ) {
if ( $force ) {
remove_action( 'rest_api_init', 'create_initial_rest_routes', 99 );
add_filter( 'rewrite_rules_array', function ( $rules ) {
foreach ( $rules as $rule => $rewrite ) {
if ( preg_match( '/wp-json/', $rule ) ) {
unset( $rules[ $rule ] );
}
}
return $rules;
} );
return;
}
add_filter( 'rest_pre_dispatch', function ( $result, $wp_rest_server, $request ) use ( $permitted_route ) {
$route = $request->get_route();
foreach ( $permitted_route as $r ) {
if ( strpos( $route, "/$r/" ) === 0 ) return $result;
}
return new \WP_Error( 'disabled', [ 'status' => rest_authorization_required_code() ] );
}, 10, 3 );
}