🎉 Double storage, double possibilities : Enjoy 2x storage with all our plans now at no additional cost.

Disable REST API

Disable the use of the REST API on your website to site users. Now with User Role support!
By submitting this form you agree to our Terms & Conditions

The most comprehensive plugin for controlling access to the WordPress REST API!

Dave McHale  
  • Version
  • Last updated
  • Active Installations
  • Tested up to
  • WP Version
  • PHP Version


One of the must have plugins.

By ucsendre on September 14, 2023

I always start my WordPress installations with this plugin (among a few other ones).

A must have on all sites.

Thank you.

Still works on WP 6.2

By mw815371 on April 3, 2023

The plugin still works for me on WordPress 6.2. It's great to have the option to allow API access where I need it and block everything else.

Just what I was looking for

By Ronny Adsetts (ronnyadsetts) on January 26, 2023

Allows locking the WP API behind auth and selectively allowing it where needed. Despite the lack of plugin updates, the author does have an active github repo so don't let that put you off.

Excellent solution

By Ben Sibley (BenSibley) on January 20, 2023

Blocking the REST API entirely breaks plugins that require this functionality, so being able to selectively enable routes is perfect.

I recommend this plugin to everyone who uses Independent Analytics to secure their site while still enabling analytics to be recorded.

Sorry to end this

By Hendrik57 on January 10, 2023

It has not been tested with current Wordpress 6.1 and it seems to be compatible up to 5.8.6. Last update that we had was over 1 year ago.

This was/is a very good plugin with the options, and it could still work now, but we can not verify compliance.

Broke my site - but seems good idea

By richardjwallace on December 27, 2022

I installed this but following install I couldn't view any webpages.

The main page give exception

Notice: Trying to get property 'name' of non-object in /home/customer/www/XXXXXX/public_html/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php on line 60

I prompted renamed plugin folder using FTP in the folder wp-contentpluginsdisable-json-api.disable so I could login then deleted it

Good idea but didn't work for my site

Great work. Easy to use.

By tools400 on October 23, 2022

The title says all. It's a great plug-in and easy to use. Thanks!

Just works!

By druut (emkemk) on May 25, 2022

Great way to disable specific REST API endpoints. Simply a great plugin

Simply works great

By aparsley on March 24, 2022

Easily set/deny access for any endpoint per user role.

Great plug-in. It just works.

By citking on March 8, 2022

I reopened my dormant WordPress account just to post that this plugin just works. We went from multiple attempted logins to none after installing and activating it. Just use it - you'll be glad you did.

Downloads Trend


Are you the author of this plugin, Claim this page

Explore other WordPress plugins

Post Duplicator

Creates functionality to duplicate any and all post types, including taxonomies & custom fields.

WP Logo Showcase Responsive Slider and Carousel

The best responsive logo carousel to add, display and manage clients, partners, brand logos with multi logo slideshow in your website with easy shortc …

WooCommerce Blocks

WooCommerce Blocks are the easiest, most flexible way to display your products on posts and pages!

MouseWheel Smooth Scroll

Smooth scrolling experience, with mousewheel, touchpad or keyboard