Completely Disabling User REST API

Hey

We are using HivePress on our platform, and we are exploring options to enhance user privacy and security. Specifically, we are considering completely disabling the User REST API (/wp-json/wp/v2/users) on our site.

Could you please clarify the following:

  1. Does HivePress or any of its extensions rely on the WordPress User REST API (/wp-json/wp/v2/users) for any core functionality?
  2. Will completely disabling this API affect any of HivePress’s features, such as user profiles, user management, listings, reviews, or any other functionality?
  3. If HivePress relies on the User API, is there a recommended way to securely disable or restrict it without disrupting the platform’s core features?

Thank You :slight_smile:

1 Like

Hi,

Yes, HivePress does not use this endpoint, so you can disable it. However, we recommend that you additionally check whether WordPress itself uses this endpoint, for example, in the Dashboard.

I hope it helps

Great, thank you :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.