I have a WordPress website. One of my friends said I have to disable the wp-json/wp/v2/pages file otherwise hackers can check my data easily. So I tried the below code on my website and disabled the rest API response.
//disable wp-jon file
if( ! is_user_logged_in() ) {
remove_action('rest_api_init', 'create_initial_rest_routes', 99);
}
Now If anyone is accessing the URL wp-json/wp/v2/pages they will get the message “No route was found matching the URL and request method.” and it’s working for me.
Now my issue is if someone is accessing the URL mydomain.com/wp-json then it’s showing the JSON response, How can I block this URL?