API Write Blocker
A plugin to control the operation of admin-ajax.php, REST API, and xmlrpc.
00
·0 active installs·Updated 5 months agoAs of April 2026, API Write Blocker is a WordPress WordPress plugin with 0 active installations and a 0/5 rating0. It has been downloaded 191 times in total. Requires WordPress 6.8+ and PHP 7.4+. Available on WordPress.org since 2025.
0/5Rating
0active installs
191total downloads
1 yearsince 2025
Overview
API Write Blocker is a security-focused plugin that prevents unauthorized or anonymous users from executing write operations through REST API, XML-RPC, and Admin-Ajax interfaces.
Unlike generic API blockers, this plugin enables fine-grained control over which HTTP methods (POST, PUT/PATCH, DELETE) are allowed, supports whitelist-based exceptions, and protects core endpoints without interfering with legitimate functionalities such as contact form submissions or plugin integrations.
🔐 Key Features
REST API Method-Level Blocking
* Independently block POST, PUT/PATCH, and DELETE requests.
* Whitelist specific REST routes (prefix match supported) to allow legitimate access (e.g., contact forms).
* Configure a custom HTTP status code and error message per request type.
XML-RPC Write Operation…
Screenshots
Ratings & Reviews
00 reviews
5 ★
0
4 ★
0
3 ★
0
2 ★
0
1 ★
0
Compatibility
| WordPress | 6.8+ requiredTested up to 6.8.5 |
| PHP | 7.4+ required |
Frequently Asked Questions
Changelog
1.0
- Initial release.
- REST API write method blocking (POST, PUT/PATCH, DELETE).
- XML-RPC method-level write blocking.
- Admin-Ajax write action blocking with whitelist.
- IP and route/action whitelists.
…and 1 more changes
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.