Sébastien Dumont
@sebd86.bsky.social
🛒 Decouples @woocommerce.com with @cocartapi.bsky.social and secures API's with apisecurity.pro
Lifetime offer available until 30th September
https://linktr.ee/sebastiendumont
Lifetime offer available until 30th September
https://linktr.ee/sebastiendumont
Pinned
Sébastien Dumont
@sebd86.bsky.social
· Aug 18
Hello everyone! - API Security
Tired of leaving your WordPress REST API wide open? Hackers love unsecured APIs. They can scrape data, spam requests, and poke for vulnerabilities, or even manipulate content. We just launched API Sec...
apisecurity.pro
Hey everyone!
I just launched API Security—a zero-config #WordPress plugin that instantly locks down your REST API, blocks unknown outsiders, limits abusive requests, and protects your data.
Details on LTD offer: apisecurity.pro/hello-everyo...
Request demo: app.instawp.io/launch?t=api...
I just launched API Security—a zero-config #WordPress plugin that instantly locks down your REST API, blocks unknown outsiders, limits abusive requests, and protects your data.
Details on LTD offer: apisecurity.pro/hello-everyo...
Request demo: app.instawp.io/launch?t=api...
Reposted by Sébastien Dumont
The #WordPress REST API is an open book. See the problem for yourself.
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
August 31, 2025 at 6:47 PM
The #WordPress REST API is an open book. See the problem for yourself.
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
Each #WordPress REST API namespace provides it's own index. Leaving it open for hackers to have a directory to use to their advantage. Public access should be denied by default. 😨
Get API Security and we will send them down a black hole instead.
apisecurity.pro
Get API Security and we will send them down a black hole instead.
apisecurity.pro
August 31, 2025 at 6:48 PM
Each #WordPress REST API namespace provides it's own index. Leaving it open for hackers to have a directory to use to their advantage. Public access should be denied by default. 😨
Get API Security and we will send them down a black hole instead.
apisecurity.pro
Get API Security and we will send them down a black hole instead.
apisecurity.pro
The #WordPress REST API is an open book. See the problem for yourself.
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
August 31, 2025 at 6:47 PM
The #WordPress REST API is an open book. See the problem for yourself.
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
Try this on any site: add /wp-json/ to the end of the domain and see the long list of information publically available for hackers—just ready to scrape data, spam requests, and poke for vulnerabilities. 😱
I see so many articles about how to secure the #WordPress REST API and explain what you should do. They mostly copy each other providing the same code snippets to disable for unauthorized and remove endpoints if not logged in. None of them actually provide a real solution.
August 31, 2025 at 6:46 PM
I see so many articles about how to secure the #WordPress REST API and explain what you should do. They mostly copy each other providing the same code snippets to disable for unauthorized and remove endpoints if not logged in. None of them actually provide a real solution.
Hey everyone!
I just launched API Security—a zero-config #WordPress plugin that instantly locks down your REST API, blocks unknown outsiders, limits abusive requests, and protects your data.
Details on LTD offer: apisecurity.pro/hello-everyo...
Request demo: app.instawp.io/launch?t=api...
I just launched API Security—a zero-config #WordPress plugin that instantly locks down your REST API, blocks unknown outsiders, limits abusive requests, and protects your data.
Details on LTD offer: apisecurity.pro/hello-everyo...
Request demo: app.instawp.io/launch?t=api...
Hello everyone! - API Security
Tired of leaving your WordPress REST API wide open? Hackers love unsecured APIs. They can scrape data, spam requests, and poke for vulnerabilities, or even manipulate content. We just launched API Sec...
apisecurity.pro
August 18, 2025 at 6:20 PM
Hey everyone!
I just launched API Security—a zero-config #WordPress plugin that instantly locks down your REST API, blocks unknown outsiders, limits abusive requests, and protects your data.
Details on LTD offer: apisecurity.pro/hello-everyo...
Request demo: app.instawp.io/launch?t=api...
I just launched API Security—a zero-config #WordPress plugin that instantly locks down your REST API, blocks unknown outsiders, limits abusive requests, and protects your data.
Details on LTD offer: apisecurity.pro/hello-everyo...
Request demo: app.instawp.io/launch?t=api...
New #WordPress security plugin coming soon that addresses areas that have not been touched by other plugins out there.
January 29, 2025 at 1:59 PM
New #WordPress security plugin coming soon that addresses areas that have not been touched by other plugins out there.
If you like to show some appreciation for the work I have done with just the core of my #WordPress plugin CoCart, you can now #sponsor it's development. Rewards are also available. Thank you in advance. 🫶
github.com/co-cart/co-c...
github.com/co-cart/co-c...
GitHub - co-cart/co-cart: 🛒 CoCart's developer-friendly REST API integrates with WooCommerce to decouple your storefront and convert it blazing-fast, build in any web framework.
🛒 CoCart's developer-friendly REST API integrates with WooCommerce to decouple your storefront and convert it blazing-fast, build in any web framework. - co-cart/co-cart
github.com
December 3, 2024 at 8:53 PM
If you like to show some appreciation for the work I have done with just the core of my #WordPress plugin CoCart, you can now #sponsor it's development. Rewards are also available. Thank you in advance. 🫶
github.com/co-cart/co-c...
github.com/co-cart/co-c...