Absichern von WordPress im Child Themes:


1.)	prüfen der folgenden Website Pfade: https://.../
	/wp-json/wp/v2/users
	/wp-json/wp/v2/posts
	/wp-json/wp/v2/pages
	/wp-json/wp/v2/comments
	/wp-json/wp/v2/media

2.)	Im Child Theme die "functions.php" um den Eintag aus "functions_addon.php" erweitern (ct.de/y11k):

/*-----------------------------------------------------------------------------------*/
/* https://...//wp-json/wp/v2/users listings verbieten
/*-----------------------------------------------------------------------------------*/
add_filter( 'rest_authentication_errors', function( $result ) { 
  if ( ! empty( $result ) ) { 
    return $result; 
  } 
  if ( ! is_user_logged_in() ) { 
    return new WP_Error( '401', 'not allowed.', array('status' => 401) ); 
  } 
  return $result;
});




/*-----------------------------------------------------------------------------------*/
/* https://.../xmlrpc.php login verbieten
/*-----------------------------------------------------------------------------------*/
add_filter( 'xmlrpc_enabled', '__return_false' );