Since WordPress released version 4.7.0. developers can connect the third-party apps with the backend core through a REST API endpoint. This was really great news for developers that marked a new level of WordPress platform usability. Version after version WordPress team ironed out the REST API imperfections, fixed bugs, and added missing features such as different authorization methods. Everything is great – for developers – but what about all those WordPress users that don’t need API? Well, they might need it sometime in the future and it’s there without an easy option to turn it off. The unused feature almost always introduces costs in resources and potential security concerns so let’s see how we can cut it out of our WordPress installation.
…