WordPress as a web service only
Prevent all access to site apart from admin panel (dashboard) and custom rest API endpoints.
I would like to create a web service using WordPress rest api.
I want to give access only to my custom endpoints and nothing else, all default WordPress endpoints should always return 403.
Frontend doesn’t exist for this webs ervice, so maybe aprat from the home page (or even that) no other urls would be available.
Admin panel(dashboard) would be ideally limitid to my USER_AGENT and IP, but if thats not possible I can live with it.
The concept is to only have my custom endpoints with rest API and nothing else.
No need for any plugins/themes, core updates and all that. just a web service using WordPress CMS.