How to Secure the REST API and block any REST API?

I have noticed attacks using REST API:
/wp-login.php/wp-json/wp/v2/users/1

How to block any REST API using functions.php?

I have read good article: https://digwp.com/2018/08/secure-wp-rest-api/