I've created a Angular website and an PHP API but I don't want my API being usable to everyone and I don't know how to block access to all users except my website.
Some ideas, advices ?
You would want to implement some sort of authentication or limiting of access. Here are something to get you started: https://www.sitepoint.com/php-authorization-jwt-json-web-tokens/
You can't to complete hide your api, because it should be accessible by your angular application via external interface.
But you can to restrict availability by some security solutions: authentication, app tokens, etc.
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'X-TOKEN: XXXXX-XXXX',
));
Set Token while calling api and check in your code that if token is exist and it is matching with your stored token then serve the request or show error message i.e simplest solution for you.