I have a custom code that only allows REST API access for certain endpoints or user agents. This code works for all accesses, such as Stripe or product partners, but it does not work for PayPal Express Payment. Here’s the code, which also shows the various attempts I’ve made in hopes that PayPal (Express Payment) would go through.

function restrict_wp_json_to_logged_in_users( $result ) {
    $allowed_endpoints = array(
        '/wp-json/wc-stripe/v1/webhook', 
        '/wp-json/wc/v3/orders', 
        '/wp-json/wc/v3', 
        '/wp-json/wc-ajax/', 
        '/wp-json/wc/v2', 
        '/wp-json/wc/store', 
        '/wp-json/wp/v2', 
        '/wp-json/wc-ppcp/v1/webhook/production', // PayPal Webhook v1
        '/wp-json/wc-ppcp/v2/webhook/production', // PayPal Webhook v2
        '/wp-json/wc-ppcp/v3/webhook/production', // PayPal Webhook v3
        '/wp-json/wc-ppcp/v1/', //PayPal v1
        '/wp-json/wc-ppcp/v2/', // PayPal v2
        '/wp-json/wc-ppcp/v3/', // Paypal v3
         '/wc-ajax/wc_ppcp_frontend_request', // PayPal AJAX/
    );

    $allowed_user_agents = array(
        'Stripe/1.0', 
        'axios/1.6.6', 
        'PayPal-IPN', 
    );

    $request_uri = $_SERVER['REQUEST_URI'];
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    $remote_ip = $_SERVER['REMOTE_ADDR'];

    foreach ( $allowed_endpoints as $endpoint ) {
        if ( strpos( $request_uri, $endpoint ) !== false ) {
            return $result;
        }
    }

    foreach ( $allowed_user_agents as $agent ) {
        if ( strpos( $user_agent, $agent ) !== false ) {
            return $result;
        }
    }

    if ( !is_user_logged_in() && !current_user_can( 'edit_posts' ) ) {
        return new WP_Error( 'rest_cannot_access', 'Only authenticated users have access to the REST API.', array( 'status' => 401 ) );
    }

    return $result;
}
add_filter( 'rest_authentication_errors', 'restrict_wp_json_to_logged_in_users' );

Could you please let me know which user agent or other value I can enter to allow the PayPal Express payment method to go through? If I delete the entire code, it works, but then I lose the security of granting access only to selected addresses.

Thank you for your help.

How can I successfully set up the “desktop” user agents, and set for “pass-through” or theme for both user groups. I need to have the desktop and mobile use different caches and so far I have been unsuccessful

My understanding is that “pass-through” allows the plugin to control which ever works, is this correct?

I hope you can help out. Thanks!

Although Cleantalk helped me with removing spam comments, It is blocking Crawlers and Bots from 3rd party SEO website Analyzer. Ex. Screpy and Sitechecker.

Any way to avoid these blocks like whitelist?

How can I change the setting for the Mobile Display, for your plugin to display for ALL devices up to 800px.

I think your plugin ONLY displays up to Mobile phone sizing BUT my Samsung Galaxy 7 inch displays same coding as MOBILES but your Plugin WP Touch does NOT seem to extend to that sizing of that device.

I know I should be able to CHANGE the cut off for mobile devices to a certain sized device, therefore I want to CHANGE it up to 800px device.

Therefore my Samsung Galaxy 7 inch ONLY shows desktop version which is NOT what I want as it displays awfully.

HOW do I fix this urgently please ?

Thanks
kristin

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^AhrefsBot [NC]
RewriteRule ^.* – [F]

But module does not work. May be there are not enough quotation marks?
May be need “^AhrefsBot”? The plugin does not add quotation marks.

I am facing issues with device detection using the plugin, I found that we can use user agents list to solve the issue, the plugin comes up with 2 default lists, for mobiles and tables, which we can put in “Rejected user agents” under page cache settings. But in my case I want to reject user agents for desktop devices, so can you please let me know the user agent list values for detecting desktop devices, or where I can find that list, because I tried searching, but was not sure which values I need to enter there.

Thanks in advance!

Basically, I’d like to remove the following code, if the screen resolution >480px: “target=”_blank” data-div =”content” ”

Is this doable?

Cheers!

# Start HackRepair.com Blacklist
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} “^Mozilla.*Indy” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Mozilla.*NEWT” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^$” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Maxthon$” [NC,OR]
Thanks

Is this no longer a standard feature of W3 Total Cache, or do I need to pay for the upgraded version in order to access this feature?