6G portion breaks REST-API access

  • Resolved dreagose

    (@dreagose)


    8 years, 9 months ago

    My customer is running an E-commerce site with WooCommerce and when they implemented the 6G portion of the plug-in it caused a refusal of access to the API
    Error message is:

    ‘Error: Consumer Key is missing [woocommerce_api_authentication_error]’

    I have verified that all of the keys are in place and were working several times. Everything works without the 6G turned on. Anyone have a thought or idea on this?

    the API is being used by some custom programming to transfer inventory data from their web based P.O.S. package used by their brick & mortar store.

    Also, it would be nice to be able to turn on/off portions of the 6G security w/o having to play with the .htaccess file.

    Side note: a search feature on these posts would make it easier to find what you need instead of having to go through over 60 pages of posts.

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi,

    Most likely there is some term or token in URL of the request to the API that triggers one of 6G patterns. If you can provide the exact URL that gets blocked, we can have a look on it.

    Alternatively, you can reach to Jeff Star (author of 6G) directly.

    As for the turning on/off portions of 6G: It could be implemented, but my guess is that most of plugin users would have no idea what is the difference between particular portions. I’m not sure the added complexity to the interface is worth it.

    Side note: if you miss search feature on support forum posts, you should add your voice here.

    Greets,
    ?eslav

    Thread Starter dreagose

    (@dreagose)

    I have found the line in the .htaccess file that causes the problem

    # 6G:[REQUEST METHOD]
<ifModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} ^(connect|debug|delete|move|put|trace|track) [NC]
RewriteRule .* - [F]
#</IfModule>

    I believe that it’s the connect part of it that is the problem.

    I’m going to hold of of marking this resolved until I’m 100% positive as to the EXACT word that is the problem child.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Hi,
    Just a quick tip in case you are not doing it already – Use the custom rules feature of the aiowps plugin to implement your changes to the 6G (or any other firewall) rules. Just remember to deactivate the original firewall rule.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘6G portion breaks REST-API access’ is closed to new replies.

Tags