API Security and Rewrite Rule Conflict Issue

??Hi Andi,

Thank you for reaching out.

As you already stated, this is indeed happening because other plugins are looking for the old wp-json?path instead of the custom one?/call.

Unfortunately, there isn’t much we can do about it from our side, as they need to make a compatibility with custom paths.

Our recommendation would be to find out which plugins have problems with custom paths, reach out to their plugin author and ask to make a compatibility with them.

If we can help them in any way, feel free to share this thread with them or to create a new one and we’ll be more than happy to help.

Hi Peter, Thank you for your response.

When I change wp-json to a custom structure like call, I expect the endpoints to work seamlessly with the new URL. For example, /wp-json/wc/v2 normally returns a JSON response with a 200 status. However, when I change it to /call/wc/v2, it returns a 404 error instead of the expected JSON response.

It seems that simply replacing wp-json with call doesn’t automatically update the internal routing for the REST API endpoints. The custom URL structure isn’t being recognized, which is why the endpoints aren’t functioning as intended. I assumed that changing wp-json to call would be enough, but it appears the internal endpoints aren’t being affected by this change.

Could you clarify if there’s an additional step or configuration needed to ensure the custom URL structure works correctly with the REST API endpoints? Thanks!

• This reply was modified 2 weeks, 3 days ago by andi2021.

Here you can find a tutorial for changing Rest API that might help you out. https://wpghost.com/kb/change-rest-api-path-with-wp-ghost/

Just a small follow-up. Please go to step 3 from the article I previously sent.
https://wpghost.com/kb/change-rest-api-path-with-wp-ghost/#ghost-update-rest-api-path-important

There you will see that a clear cache is required because a cache plugin can have path caching. Also, put REST API path to exceptions in the cache plugin.

Hi Peter,

Thank you for your response.

Despite following your tutorial, I’ve tested everything, and it still doesn’t function as expected. Could you try modifying “wp-json” to “api” or a similar endpoint? For instance, navigate to domain/api and then domain/api/wc/v2. You’ll likely encounter the issue I’m referring to.

/api/wc/v2 is a WooCommerce call, I guess it has the WooCommerce plugin installed on the site.

Please set the following REST API settings: https://drive.google.com/file/d/1HI_Kq_Zfs6YrUtmJUXO9GcER2aJ4eEGe/view?usp=sharing

It’s important that Disable REST API Access is not active.

We have installed WooCommerce and the REST API can be tested here:
https://demo.wpghost.com/api/wc/v2

The tests we made are on the following servers:
Apache, Nginx v, Apache+Nginx, Litespeed Cache

Tested plugin:
WordPress 6.7.2
WP Ghost Lite 5.4.03 & Wp Ghost PRO 8.2.10
Woocommerce 9.7.1
LiteSpeed ??Cache 6.5.4

You can use instawp.com to test the plugin if you don’t have a stage website and see how it goes there.

Hi Peter,

Thank you for your help earlier. I’ve tested the setup on InstaWP, and it works perfectly. However, after deploying it on an OpenLiteSpeed server, I encountered a 404 error again. For testing purposes, I only installed two plugins: WooCommerce and WP Hide My Ghost. It seems there might be a compatibility issue or configuration conflict with the OpenLiteSpeed server.

Could you please advise if there’s a known solution or specific server configuration required to resolve this? Your expertise would be greatly appreciated.

Best regards,
David Jame

Please follow this tutorial on how to do the setup on OpenLiteSpeed.
https://wpghost.com/kb/config-htaccess-in-openlitespeed-a-step-by-step-guide/

Learn more here: https://docs.openlitespeed.org/config/rewriterules/

Hi Peter,

I hope you’re doing well. Before reaching out, I made sure to exhaust all possible solutions on my end. I carefully followed the step-by-step guide provided at https://wpghost.com/kb/config-htaccess-in-openlitespeed-a-step-by-step-guide/ and double-checked my configuration multiple times. Unfortunately, I’m still encountering issues with specific WP-JSON endpoints.

Here’s the behavior I’m experiencing:

• /api?returns a?200?status code (success).
• However,?/api/,?/api/wc, and?/api/wc/v2?all result in?404?errors.

I suspect this might be related to OpenLiteSpeed’s caching mechanism. Initially, after switching configurations, the endpoints might work due to cached responses. However, after waiting 1-2 minutes or performing a hard refresh (Ctrl + F5), the 404 errors reappear.

Could you please take a moment to verify the compatibility of your plugin with OpenLiteSpeed? All other features are functioning perfectly, but the issue seems to persist specifically with the wp-json rewrites.

Your assistance in resolving this would be greatly appreciated. Thank you for your time and support!

Best regards,
David Jame