Wjslot 777 login.Makakuha ng libreng 700pho sa bawat deposito

Ivan van der Tuuk
(@tuukie)

4 years, 6 months ago

When you using Woocommerce, you can show analytics data through their menu.
If you enable filter long URL-strings that menu option is not working in back-end of WordPress. (not showing any data and console throws error).

Viewing 6 replies - 1 through 6 (of 6 total)

nlpro
(@nlpro)

4 years, 6 months ago

The “Filter long URL strings” setting is part of the WordPress Tweaks module (which by the way is disabled by default).

According to the modules intro text:

These are advanced settings that may be utilized to further strengthen the security of your WordPress site.

Note: These settings are listed as advanced because they block common forms of attacks but they can also block legitimate plugins and themes that rely on the same techniques. When activating the settings below, we recommend enabling them one by one to test that everything on your site is still working as expected.

Remember, some of these settings might conflict with other plugins or themes, so test your site after enabling each setting.

So, if the (WordPress Tweaks) setting doesn’t play nice with your site’s (front and/or) backend don’t enable it. One of the strengths of the iTSec plugin is the simple fact that it offers you the flexibility to only enable the settings that work for your site.

To prevent any confusion, I’m not iThemes.

nlpro
(@nlpro)

4 years, 6 months ago

Actually it turns out this setting only affects the frontend…

What error do you get ?

nlpro
(@nlpro)

4 years, 6 months ago

Oh and it’s part of the System Tweaks module (Previously I mistakenly mentioned it was part of the WordPress Tweaks module).

nlpro
(@nlpro)

4 years, 6 months ago

Probably similar issue to what is described here (Site Kit).

Found by reading this (Site Kit) topic.

Instead of disabling the iTSec plugin setting they (Google) fixed the issue by simply changing requests from GET to POST in their Site Kit plugin …

You could try and persuade Automattic to do the same in the WooCommerce plugin ??

somePaulo
(@finomeno)

4 years, 5 months ago

Same here. It does affect the backend.
When the ‘Filter long URL strings’ setting is enabled some graphs/tables in the WooCommerce analytics section fail to load data and throw a ‘414 Request URI too long’ error in response to GET requests addressed to /wp-json/wc-analytics/reports/*.
Any chance of excluding /wp-json/ or at least the /wp-json/wc-analytics/ path from being affected by this setting in iThemes Security?
nlpro
(@nlpro)

4 years, 5 months ago
When I mentioned “…this setting only affects the frontend…” in a previous post, it was because of the following code in the callback hooked:
```
if ( is_admin() ) {
   return;
}
```
However this piece of bail out code won’t work for a REST API request fired in the backend.

So apart from changing the woocommerce analytics REST API requests from a GET to a POST request perhaps adding the bail out code below to the callback hooked might do the trick (untested):
```
if ( ITSEC_Core::is_rest_api_request() ) {
   if ( strpos( $_SERVER['REQUEST_URI'], 'wp-json/wc-analytics' ) ) {
      return;
   }
}
```
The hooked callback is named block_long_urls() and it is located in the wp-content/plugins/better-wp-security/core/modules/system-tweaks/class-itsec-system-tweaks.php file.
- This reply was modified 4 years, 5 months ago by nlpro.
- This reply was modified 4 years, 5 months ago by nlpro.