• Resolved noctroxis

    (@noctroxis)


    I have your plugin in Intranet mode so its protecting the frontend and backend but I have a cron job i have setup at a external website for push notifications. How can i whitelist the site or the link so that it is allowed through? I want users to be authenticated against O365 but I don’t wnat this plugin destroying my use of push notifications. the URL does not end with a filename it ends with a folder like https://someCronsite.com/ThisFolder/. I need to allow that link to pass through

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Marco van Wieren

    (@wpo365)

    To skip authentication for pages you can use the Page Blacklist setting and I’m not sure why you write that it doesn’t work perfectly. What I assume is that you have a requirement and it doesn’t work well with your requirement. For each request the plugin will check the last (= trailing) part of the current path. So when your path is https://www.example.com/etc/ then it would check whether “etc” can be found in the Pages Blacklist. If this is the case, the plugin will not try and validate the current session. So if your Pages Blacklist would be “wp-login.php;wp-cron.php;admin-ajax.php;etc” then it should cancel the current attempt to validate the authentication. If this is not the case, please use the contact form on the website to provide me some more details of what you are trying to achieve and I’ll investigate.

    Thread Starter noctroxis

    (@noctroxis)

    What if the URL is https://something.com/?smpushprofile=service_worker&platform=chrome or something like that?

    Plugin Author Marco van Wieren

    (@wpo365)

    This issue addressed here was solved by updated version v5.3 / v4.6 (Pages Blacklist can now include query string parts e.g. “?api=” but administrators need to be aware that this can potentially weaken overall security read more).

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Urgent! Need to whitelist a link’ is closed to new replies.