Woocommerce API Access timing out

  • Resolved Kevin

    (@thekevinwilson)


    11 months, 2 weeks ago

    Hello! I’m running tech support for a client using Woocommerce, and they’re working with a service called Shipping Easy that’s getting timed out when they try to access a list of products and orders using an api. The URL they’re trying to access starts with “www.clienturl.com/wp-json/wc/v2/” (with more bits after)

    I assume this is the REST API, but this is already getting deep enough that I may be wrong. Either way, I believe the answer here is to whitelist them. But I don’t know if this is something I should be setting in the allowed URLs section, getting an IP from ShippingEasy so I can add them to “Allowlisted IP addresses that bypass all rules”, or something else. Any direction here would be helpful!

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @thekevinwilson thanks for your detailed message.

    You’re right about the REST API by the looks of the path, but unless unavoidable we don’t recommend adding any IP addresses to “Allowlisted IP addresses that bypass all rules” as all Wordfence protection is bypassed, even if the IP is reassigned at a later date.

    It seems like you need “Allowlisted URLs” instead, which appears on Wordfence > All Options. This can be tricky to get the precise parameters though even when inspecting the Network tab in your browser, so there are two other things you can try first.

    The easiest thing is to place Wordfence in Learning Mode. From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. You could then attempt to perform the Shipping Easy actions that were being blocked. If they start to work as normal, switch the WAF from Learning Mode back to Enabled and Protecting to see if it continues to work afterwards.

    If that doesn’t work, repeat the blocked action so a recent case appears near the top of your Live Traffic page. When clicking the block line (or “eye” icon), it will state the reason in red text. In many cases, an “ADD PARAM TO FIREWALL ALLOWLIST” button appears in this section which you can click to allow these types of request in future.

    I hope that helps you out,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Woocommerce API Access timing out’ is closed to new replies.