Kevin Vess
Forum Replies Created
-
Forum: Plugins
In reply to: [Force Login] Blocking Rest API?Hi, thanks for using Force Login!
Force Login uses the rest_authentication_errors filter to check for REST API authentication. If no authentication is used, it blocks the request.
You can either disable our filter function or hook into it yourself to allow the specific endpoint to be accessed without authentication.
Check out this related support thread:
https://www.ads-software.com/support/topic/bypassing-only-specific-rest-endpoint/And:
https://www.ads-software.com/support/topic/exception-for-api/Thanks!
Forum: Plugins
In reply to: [Responsive Blocks - WordPress Gutenberg Blocks] CSS Issue in CustomizerThis was an issue in version 1.7.8 but doesn’t appear to be an issue after updating the plugin to the current available version.
Thanks!
Forum: Plugins
In reply to: [Force Login] Remains logged inHi– thanks for using Force Login!
This is not an issue caused by the plugin.
I suspect this is caused by your web browser. I believe closing tabs does not log you out of any website; you need to quit the entire browser application to clear logged-in sessions.
Good luck!
Forum: Plugins
In reply to: [Force Login] Password Reset Email Link Not BypassingHi, thanks for using Force Login!
The bypass filter will not solve this issue–?according to the error, it’s an issue with the REST API.
Check out this support topic for help with this:
https://www.ads-software.com/support/topic/bypass-code-to-solve-401-error-not-working/#post-17137303Forum: Plugins
In reply to: [Force Login] Redirection url + many redirects when unknown pageHi, thanks for using Force Login!
To remove the
?redirect_to=query string from the login screen, you have two options:- Use the
v_forcelogin_redirectfilter in Force Login to remove the redirect_to URL by replacing the URL with an empty string. - Use the
login_urlfilter to remove the redirect_to URL.
https://developer.www.ads-software.com/reference/hooks/login_url/
As for your other question, I’ve not experienced a redirect loop while trying to access a non-existent page/URL. This is likely caused by a conflict with the other plugins you have installed.
Good luck, thanks!
Forum: Plugins
In reply to: [Force Login] Use in Staging/Production EnvironmentsThe
admin_initonly runs when a user accesses the admin area.So, as long as you’re accessing the admin area after pushing changes to your site and checking everything went up correctly, it should run your script added to that hook.
If you don’t think you’ll access the admin area after pushing your changes, you might want to use the other methods I suggested.
Forum: Plugins
In reply to: [Force Login] Use in Staging/Production EnvironmentsI should check to be sure the plugin is installed, no?
Using the is_plugin_active() condition is enough to check if the plugin is installed and active. If it’s not installed, it will not return true when checking if it’s active.
Your else if statement only needs to check if it’s not active because I assume you want it activated for any site except the live site:
else if ( ! is_plugin_active( $force_login_plugin ) ) { }With that being said, using the bypass filter instead of activating/deactivating should be fine.
A possible advantage to using the deactivate_plugins() method might be a slight performance boost if you only run that check with the admin_init hook instead of when each page loads on the front end. Also, deactivating the plug can ensure no conflicts with other plugins.
Thanks and good luck!
Forum: Plugins
In reply to: [Force Login] Issue with bricks builder custom login pagesHi, thanks for using Force Login!
Checkout the?plugin FAQ?for information on how to add exceptions for your custom login page(s). I recommend you use the WordPress?Conditional Tags?to code your conditional statement.
Good luck!
Forum: Plugins
In reply to: [Force Login] Use in Staging/Production EnvironmentsHi, thanks for using Force Login!
When you push/pull your changes between sites, are you able to ignore the Must-Use Plugins directory? If so, you could try adding the plugin only to the Staging site’s
/wp-content/mu-plugins/directory to avoid the database storing the active status of the installed plugin.Another option would be to add code that disables the Force Login plugin only on the Production site using the deactivate_plugins() function. Something like this:
<?php // Disable 'Force Login' for production site $force_login_plugin = '/wp-force-login/wp-force-login.php'; if ( 'productiondomain.com' === $_SERVER['HTTP_HOST'] && is_plugin_active( $force_login_plugin ) ) { deactivate_plugins( $force_login_plugin ); } ?>Lastly, you could use the bypass filter as you suggested. I would write the conditional statement to be more vague to allow the same code to work across multiple sites. Something like this:
/** * Bypass Force Login to allow for exceptions. * * @param bool $bypass Whether to disable Force Login. Default false. * @return bool */ function my_forcelogin_bypass( $bypass ) { // Allow non-staging site to be publicly accessible if ( strpos( $_SERVER['HTTP_HOST'], 'staging' ) === false ) { $bypass = true; } return $bypass; } add_filter( 'v_forcelogin_bypass', 'my_forcelogin_bypass' );- This reply was modified 11 months, 2 weeks ago by Kevin Vess. Reason: simplified the deactivate plugins example code
Forum: Plugins
In reply to: [Force Login] register custom pageHi, thanks for using Force Login!
Checkout the plugin FAQ for information on how to add exceptions for certain pages or posts. I recommend you use the WordPress Conditional Tags to code your conditional statement.
Good luck!
Forum: Plugins
In reply to: [Force Login] Bypass code to solve 401 error not workingHi– thanks for using Force Login!
You can disable the REST API restriction in Force Login by adding the following code to your theme functions.php file:
remove_filter( 'rest_authentication_errors', 'v_forcelogin_rest_access', 99 );If you need help customizing the
rest_authentication_errorsfilter to only allow a specific endpoint access, I recommend you hire a developer.With that being said, your code example looks incorrect. Specifically, the
$_SERVER['xtremeplatform.com']part of your conditional statement. This likely needs to be$_SERVER['REQUEST_URI']just like the example in the other support thread you referenced.Thanks and good luck!
Forum: Plugins
In reply to: [Force Login] Redirect to login screen on any other page once logged inHi– thanks for using Force Login!
I don’t understand what your question is. I recommend you hire a developer to help you customize this for you.
Thanks and good luck!
Forum: Plugins
In reply to: [Force Login] Log out hyperlink not functioningHi– thanks for using Force Login!
It sounds like you’re using a custom lost-password URL? You might need to ensure your custom login URLs are allowed public access using the Force Login bypass filter.
I recommend you hire a developer to help you customize this for you.
Thanks, good luck!
Forum: Plugins
In reply to: [Force Login] Conflict with Force Login and The Events CalendarAs I said, Force Login uses the
template_redirecthook to process the redirect to the login screen before the page/post is loaded.There seems to be an issue with The Events Calendar plugin using that hook to set a redirect:
https://www.ads-software.com/support/topic/redirect-from-events-calendar-page-not-working/I recommend you reach out to their support about this issue.
@theeventscalendarThanks!
Forum: Plugins
In reply to: [Force Login] PDF file embedded on a bypassed page is blocked by Force LoginHi– thanks for using Force Login!
I’m not familiar with the PDF plugin you’re using, but I suspect that plugin is using an iFrame or some AJAX to load a different URL within your site which would also need to be bypassed in Force Login.
To be clear, I don’t believe you need to bypass the PDF file itself, but some other URL the plugin relies on to load the PDF embedded within your page.
I recommend you hire a developer to help you customize this for you.
If you find a solution to this conflict, please share it here in case others run into the same issue. Thanks!
- Use the