martijnschuman

Alright so I’m stupid. So I created this site and I saw a video online where someone explained how to improve WP security by using different filers in the function.php file. So my dump *** just copied the 155 rows of code without actually looking at the code.

This function was all the way at the top. It literally says “Disable wp-json access if not logged in (/wp-json/wp/v2/users)”. So this line of code was the problem. I deleted the row and tested it on 3 different systems and ip addresses and it’s working as it should.

// ******************** Security Start ********************** //
function fn_improve_security() {
    add_filter( 'xmlrpc_enabled', '__return_false' ); // Disable XMLRPC
    add_filter( 'rest_authentication_errors', 'fn_disable_rest_api' ); // Disable wp-json access if not logged in (/wp-json/wp/v2/users)
}
add_action( 'after_setup_theme', 'fn_improve_security' );

Thank you really much @codekraft for your help and the suggestion for looking in the functions.php file. Apparently I during development I only tested the contact form while logged in.
As for @tastler I suggest looking in your functions.php file for any function like the above one.

I tryed whitelisting ct7 from that plugin but it’s still not working. And I think we had a miscommunication, I don’t want the API access to be denyed. Oh and I’m running wp 5.8

• This reply was modified 3 years, 7 months ago by martijnschuman.

I tried it but it’s still not working, I’m now looking at another plugin as an alternative.

Thank you for your response,

I tryed looking for a setting where I can whitelist the cf7 path but I can’t find in option. I have the following plugins installed:

• Advanced Custom Fields
• All In One WP Security
• Contact Form 7
• Contact Form CFDB7
• Redirection for Contact Form 7
• Duplicator
• FileBird Lite
• classic editor
• Perfect Brands for WooCommerce
• Redirection
• Site Kit by Google
• UpdraftPlus – Backup/Restore
• User Role Editor
• Woo Custom Stock Status
• WooCommerce
• WooCommerce Google Analytics Integration
• WP Fastest Cache
• Yoast SEO

At first I thought that WP Fastest Cache was the problem but even afte deleteing all of the cache and disabling the plugin it still doen’t work. I looked in the settings of All In One WP Security and there’s a setting that says “Do not allow unauthorized REST requests: check this if you want to stop REST API access for requests not logged in” that box isn’t checked so this doesn’t have any effect.

Hi,

Thanks for your response. Unfortunately not, the website is still in development so I only have it on localhost right now.

Hi Iulia,

Thanks for your response. This was exactly what I needed.

Regards,
Martijn

Hey @senff,

Thank you so much for your reply. I tried both of the plugins you suggested and Advanced Custom Fields did exactly what I needed. I totally forgot another thing that I could have done which is just adding a custom HTML table in the product description. Well it doesn’t matter anymore, since this plugin does everything that I need and some more.

So thanks for that and have a great day!

• This reply was modified 4 years, 2 months ago by martijnschuman.

Hi,
Thanks for your replay, I don’t quite see how this plugin will help me with the stock export.