tezalsec

Exactly. I would definitely also add the ip address and url query params as added options. Not necessarily for the big services, but it is a nice way to allow for safe communication between self-managed servers, or business to business data exchange.

Something like this should be in core, IMO. Like managing ports on a server. Only open what is needed (under controlled conditions), and keep the rest closed. Just allowing it all open with WP-json is bad for security, privacy and resources.

Weird about the link, yesterday it was an actual article, now it is redirected.

Good luck, and thanks for your plugin(s).

• This reply was modified 4 years, 1 month ago by tezalsec.

I worked on some of it in the past, outside of the WP environment, but have no code laying around. I assume it would not have to go deep into the API architecture.

All you need to do, I guess, is make whitelists that accepts exceptions to your existing disabling code.

Like in this url:

https://yoursite.com/wp-json/wp/v2/service?token=regrth57u56guyc3fretwg4t3432@3ttc3t3tw

The variable elements here are ‘service’, which could be any API service, like Zapier, and the token. The url woudl be parsed before rendering if it connects to wp-json. You could make it so that only the combination of a specific service slug (and thus endpoint) and the token parameter is allowed access to the wp-json. You could make an option to make this more tight by whitelisting static IP adresses. And even more tight, to whitelist certain url parameters, used for querying the endpoint.

This gives an idea, not for this addition, but in general for creating ones own API plugin: https://webdesign.tutsplus.com/tutorials/how-to-use-the-wordpress-rest-api-a-practical-tutorial–cms-33566

And your plugin could be configured to whitelist the variable elements: endpoint url, token param, query url params and IP address. Individually, or combined.

• This reply was modified 4 years, 1 month ago by tezalsec.
• This reply was modified 4 years, 1 month ago by tezalsec.

Thinking of another cool addition. Keep API site-wide disabled, but offer whitelist with specific endpoints in combination with supplied url tokens. This way people could use API services without exposing everything.

• This reply was modified 4 years, 1 month ago by tezalsec.

Nice hack, have been looking for a solution, this is it.

Applied, and looking forward to the next plugin update.

Thanks both.

Hi, thanks, these were the settings I already had.

However, it seems it is resolved now by disabling another plugin called clearfy, which was causing more trouble. There are no more errors now.

Although Elementor does not allow the Async plugin to be set to async, it has to be defer.

Have a nice zondag ??

Hi, where did I say this is about the pro version? ?? It is about the free version, I made 2 references to that in the comments before.

Just hoping for some pointers. Thanks.

Ok, I see what the problem is now.

It DOES get fired into the translation. But taking a closer look at the string translations page, Bookly plugin apparently just dumped all the dutch strings into the english strings, so when switching language it just shows dutch strings in both scenarios.

And on the string translations page it is suggesting me to translate these into the dutch string using english words… A mixup that should be reverted.

How do I correct this? Is there a reset option to this?

Hi,

I should say I am not yet a paying customer, and unfortunately I can not give access to the website admin panel.

I am seriously considering buying it shortly. Are there any pointers you can give me to what fires the translation of the bookly form?

Should it just work, when having placed the following shortcode in the editor: [bookly-form staff_member_id=”1″] , and using the WPML language switcher?

I tested it outside of Elementor, and it is the same, so it is not caused by Elementor.

Thank you for any help you can give me.

Never mind, I got it solved.

I did not realize before that Elementor supports displaying lists of custom post types, but it does. And with its query options and translation support, I don’t need this plugin anymore.

Thanks anyway!

• This reply was modified 4 years, 1 month ago by tezalsec.

Having same problem.

Elementor 3.0.16
Autoptimize 2.8.1

Ticking autoptimize admin setting did not help.
Jquery migrate helper dit not help.

Easiest solution for now:
just choose ‘edit page’ instead, and from there press ‘elementor edit’ button

• This reply was modified 4 years, 1 month ago by tezalsec.

Thanks for this, trying to remove “You’ll receive your tickets in another email.”, but it did not work for me. The snippets in the following urls did not either:

https://theeventscalendar.com/knowledgebase/k/disable-the-ticket-email/

https://theeventscalendar.com/support/forums/topic/how-to-change-youll-receive-your-tickets-in-another-email-from-order-email/

• This reply was modified 4 years, 2 months ago by tezalsec.
• This reply was modified 4 years, 2 months ago by tezalsec.

Assuming there will be no follow-up on this, considering I won’t do paid support. I’ll do a 2 star review, not 1 star because of the attempt to reproduce it. Will change it to 5 star once solved.. if ever.

For now, to circumvent this bug, I’ll just dump the whole css content of tickets.min.css into another theme css file. Not very clean, but it works.

In my site tickets.min.css is loading fine without Clearfy.

Your support form only allows pro users to submit. I am not an pro user. I did donate two years ago, though ??

Same here. Unsufficient instruction how to perform the test.

I can’t find the plugin settings page, there is no reference in the readme.txt either.

The page below suggests an existing settings page, but it is not found under “Plugins”.

Updating jQuery version shipped with WordPress

If you refer to the disabling of CSS/JS minification component within Clearfy, I do not have it activated.

Initially I mentioned the bug to the owner of the tickets plugin, and they say the loading of the css file happens through normal wordpress enqueueing procedure.

I don’t know what to do next, other than just disabling the clearfy plugin. If you mean with “You can write to our support team so that I can study this in more detail.” that you will not research this further unless I have a premium licence, then that would be disappointing.