• Resolved korynorthrop

    (@korynorthrop)



    I have successfully installed the Sucuri WordPress plugin on two of my three websites, but am struggling to get the API key (received via email) to save when manually entering on the third site.

    After clicking “Manual Activation” and pasting in the API key from the email, it processes, but reloads the settings screen with the red “API Key: (not set)” alert displayed. I contacted Sucuri support and they sent me a new API key associated with a unique email address not used by the other two websites, but the same issue is still happening.

    Kind regards,
    Kory

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author yorman

    (@yorman)

    It’s quite possible that the web API service is rejecting the keys.

    Please contact support once again and ask them to confirm that the key is allowed to authenticate with the remote service. Even if the key is valid, the server where the service is running may be rejecting it for unknown reasons to me. I would check this for you, but I do not have access to that server for security reasons.

    This is occuring to me on a newly installed WordPress on an entirly new site.
    I check the box to agree to terms of service and it produces this message:
    “SUCURI: You must accept the Terms of Service in order to request an API key.”
    I have done this 5 times with the same result.

    This was no problem on the site I set up before the latest upgrade to the plugin where there was no request to agree to terms of service checkbox. API Key generated with no problem.

    UPDATE: One has to check the box agreeing to send email and logs also, then it will generate the API key.

    Why this extra agreement?

    • This reply was modified 6 months, 3 weeks ago by  neotechnomad.
    Plugin Author ycampo

    (@ycampo)

    Storing a copy of the audit logs off-site is the main purpose of activating the API key. These logs can be recovered by using the email address in case the local logs are modified by an attacker.

    Our goal is to add transparency about what would be transmitted using the generated API Key. However, I can see how the wording might be a bit confusing, so we’ll change it for the next update. Thanks for the feedback!

    Ah, I understand now. Thanks for the explanation. 🙂

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘API Key won’t save’ is closed to new replies.