I have a problem with the WooCommerce checkout page if I protect my wp-admin folder with a dedicated .htaccess file like this :
<FilesMatch ".*"> Order Deny,Allow Deny from all Allow from x.x.x.x Allow from y.y.y.y </FilesMatch>
If this protection is set, any access to the website from an ip that is not x or y is broken: the bottom part of the checkout page (the various totals, shipping, etc.) freeze in an AJAX style : there is a white layer above this part of the page with a "loading" circle "circling".
In my chrome developer's tool, I have the following error:
POST *URL*/wp-admin/admin-ajax.php 403 (Forbidden) ?f=wp-includes/js/jquery/jquery.js,wp-includes/js/jquery/jquery-migrate.min.js:3
So I understand that if my .htaccess is set, a POST request from any IP address (except x or y) will fail as it demands access to a file in wp-admin (is this normal ?).
My question is:
as it is quite often recommended to protect wp-admin with an .htaccess file that prevents access to all but the admin IPs, how can I protect this directory whitout making the woocommerce checkout page brake ?