Support » Plugin: All In One WP Security & Firewall » Fix WordPress Error Accessing author info via REST API is forbidden

Viewing 14 replies - 1 through 14 (of 14 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, thank you for reporting this.

    I have submitted a message to the developers to investigate further these findings.

    Thank you

    pls update the plugin
    I use All in one Security and I have a lot of errors Accessing author info via REST API is forbidden

    Plugin Author wpsolutions

    (@wpsolutions)

    Hi @mizfa,
    As a temporary workaround please uncheck the “Disable Users Enumeration” feature for now.

    garikaib

    (@garikaib)

    I wanted to know if there is an update on this.I somehow missed this and only discovered the mess after visiting my Google Console.

    I too would like to know if there is a fix for this. I’ve turned off “Disable Users Enumeration” as temporary fix.

    Plugin Author wpsolutions

    (@wpsolutions)

    Hi,
    No I haven’t had a chance to look at this yet because there were other fixes and improvements I had to do for the last release.
    I will try and fix this for the next release.

    Just to confirm – can you please provide an example of a URL scenario which is being incorrectly blocked by this feature?

    An example connection would be this.

    curl –header “Authorization: Basic xxxxxxxxxxx” https://mydomain.com/wp-json/wp/v2/users

    Plugin Author wpsolutions

    (@wpsolutions)

    Ok thanks.
    I will implement some code which, when that feature is enabled, will only allow requests to the REST API which have been successfully authenticated.

    @wpsolutions Any progress on this?

    • This reply was modified 1 month, 2 weeks ago by  Wasca.
    Plugin Author wpsolutions

    (@wpsolutions)

    Yes. Please contact me (see my profile) and you can verify the fix I have implemented.

    @wpsolutions Email sent from your website.

    Plugin Author wpsolutions

    (@wpsolutions)

    Hi @wasca,
    Please let me know if the new improved solution works for you.
    As stated in my email I have tested this myself and it works well but it would be good to get your independent verification.

    Hello @wpsolutions – I encountered this issue today with a basic blog URL (not user-related) but it was zipped by twitter. Has this fix been released to the latest plugin version? If not, is there a fix I can implement as well?

    Plugin Author wpsolutions

    (@wpsolutions)

    Hi @funnychord,
    The solution has been successfully implemented and verified and you should see it in the next release which is coming within the next day or two.

Viewing 14 replies - 1 through 14 (of 14 total)
  • You must be logged in to reply to this topic.