Support » Plugin: Contact Form 7 » REST API

  • Resolved fabianski

    (@fabianski)


    I currently disable the REST API for my entire site with this code.

    add_filter('rest_authentication_errors', 'wp_disable_rest_api', 20);
    
    function wp_disable_rest_api($result) {
    	if(!empty($result)) {
    		return $result;
    	}
    	else{
    		$disabled = false;
    
    		if(!current_user_can('manage_options')) {
    			$disabled = true;
    		}
    		elseif(!is_user_logged_in()) {
    			$disabled = true;
    		}
    	}
    	if($disabled) {
    		return new WP_Error('rest_authentication_error', __('DESABILITADO.'), array('status' => 401));
    	}
    	return $result;
    }

    But this causes the forms not to be sent and the contact form does not work anymore. I researched a bit and saw that after version 4.7 it is necessary to have the REST API enabled.

    Is there any way to add some bypass in this code to always allow the contact form to use this api? I am not a programmer, I have no knowledge for this and I did not find anything similar in google.

    I could re-use the old version but I have seen that there is a security breach in an old version (https://contactform7.com/2018/09/04/contact-form-7-504/), so this is already enough to avoid downgrade.

    Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.