Support » Plugin: Solid Security – Password, Two Factor Authentication, and Brute Force Protection » REST API: Allow access to specific namespace?

  • I like to use iThemes Security. Ensure my website better security, I block REST API (wp-json) from unauthorized access. But some plugins need to access REST API to work properly.

    I checked the documentation and the settings page of the plugin but couldn’t find anything related. This might not even be possible with the current version of the plugin.

    Is there any way (filter hook?) to allow access to a specific namespace while keeping REST API blocked from unauthorized access?

    • This topic was modified 3 years, 11 months ago by Selim Ahmed.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • First read this.

    To prevent any confusion, I’m not iThemes.

    Thread Starter Selim Ahmed

    (@aronno1920)

    I note the article was last updated on December 27, 2016. They wrote “We felt that offering an option to restrict access to all of the information while still allowing the REST API to function was the best option for us and our users. and So in the next release of iThemes Security, we’ll be removing the option to disable the REST API and instead offer a single, recommended option that restricts access to potentially private data to either require a user or a user with specific privileges.

    But still, there is no anyway to allow access to a specific namespace while keeping REST API blocked from unauthorized access. When I block the REST API, it is blocked for others.

    Nope.

    The feature only restricts requests that extend beyond the wp/v2 endpoint like:

    • comments
    • statuses
    • types
    • taxonomies
    • users

    Any other request, defaults to doing nothing.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘REST API: Allow access to specific namespace?’ is closed to new replies.