Support » Plugin: Wordfence Security - Firewall & Malware Scan » Suppressed the automatic HTTP referer added by WordPress for API calls

  • Resolved Ambyomoron

    (@josiah-s-carberry)


    In ver. 6.3.10, the release notes say, “Suppressed the automatic HTTP referer added by WordPress for API calls to reduce overall bandwidth usage.”

    I install plugins in a test environment and test them before installing in production. But this change is completely opaque to me so I do not know what to test. Can someone explain what, precisely, has been suppressed?

Viewing 1 replies (of 1 total)
  • Plugin Author wfryan

    (@wfryan)

    In every HTTP call made by one of WordPress’s functions (e.g., wp_remote_post), it automatically sets the HTTP Referer header to the URL being requested. This includes every call we make back to our own servers. We don’t need it, and it’s just a waste of bandwidth, so we’re now suppressing that header for those calls and only those. All other internal HTTP calls made by WordPress itself or other plugins are not affected.

Viewing 1 replies (of 1 total)
  • The topic ‘Suppressed the automatic HTTP referer added by WordPress for API calls’ is closed to new replies.