Using wordpress Rest API for getting blogpost on my website.

  • Resolved solidcash9

    (@solidcash9)


    6 years ago

    Dear Support,
    My website will is developed with custom PHP, and for the news, we are using WordPress.

    As I read along how to fetch blog content to display on my site pages out of WordPress, I will be able to use WORDPRESS REST API.

    I read a lot of risks using this method and how do I protect it?

    As being mentioned about whitelist IP is that the best way? (Is it possible if our site is running on cloudflare).

    Or can you give your best advice for it.

    Thank you.

Viewing 1 replies (of 1 total)
  • wfdave

    (@wfdave)

    6 years ago

    Hi @solidcash9,

    If you’re developing a custom API that will only be used internally, what you can do is whitelist your IP address so that only you can access it.

    So at the top of your code, you could have:

    if ($_SERVER['REMOTE_ADDR'] != '1.2.3.4') {
    echo 'Not authorized';
    exit;
}

    Other than that, Wordfence will protect you against XSS, SQL injections, directory traversals, however if you want to fully hide your API from the public, adding that snippet to your code should do the trick.

    Dave

Viewing 1 replies (of 1 total)

The topic ‘Using wordpress Rest API for getting blogpost on my website.’ is closed to new replies.

  • 1 reply
  • 2 participants
  • Last reply from: wfdave
  • Last activity: 6 years ago
  • Status: resolved