Blocking Product Update Requests
-
Hi,
First of all thank you for making an awesome plugin.
So I have a WooCommerce website and I’m using another SaaS called ShopMaster to keep track of and sell products from Aliexpress. And Shopmaster connects to my WooCommerce store over REST API (I’ve pasted my consumer key and consumer secret over on ShopMaster).
For example, I can change product descriptions on ShopMaster, or ShopMaster can automatically update product stock and this will be synchronized to my WooCommerce store.
However, I just encountered a problem where the NinjaFireWall blocks the requests coming from my ShopMaster account.
Here is an example log (I’ve sanitized the originating IP and my domain):
15/Sep/20 06:21:59 #8240697 CRITICAL 111 170.106.XXX.XX PUT /index.php - Cross-site scripting - [RAW:PUT = {"id":"4980","status":"publish","description":"<html> <head></head> <body> <section class=\"section no-side-padding\" id=\"section_1186951536\"> <div class=\"bg section-bg fill bg-fill...] - www.mywebsite.comI was not having this type of problem before and I could update my products so I’m not quite sure why these are now being blocked.
Could you please guide me on how I could allow all changes from my ShopMaster API calls?
Thank you again,
Kagan
-
There must be an HTML/JS event in the code and it triggers the detection.
You can either:
-Disable rule #111 from the “Security Rules > Rules Editor” page.
Or:
-Whitelist the client’s IP address using the .htninja script. There’re a few examples in this post: https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/
- The topic ‘Blocking Product Update Requests’ is closed to new replies.
