• Hi!

    Tried today activate latest plugin with free cloudflare account on subdomain with my WordPress website (separate wordpress installation on main site and subdomain)
    Stuck with error:

    Email address or API key invalid

    API Token is correct, checked it with curl.

    also checked with another account and another website’s subdomain

    same error for API token

    But if i create global api key – all worked.
    But i don’t like global api key for subdomain and main domain – its unsecure.

    Definitely bug for API token and subdomain.
    Or maybe i missed something from FAQ or documentation.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Agreed, in testing this evening the request sent by WP to the Cloudflare API seems to contain the site URL hostname. The problem with this is the API call to the zones endpoint looks then like this:

    https://api.cloudflare.com/client/v4/zones/?name=appname.domain.tld

    I’m fairly certain unless you have a sub-domain zone, this request will fail to find the actual zone.

    As far as I can tell this occurs in line 95 of AbstractPluginActions.php in the login() function. When I used the global API key it seemed like it properly detected the right domain, but perhaps an additional check could be added to try again but after popping off the hostname portion of the value. Or allow it to be specified.

    A workaround could be to perform a manual edit of this file to hard code the zone name. I performed this with our zone’s name and it allowed it to progress to the next step.

    I also can’t currently use global API keys for security reasons.

    I had opened case 2002281 with Cloudflare Support, I’ll update them with this information as well.

    this is being tracked here: https://github.com/cloudflare/Cloudflare-WordPress/issues/316 as joshbeci raised.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Error adding subdomain’ is closed to new replies.