Exclude items from REST API Restriction

  • Resolved kuhakuneko

    (@kuhakuneko)


    1 month, 3 weeks ago

    Hello!

    I have an issue regarding the REST API restriction feature of solid security.

    I think it is very important that solid security is able to restrict accesses to REST API for users since it also protects from user enumeration et.c. but…

    In my case, that i run a woo-commerce store, it also blocks the “Price” “Stock” and “Search” sidebar widget filters that woo offers.

    Is there a way or a script that could exclude these filters from also being blocked? I know this is related to the blocking of REST API requests through solid security because when i choose to allow it through solid security, customers can use and see the filters just fine.

    Thanks!

Viewing 1 replies (of 1 total)
  • Plugin Support chandelierrr

    (@shanedelierrr)

    Hi @kuhakuneko,

    Apologies for the slow turnaround here!

    While there isn’t a built-in way to exclude specific WooCommerce endpoints from being restricted with the REST API restriction feature, it might be possible through a custom function.

    Solid Security’s REST API setting uses the rest_dispatch_request filter, which you can try to utilize to exclude your preferred endpoints. You’re going to want to add a callback with a higher priority to that filter and there, specify and allow the endpoints you’d want to exclude, while still letting Solid Security manage the broader restriction of REST API.

    Hope this helps!

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.