Wordfence Use

  • Resolved audept

    (@audept)


    3 years, 3 months ago

    Wordfence Central utilizes the rest API and requires the following IPs to be opened up…I have the ability to easily update the plugin php code page…but how to do it?

    The ips are:
    54.68.32.247
    44.235.211.232
    54.71.203.174

    I think that it can be incorporated here somehow?
    ————————————————–
    function v_forcelogin_rest_access( $result ) {
    if ( null === $result && ! is_user_logged_in() ) {
    return new WP_Error( ‘rest_unauthorized’, __( ‘Only authenticated users can access the REST API.’, ‘wp-force-login’ ), array( ‘status’ => rest_authorization_required_code() ) );
    }
    return $result;
    }
    add_filter( ‘rest_authentication_errors’, ‘v_forcelogin_rest_access’, 99 );
    ————————————————-

    But I am also willing to use a more global whitelisting code edits if needed.

    Any help appreciated here, thanks audept

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter audept

    (@audept)

    Ok, to help others this is what I did with the rest api code and it seems to be working…if I have done something bad please let me know..?..

    ———————————————————————–

    function v_forcelogin_rest_access( $result ) {
    if ( null === $result && ! is_user_logged_in() ){ $allow = array(“54.68.32.247″,”44.235.211.232″,”54.71.203.174”); //allowed IPs

    if(in_array($_SERVER[‘REMOTE_ADDR’], $allow) || in_array($_SERVER[“HTTP_X_FORWARDED_FOR”], $allow) || in_array($_SERVER[“HTTP_CLIENT_IP”], $allow)) { return $result; }
    return new WP_Error( ‘rest_unauthorized’, __( ‘Only authenticated users can access the REST API.’, ‘wp-force-login’ ), array( ‘status’ => rest_authorization_required_code() ) );
    }
    return $result;

    }
    add_filter( ‘rest_authentication_errors’, ‘v_forcelogin_rest_access’, 99 );
    ————————————————————————-

    Having Added this snippet to the original above….

    { $allow = array(“54.68.32.247″,”44.235.211.232″,”54.71.203.174”); //allowed IPs

    if(in_array($_SERVER[‘REMOTE_ADDR’], $allow) || in_array($_SERVER[“HTTP_X_FORWARDED_FOR”], $allow) || in_array($_SERVER[“HTTP_CLIENT_IP”], $allow)) { return $result; }

    Plugin Author Kevin Vess

    (@kevinvess)

    Hi, thanks for using Force Login!

    Thanks for sharing your solution. However, I don’t recommend you alter the source plugin code–?as it will be lost/replaced when the plugin is updated with the next released version.

    Instead, use the same rest_authentication_errors hook to add your own condition to allow access from those IP addresses before Force Login restricts it. Add this to your theme’s functions.php file or as a new plugin. For example:

    /**
 * Allow REST API for the specified IP addresses
 *
 * @param WP_Error|null|bool $result WP_Error if authentication error, null if authentication method wasn't used, true if authentication succeeded.
 *
 * @return WP_Error|null|bool
 */
function my_rest_authentication( $result ) {
    // allowed IPs
    $allow = array( '54.68.32.247', '44.235.211.232', '54.71.203.174' );

    if ( null === $result && in_array( $_SERVER[‘REMOTE_ADDR’], $allow ) || in_array( $_SERVER[“HTTP_X_FORWARDED_FOR”], $allow ) || in_array( $_SERVER[“HTTP_CLIENT_IP”], $allow ) ) {
        $result = true;
    }
    return $result;
}
add_filter( 'rest_authentication_errors', 'my_rest_authentication' );
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Wordfence Use’ is closed to new replies.