Wednesday, October 12, 2022
HomeWordPress Developmentsafety - Securing REST API wp-json/wp/v2/customers endpoint

safety – Securing REST API wp-json/wp/v2/customers endpoint


I’m twiddling with the WP REST API to permit updating customers by a Javascript connector. I’m utilizing JWT plugin for this function.

The problem is that our Sucuri firewall is obstructing entry to wp-json/wp/v2/customers because the endpoint exposes customers information to malicious customers over the Web.

Our firewall might be configured to whitelist an IP handle or an IP vary, nonetheless, because the script (Google Apps Script) in not being run from our LAN however from Google Cloud, this setting is just about ineffective, as any script run within the Google Cloud could be entitled to make use of the endpoint.

One other firewall setting permits whitelisting a URL, which makes issues work, however this leaves the endpoint uncovered as defined within the linked article above.

Is there a approach defend the wp-json/wp/v2/customers REST API endpoint, as soon as that is uncovered to public?

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments