How to whitelist the /wp-json/ API endpoints

Hi, we’re creating an app for a website, but we’re having issues with the API endpoints because of Cloudflare security. Does anyone know know how to whitelist the /wp-json/ API endpoints in the security so that we can get proper 200 response from the server? Thank you so much

You should be able to create a Firewall Rule similar to the following screenshot (notice the Contains, not Equals).

You can do that at this link:

As an aside, do you have Under Attack Mode or Super Bot Fight Mode enabled? If so I’d recommend you disable those (unless you are actively under attack) as they can cause other issues as well.

Hello @mcfadyeni , thank you for your help. I will make good use of this rule. Thank you very much

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.