WAF - Wordpress wp-json/

hey there,

i read a lot but didnt found an answer.

i have problems with gutenberg editor editing widgets & poste - i got the error message: "not a valid json response (403)

figured out in WAF that is blocked by WAF Rule 100173 XSS, HTML Injection - Script Tag blocking

i now included a bypass WAP rule to all

  • post queries
  • cookie wordpress login user
  • country

but dont feel save here. has anyone an idea how to deal with that the best, especially since its for logged in users… (but dont habe fixed IP / user agents etc).


rule surely also includes /wo-json/ URI Path :slight_smile:

and its working correctly (but i am afraid that i get attacks)

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.