After activating Cloudflare on my WordPress site (hosted by wpengine), I can no longer update custom post types using the latest editor (Gutenberg).
WordPress relies on the REST API to update these, and Cloudflare routes these requests to a security check.
I’ve tried the following:
- enabling development mode
- purging the entire cache, purging the specific endpoints I’m trying to bypass
- adding page rules to these endpoints (
https://mydomain.com/wp-json/wp/v2/) that disable the security check, lower the security level to essentially none, disable apps
- installing the cloudflare for wordpress plugin and using the recommended settings there
Any ideas on what I can do to use Cloudflare and still have access to updating my content?