Wordpress REST API disabled 401

#1

Hello,

I’m having trouble updating my website using the Live Composer. Google Developer tools says that the wp-json API is disabled (blocked?)

How do I resolve this issue? I disabled both of these cloudflare firewall settings

WP0025A Disabled
WP0025B Disabled

General
Request URL: https://www.mywebsite.net/wp-json/wp/v2/
Request Method: GET
Status Code: 401 
Remote Address: [XXXXX]:443
Referrer Policy: no-referrer-when-downgrade

Response Header
access-control-allow-headers: Authorization, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: MISS
cf-ray: 49c7e2019c2aae63-KIX
content-type: application/json; charset=UTF-8
date: Mon, 21 Jan 2019 06:56:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.mywebsite.net/wp-json/>; rel="https://api.w.org/"
server: cloudflare
status: 401
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex

Request Headers
:authority: www.mywebsite.net
:method: GET
:path: /wp-json/wp/v2/
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: en-GB,en;q=0.9,ja-JP;q=0.8,ja;q=0.7,en-US;q=0.6
cache-control: max-age=0
cookie: __stripe_mid=f204d81d-2eb4-42d3-bebc-5eac7e48f6fd; tu_campaign_6285=a%3A1%3A%7Bs%3A10%3A%22start_date%22%3Ba%3A2%3A%7Bs%3A4%3A%22date%22%3Bs%3A16%3A%2213+November+2018%22%3Bs%3A4%3A%22time%22%3Bs%3A8%3A%2212%3A59%3A00%22%3B%7D%7D; tu_campaign_impression_6285=2018-11-13+13%3A10%3A10; __distillery=6394fe7_bc59921e-a4c4-4773-ba5c-570ad4a54f30-20b74a8dd-6908a4c3d248-bedc; tu_campaign_6768=a%3A1%3A%7Bs%3A10%3A%22start_date%22%3Ba%3A2%3A%7Bs%3A4%3A%22date%22%3Bs%3A15%3A%2216+January+2019%22%3Bs%3A4%3A%22time%22%3Bs%3A8%3A%2220%3A18%3A00%22%3B%7D%7D; _ga=GA1.2.1687629782.1547775150; _pk_id.1.d348=d26e38af1a73501c.1547775151.1.1547777429.1547775151.; __cfduid=d981b02c428c0edc23c314291b6d698af1547883373; PHPSESSID=tkuljlueh3t40bqsvdqufqebs6; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_1bf247a58a191249d22ae03195cf5bb2=admin%7C1548078387%7CPOdy5DmdgIgaUXuxtIuvMwDBH0kxRQjuuWK6VoIaOqD%7C8edf4d4b1601ddf4464b7068799c2f7f26430d8b9966f44c80236a3a89517478; wp-settings-1=editor%3Dtinymce%26libraryContent%3Dbrowse%26imgsize%3Dfull%26advImgDetails%3Dshow%26urlbutton%3Dnone%26align%3Dcenter%26hidetb%3D1; wp-settings-time-1=1547986436; JCS_INENTIM=1548051310423; _wpss_p_=N%3A3%20%7C%20WzFdW0Nocm9tZSBQREYgUGx1Z2luXSBbMl1bQ2hyb21lIFBERiBWaWV3ZXJdIFszXVtOYXRpdmUgQ2xpZW50XSA%3D; JCS_INENREF=https%3A//www.mywebsite.net/wp-admin/admin.php%3Fpage%3Dlivecomposer_editor%26page_id%3D17; _wpss_h_=1
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
#2

Any help?

I still cant edit my blog page using live composer because of this issue.

I’m guessing its because of my page rules, how do I cache everything BUT the wp-rest?

Request URL: https://www.mywebsite.net/wp-json/wp/v2/
Request Method: GET
Status Code: 401
Remote Address: xxx.xx.xx.xx:xxx
Referrer Policy: no-referrer-when-downgrade
access-control-allow-headers: Authorization, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: MISS
cf-ray: 4a2a7ff0cf6da5c6-NRT
content-type: application/json; charset=UTF-8
date: Sat, 02 Feb 2019 06:11:22 GMT
expect-ct: max-age=604800, report-uri=“https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: https://www.mywebsite.net/wp-json/; rel=“https://api.w.org/
server: cloudflare
status: 401
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex
:authority: www.mywebsite.net
:method: GET
:path: /wp-json/wp/v2/
:scheme: https
accept: application/json, text/javascript, /; q=0.01
accept-encoding: gzip, deflate, br
accept-language: en-GB,en;q=0.9,ja-JP;q=0.8,ja;q=0.7,en-US;q=0.6
cookie: __stripe_mid=f204d81d-2eb4-42d3-bebc-5eac7e48f6fd; tu_campaign_6285=a%3A1%3A%7Bs%3A10%3A%22start_date%22%3Ba%3A2%3A%7Bs%3A4%3A%22date%22%3Bs%3A16%3A%2213+November+2018%22%3Bs%3A4%3A%22time%22%3Bs%3A8%3A%2212%3A59%3A00%22%3B%7D%7D; tu_campaign_impression_6285=2018-11-13+13%3A10%3A10; __distillery=6394fe7_bc59921e-a4c4-4773-ba5c-570ad4a54f30-20b74a8dd-6908a4c3d248-bedc; tu_campaign_6768=a%3A1%3A%7Bs%3A10%3A%22start_date%22%3Ba%3A2%3A%7Bs%3A4%3A%22date%22%3Bs%3A15%3A%2216+January+2019%22%3Bs%3A4%3A%22time%22%3Bs%3A8%3A%2220%3A18%3A00%22%3B%7D%7D; _ga=GA1.2.1687629782.1547775150; _pk_id.1.d348=d26e38af1a73501c.1547775151.1.1547777429.1547775151.; __cfduid=d981b02c428c0edc23c314291b6d698af1547883373; PHPSESSID=iu96evhctlp02iac7ls8nvbgv5; wordpress_test_cookie=WP+Cookie+check; pll_language=en; wp-settings-1=editor%3Dtinymce%26libraryContent%3Dbrowse%26imgsize%3Dfull%26advImgDetails%3Dshow%26urlbutton%3Dnone%26align%3Dcenter%26hidetb%3D1; wp-settings-time-1=1548998548; wordpress_logged_in_1bf247a58a191249d22ae03195cf5bb2=admin%7C1549171590%7CkQQsnzLEs68VAecXuNTPUvR64t0aZ3wqkDV4XDbzHNE%7C046ca891234a19161e316e5ae5ddd2ec533133f5a29b2412df633485604eed83; JCS_INENTIM=1549086026573; wpss_p=N%3A3%20%7C%20WzFdW0Nocm9tZSBQREYgUGx1Z2luXSBbMl1bQ2hyb21lIFBERiBWaWV3ZXJdIFszXVtOYXRpdmUgQ2xpZW50XSA%3D; ezTOC_hidetoc=1; JCS_INENREF=https%3A//www.mywebsite.net/wp-admin/admin.php%3Fpage%3Dlivecomposer_editor%26page_id%3D5613%26preview_id%3D6325; wpss_h=1
dnt: 1
referer: https://www.mywebsite.net/myblogpost
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
x-requested-with: XMLHttpRequest

image
image.png976×318 17.6 KB

#3

The page rules I have set for my WordPress site are:

/wp-admin* Cache Level: Bypass etc
/wp-json* Cache Level: Bypass etc
/* Cache Level: Cache Everything etc

As for the /preview=true rule, it only affects pages generated by the Preview button, and you can instead always open a new window/tab when view a preview to avoid caching problems. Also you should include a similar rule on your WP caching plugin (WP Super Cache etc)

#4

Thank you for your reply.

I feel like such a jack ass, I had W3 Total Cache set to “Disable Rest API”. :sob:

closed #5

This topic was automatically closed after 14 days. New replies are no longer allowed.