| Server IP : 15.235.198.142 / Your IP : 216.73.216.126 Web Server : Apache/2.4.58 (Ubuntu) System : Linux ballsack 6.8.0-45-generic #45-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug 30 12:02:04 UTC 2024 x86_64 User : www-data ( 33) PHP Version : 8.3.6 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : OFF Directory : /var/www/rhodeworks/wp-content/plugins/really-simple-ssl/security/wordpress/ |
Upload File : |
<?php
defined('ABSPATH') or die();
/**
* @param $response
* @param $handler
* @param WP_REST_Request $request
* @return mixed|WP_Error
*
* Hook into REST API requests
*/
function authorize_rest_api_requests( $response, $handler, WP_REST_Request $request ) {
// allowed routes, whitelist option?
// $routes = array(
// '/wp/v2/csp etc',
// );
// Check if authorization header is set
if ( ! $request->get_header( 'authorization' ) ) {
return new WP_Error( 'authorization', 'Unauthorized access.', array( 'status' => 401 ) );
}
// if ( rsssl_get_networkwide_option('rsssl_restrict_rest_api') === 'restrict-roles' ) {
// Check for certain role and allowed route
if ( ! in_array( 'administrator', wp_get_current_user()->roles ) ) {
return new WP_Error( 'forbidden', 'Access forbidden.', array( 'status' => 403 ) );
}
// }
// if ( rsssl_get_networkwide_option('rsssl_restrict_rest_api') === 'logged-in-users' ) {
if ( ! is_user_logged_in() ) {
return new WP_Error( 'forbidden', 'Access forbidden to non-logged in users.', array( 'status' => 403 ) );
}
// }
// if ( rsssl_get_networkwide_option('rsssl_restrict_rest_api') === 'application-passwords' ) {
if ( ! is_user_logged_in() ) {
return new WP_Error( 'forbidden', 'Access forbidden to non-logged in users.', array( 'status' => 403 ) );
}
// }
return $response;
}
/**
* @return void
* Disable REST API
*/
function rsssl_disable_rest_api() {
add_filter('json_enabled', '__return_false');
add_filter('json_jsonp_enabled', '__return_false');
}
add_filter( 'rest_request_before_callbacks', 'authorize_rest_api_requests', 10, 3 );