When someone visits a page on your site, Independent Analytics makes a single REST-API request that records the visit. Without the ability to use the REST-API, it cannot record any data.
If your site is currently blocking the REST API, you have to re-enable it now, or Independent Analytics will not be able to record stats.
Once the REST API has been re-enabled on your site, you can use one of the two solutions below to block the REST API while whitelisting the route Independent Analytics uses. This gives you the full security of locking down the REST API while still allowing Independent Analytics to function
Use the Disable REST API plugin
The first solution is to use the excellent Disable REST API plugin.
Once you activate the Disable REST API plugin, you’ll find a new menu at Settings > Disable REST API. In this menu, you can click on the /iawp route to enable it, and then save your changes.
This will ensure that the /iawp route can be triggered by your visitors while locking down all other routes.
If any of your other plugins depend on the REST API, make sure to enable their routes too.
Disabling the REST API without a plugin
If you’d prefer to add a code snippet to your site instead of installing a new plugin, you can use the following function:
function block_rest_api_except_ia( $access ) {
if (!is_user_logged_in() && $_SERVER['REQUEST_URI'] != '/wp-json/iawp/search') {
return new WP_Error( 'rest_disabled', __('The WordPress REST API has been disabled.'), array( 'status' => rest_authorization_required_code()));
}
return $access;
}
add_filter( 'rest_authentication_errors', 'block_rest_api_except_ia' );
This code will disable the REST API for anyone who isn’t logged-in unless the request is for the Independent Analytics end point. This allows your analytics to be recorded without exposing any other endpoints.
Learn how to use Independent Analytics in bite-sized email lessons delivered every 1-3 days.
Signup Here