I have a multisite wordpress installation on aws linux, working perfectly fine. The WP Rest api is also working exactly as it should. Except for one single case.
/wp-json/wp/v2/posts?author=<some int>
For everything else, including my custom endpoints, and custom params/fields added to the api, it works perfectly. But the moment i add the author part, it returns 404 on all sites. eg:
/wp-json/wp/v2/posts?author_exclude=1 //this works
/wp-json/wp/v2/posts?page=2 // this also works
/wp-json/wp/v2/posts?page=2&author=abc // this also works and returns invalid author
/wp-json/wp/v2/posts?page=2&author=1 // this returns 404 page not found
From some of the other similar questions, I found that this issue could be due to permalinks, but I am using custom permalinks
sitename/%year%/%monthnum%/%day%/%author%/%category%/%postname%/
I have tried changing the permalink to no effect. Another solution I found is to change all the deny
to allow
in htaccess. I am not well-versed in htaccess, so i have not modified it for fear of causing some security issues.
As for other related info, I am also using jwt and disable rest api plugin(with only jwt endpoints enabled).
Any help would be appreciated, please.
1 Answer
I’m facing the same problem with a Multisite running Wordfence and JWT. I’m not sure if the solution here works for your case…
The following doesn’t work, it gives a 404 response. If we remove data.author
it works without problem.
jQuery.ajax({
url: 'https://example.com/wp-json/wp/v2/posts',
method: 'POST',
crossDomain: true,
dataType: 'json',
data: { 'author':'1', 'title':'Hello world', 'content':'lorem ipsum', 'status':'publish' },
beforeSend: function ( xhr ) {
xhr.setRequestHeader( 'Authorization', 'Bearer <token>' );
},
success: function( data, txtStatus, xhr ) {
console.log( xhr.status, data );
}
});
This does work but I don’t know why:
fetch( 'https://example.com/wp-json/wp/v2/posts', {
method: 'POST',
body: JSON.stringify( {
author: '1',
content: 'lorem ipsum',
title: 'Nice, it works!',
status: 'publish'
} ),
headers: {
'Content-Type': 'application/json',
Authorization: 'Bearer <token>'
}
} )
.then( res => res.json() )
.then( res => console.log( res ) );
I had three issues with Wordfence:
- I couldn’t make application passwords work;
- if we have 2FA enabled, authentication doesn’t work;
I solved both above using an Editor user without 2FA nor app password; - finally, not being able to set the author that brought me to this question.