Solving WordPress REST API issues¶
Some QUIC.cloud issues are actually due to a problem with the WordPress REST API. Examples of such issues:
- Error connecting to QUIC.cloud from LiteSpeed Cache.
- Error adding your domain's IP address to your dashboard's Settings > Server IP.
It possible to solve issues like this simply by making sure the REST API is active. If it is active, you may have third party plugins or security measures blocking access to it. Read on learn some strategies for diagnosing and solving your REST API problems.
Failed to Communicate¶
If your REST API is disabled, blocked, or otherwise inaccessible to QUIC.cloud, you'll see these error messages in your LiteSpeed Cache plugin:
Failed to communicate with QUIC.cloud server: Unknown error: unknown [server] https://wpapi.quic.cloud [service] tool/wp_rest_echo
and:
Your WP REST API seems blocked our QUIC.cloud server calls.
Some common reasons for a failure to communicate: - A WordPress optimization or security plugin, that offers the option to disable the REST API. - Strict security features enabled by your hosting provider. For example, ModSecurity rules may block requests to REST API. - A CDN or some other proxy service is obscuring the true IP address, leaving QUIC.cloud unable to authenticate.
Diagnose the Problem¶
To help you diagnose the problem, try the following steps, in order: - Make a Test Endpoint - Temporarily Disable ModSecurity - Enable Debug Log
Make a Test Endpoint¶
For troubleshooting purposes, you can add some code to your theme's functions.php
. It will create a test endpoint, which will give you more information that you can then act upon.
Add this code to your active theme's functions.php
, and when you have finished troubleshooting, be sure to remove it!
function ip_check_callback() {
if (defined('LSCWP_V')){
do_action( 'litespeed_control_set_nocache', 'nocache due to logged in' );
}
$data = array(
'remote_ip' => $_SERVER['REMOTE_ADDR'] ?? 'Null',
'x_forwarded_for' => $_SERVER['HTTP_X_FORWARDED_FOR'] ?? 'Null',
'proxy_remote_addr' => $_SERVER['PROXY_REMOTE_ADDR'] ?? 'Null'
);
return rest_ensure_response($data);
}
function register_ip_check_route() {
register_rest_route('lscwp', '/ip-check', array(
'methods' => 'GET',
'callback' => 'ip_check_callback'
));
}
add_action('rest_api_init', 'register_ip_check_route');
Once you've saved the code in functions.php
, log out of your site (or open an incognito window) and visit your URL with a ?rest_route=/lscwp/ip-check
query string appended, like so:
https://example.com/?rest_route=/lscwp/ip-check
If you see a 401
, 403
, or 404
response code, then your REST API is disabled, and you will need to re-enable it.
If you are still having a problem, leave this code in place, and try the next troubleshooting step: disabling ModSecurity.
Temporarily Disable ModSecurity¶
You can disable ModSecurity for troubleshooting purposes in LiteSpeed Web Server. Add the following code to .htaccess
:
<IfModule mod_security.c>
SecRuleEngine Off
SecRequestBodyAccess Off
</IfModule>
Once you've saved the code in .htaccess
, open an incognito window and visit:
https://example.com/?rest_route=/lscwp/ip-check
If this request does not result in a 200
response, remove the code from your .htaccess
, and look for another cause.
If it does result in a 200
response, then it is likely that REST API is being blocked by a specific ModSecurity rule. You may need to contact your hosting provider to get the ID of that rule. You can then replace the above code with this (assuming the rule ID is 1234567
) so that only the offending rule is blocked:
<IfModule mod_security.c>
SecRuleRemoveById 1234567
</IfModule>
Run the following again, and examine the output:
https://example.com/?rest_route=/lscwp/ip-check
You will see different output if your site is 1. not running behind a proxy, 2. running behind any proxy or CDN, or 3. the request IP was not properly detected
Not running behind a proxy¶
If your site is not running behind proxy , then you should see something like the following in the output:
{
"remote_ip": "192.0.2.0",
"x_forwarded_for": "Null",
"proxy_remote_addr": "Null"
}
The last two values will be Null
. If you do not see any signs of running behind a proxy, then you can proceed to the next step.
Running behind any proxy or CDN¶
If your site is running behind any proxy or CDN, you should see something like the following:
{
"remote_ip": "192.0.2.0",
"x_forwarded_for": "192.0.2.0, 192.0.2.22",
"proxy_remote_addr": "192.0.2.22"
}
The remote_ip
shown (in this example, 192.0.2.0
) should match your IP address when you access this page. You can verify your IP by using the What's My IP tool.
Request IP not detected¶
If remote_ip
doesn't match your IP, or the output is showing the same IP for remote_ip
and proxy_remote_addr
, like so, then it means PHP failed to detect the request IP properly:
{
"remote_ip": "192.0.2.22",
"x_forwarded_for": "192.0.2.0, 192.0.2.22",
"proxy_remote_addr": "192.0.2.22"
}
You may be able to fix this by updating the client IP detection solution for your web server.
In LiteSpeed Web Server and OpenLiteSpeed, navigate to LiteSpeed WebAdmin Console > Configuration > General Settings and set Use Client IP in Header to Trusted IP Only
. QUIC.cloud IPs should already be in the trusted list.
In Apache, install and configure the mod_remoteIP
module.
Enable Debug Log¶
If IP detection is working properly and REST API is enabled, then the next step is to check the Debug Log. In your WordPress Admin, navigate to LiteSpeed Cache > Toolbox > Debug Settings, and set the following:
- Debug Log =
ON
- Debug Level =
Advanced
- To Debug URI Includes, add
litespeed_type=activate
andrest_route=/litespeed
, one per line
Save your changes, and then navigate to the Log View tab. If there are any logs currently showing, click the Clear Logs button.
Now you're ready to try connecting to REST API again. Run the following again:
https://example.com/?rest_route=/lscwp/ip-check
If it fails, reload the Log View tab, Click Debug Log to make sure you are viewing the correct log, and then click the Copy Log button. This will copy the log to your clipboard and allow you to paste it somewhere, like Pastebin for example, to share with the support team.
When you contact support, it is helpful to generate a report for them. Navigate to the Report tab and press the Send to LiteSpeed button. When you open a support ticket, you can share the Pastebin URL for your debug log, and the report number.
Other Problems¶
If there is some other problem with your REST API, here are a few possible causes.
REST API Disabled¶
You may have simply disabled REST API. Re-enable it to fix the problem. If you don't know how to do this, the WordPress REST API Handbook may help.
Plugin Problems¶
- You may have a security plugin that interferes with REST API.
- You may have a plugin that controls or limits access, like a "maintenance mode" plugin.
- You may have a plugin that is known to cause WP REST issues.
Try disabling your plugins one-by-one to find the culprit. If disabling a plugin makes REST API work again, look over the plugin's settings, or contact their support, to see what changes you can make to allow QUIC.cloud to access REST API.
ReWrite Rule Problems¶
The REST API link relies on a rewrite rule to work. Situation like these, that causes the WordPress rules not to be processed, are problematic:
- You may have permalinks set to
Plain
or/index.php/
. - You may have a rewrite rule in
.htaccess
that ends in[L]
but appears before the WordPress section.
Change your permalinks setting, or move your rewrite rules after the WordPress section to solve the problem.
LiteSpeed Endpoints not Allowed¶
It's possible you have a firewall that is blocking access to one or more LiteSpeed endpoints. Try adding both /litespeed/v1
and /litespeed/v3
to your allowlist. One of those strings appears in all LiteSpeed endpoints.