Skip to content

Solving WordPress REST API issues

Some QUIC.cloud issues are actually due to a problem with the WordPress REST API. Examples of such issues:

  • Error connecting to QUIC.cloud from LiteSpeed Cache.
  • Error adding your domain's IP address to your dashboard's Settings > Server IP.

It possible to solve issues like this simply by making sure the REST API is active. If it is active, you may have third party plugins or security measures blocking access to it. Read on learn some strategies for diagnosing and solving your REST API problems.

Failed to Communicate

If your REST API is disabled, blocked, or otherwise inaccessible to QUIC.cloud, you'll see these error messages in your LiteSpeed Cache plugin:

Failed to communicate with QUIC.cloud server: Unknown error: unknown [server] https://wpapi.quic.cloud [service] tool/wp_rest_echo

and:

Your WP REST API seems blocked our QUIC.cloud server calls.

Some common reasons for a failure to communicate: - A WordPress optimization or security plugin, that offers the option to disable the REST API. - Strict security features enabled by your hosting provider. For example, ModSecurity rules may block requests to REST API. - A CDN or some other proxy service is obscuring the true IP address, leaving QUIC.cloud unable to authenticate.

Diagnose the Problem

To help you diagnose the problem, try the following steps, in order: - Make a Test Endpoint - Temporarily Disable ModSecurity - Enable Debug Log

Make a Test Endpoint

For troubleshooting purposes, you can add some code to your theme's functions.php. It will create a test endpoint, which will give you more information that you can then act upon.

Add this code to your active theme's functions.php, and when you have finished troubleshooting, be sure to remove it!

function ip_check_callback() {
    if (defined('LSCWP_V')){
        do_action( 'litespeed_control_set_nocache', 'nocache due to logged in' );
    }
    $data = array(
        'remote_ip'         => $_SERVER['REMOTE_ADDR'] ?? 'Null',
        'x_forwarded_for'   => $_SERVER['HTTP_X_FORWARDED_FOR'] ?? 'Null',
        'proxy_remote_addr' => $_SERVER['PROXY_REMOTE_ADDR'] ?? 'Null'
    );
    return rest_ensure_response($data);
}
function register_ip_check_route() {
    register_rest_route('lscwp', '/ip-check', array(
        'methods'  => 'GET',
        'callback' => 'ip_check_callback'
    ));
}
add_action('rest_api_init', 'register_ip_check_route');

Once you've saved the code in functions.php, log out of your site (or open an incognito window) and visit your URL with a ?rest_route=/lscwp/ip-check query string appended, like so:

https://example.com/?rest_route=/lscwp/ip-check

If you see a 401, 403, or 404 response code, then your REST API is disabled, and you will need to re-enable it.

If you are still having a problem, leave this code in place, and try the next troubleshooting step: disabling ModSecurity.

Temporarily Disable ModSecurity

You can disable ModSecurity for troubleshooting purposes in LiteSpeed Web Server. Add the following code to .htaccess:

<IfModule mod_security.c>
   SecRuleEngine Off
   SecRequestBodyAccess Off
</IfModule>

Once you've saved the code in .htaccess, open an incognito window and visit:

https://example.com/?rest_route=/lscwp/ip-check

If this request does not result in a 200 response, remove the code from your .htaccess, and look for another cause.

If it does result in a 200 response, then it is likely that REST API is being blocked by a specific ModSecurity rule. You may need to contact your hosting provider to get the ID of that rule. You can then replace the above code with this (assuming the rule ID is 1234567) so that only the offending rule is blocked:

<IfModule mod_security.c>
 SecRuleRemoveById 1234567
</IfModule>

Run the following again, and examine the output:

https://example.com/?rest_route=/lscwp/ip-check

You will see different output if your site is 1. not running behind a proxy, 2. running behind any proxy or CDN, or 3. the request IP was not properly detected

Not running behind a proxy

If your site is not running behind proxy , then you should see something like the following in the output:

{
  "remote_ip": "192.0.2.0",
  "x_forwarded_for": "Null",
  "proxy_remote_addr": "Null"
}

The last two values will be Null. If you do not see any signs of running behind a proxy, then you can proceed to the next step.

Running behind any proxy or CDN

If your site is running behind any proxy or CDN, you should see something like the following:

{
  "remote_ip": "192.0.2.0",
  "x_forwarded_for": "192.0.2.0, 192.0.2.22",
  "proxy_remote_addr": "192.0.2.22"
}

The remote_ip shown (in this example, 192.0.2.0) should match your IP address when you access this page. You can verify your IP by using the What's My IP tool.

Request IP not detected

If remote_ip doesn't match your IP, or the output is showing the same IP for remote_ip and proxy_remote_addr , like so, then it means PHP failed to detect the request IP properly:

{
  "remote_ip": "192.0.2.22",
  "x_forwarded_for": "192.0.2.0, 192.0.2.22",
  "proxy_remote_addr": "192.0.2.22"
}

You may be able to fix this by updating the client IP detection solution for your web server.

In LiteSpeed Web Server and OpenLiteSpeed, navigate to LiteSpeed WebAdmin Console > Configuration > General Settings and set Use Client IP in Header to Trusted IP Only. QUIC.cloud IPs should already be in the trusted list.

In Apache, install and configure the mod_remoteIP module.

Enable Debug Log

If IP detection is working properly and REST API is enabled, then the next step is to check the Debug Log. In your WordPress Admin, navigate to LiteSpeed Cache > Toolbox > Debug Settings, and set the following:

  • Debug Log = ON
  • Debug Level = Advanced
  • To Debug URI Includes, add litespeed_type=activate and rest_route=/litespeed, one per line

Save your changes, and then navigate to the Log View tab. If there are any logs currently showing, click the Clear Logs button.

Now you're ready to try connecting to REST API again. Run the following again:

https://example.com/?rest_route=/lscwp/ip-check

If it fails, reload the Log View tab, Click Debug Log to make sure you are viewing the correct log, and then click the Copy Log button. This will copy the log to your clipboard and allow you to paste it somewhere, like Pastebin for example, to share with the support team.

When you contact support, it is helpful to generate a report for them. Navigate to the Report tab and press the Send to LiteSpeed button. When you open a support ticket, you can share the Pastebin URL for your debug log, and the report number.

Other Problems

If there is some other problem with your REST API, here are a few possible causes.

REST API Disabled

You may have simply disabled REST API. Re-enable it to fix the problem. If you don't know how to do this, the WordPress REST API Handbook may help.

Plugin Problems

  • You may have a security plugin that interferes with REST API.
  • You may have a plugin that controls or limits access, like a "maintenance mode" plugin.
  • You may have a plugin that is known to cause WP REST issues.

Try disabling your plugins one-by-one to find the culprit. If disabling a plugin makes REST API work again, look over the plugin's settings, or contact their support, to see what changes you can make to allow QUIC.cloud to access REST API.

ReWrite Rule Problems

The REST API link relies on a rewrite rule to work. Situation like these, that causes the WordPress rules not to be processed, are problematic:

  • You may have permalinks set to Plain or /index.php/.
  • You may have a rewrite rule in .htaccess that ends in [L] but appears before the WordPress section.

Change your permalinks setting, or move your rewrite rules after the WordPress section to solve the problem.

LiteSpeed Endpoints not Allowed

It's possible you have a firewall that is blocking access to one or more LiteSpeed endpoints. Try adding both /litespeed/v1 and /litespeed/v3 to your allowlist. One of those strings appears in all LiteSpeed endpoints.