I have a small handful of plugins that make requests to URLs, slowing down my website. At the moment, I’m still debugging the issue, but in the meantime, is there a way to prevent WordPress from requesting just specific URLs?
I know there’s the `wp-config.php` rule `define(‘WP_HTTP_BLOCK_EXTERNAL’, true);`, but it blocks every request, which I have implemented.
I also know about `define(‘WP_ACCESSIBLE_HOSTS’, ‘domain1.com, domain2.com’);` for whitelisting specific domains, which I have also implemented.
However, that is a tedious route as I only need to block a singular set of domains. Is there a way to do so?
The only issue I’m facing now with this method, is with WooCommerce PayPal IPN on my site. I’ve added all the possible whitelisted callout URLs, but according to my WooCommerce status tab, PayPal is showing the following issues:
**Server environment:**
– Remote post: `wp_remote_post()` failed. Contact your hosting provider.
– Remote get: `wp_remote_get()` failed. Contact your hosting provider.
**Log:**
“`
2024-05-23T11:08:18+00:00 Info Received invalid response from PayPal IPN
2024-05-23T11:08:18+00:00 Info Error response: User has blocked requests through HTTP.
2024-05-23T11:09:19+00:00 Info Checking IPN response is valid
2024-05-23T11:09:19+00:00 Info IPN Response: WP_Error Object
“`
Does anyone know how to properly whitelist PayPal HTTP requests?
Here is what my `define(‘WP_ACCESSIBLE_HOSTS’)` looks like. I thought I covered it:
“`php
define(‘WP_ACCESSIBLE_HOSTS’, ‘developer.paypal.com, api.wordpress.org, downloads.wordpress.org, rest.akismet.com, api-m.paypal.com, api-m.sandbox.paypal.com, a.stripecdn.com, api.stripe.com, atlas.stripe.com, auth.stripe.com, b.stripecdn.com, billing.stripe.com, buy.stripe.com, c.stripecdn.com, checkout.stripe.com, climate.stripe.com, connect.stripe.com, dashboard.stripe.com, express.stripe.com, files.stripe.com, hooks.stripe.com, invoice.stripe.com, invoicedata.stripe.com, js.stripe.com, m.stripe.com, m.stripe.network, manage.stripe.com, pay.stripe.com, payments.stripe.com, q.stripe.com, qr.stripe.com, r.stripe.com, verify.stripe.com, stripe.com, terminal.stripe.com, uploads.stripe.com, addtodropbox.com, app.hellosign.com, dash.ai, db.tt, docsend.com, dropbox.com, dropboxapi.com, dropboxbusiness.com, dropboxcaptcha.com, dropboxexperiment.com, dropboxforums.com, dropboxforum.com, dropboxinsiders.com, dropboxlegal.com, dropboxmail.com, dropboxpartners.com, dropboxstatic.com, dropboxteam.com, dropbox.tech, dropbox.zendesk.com, getdropbox.com, learn.dropbox.com, links.dropbox.com, api.paypal.com, api-3t.paypal.com, svcs.paypal.com, ipnpb.paypal.com, accounts.paypal.com, batch.paypal.com, disputes.paypal.com, dropzone.paypal.com, reports.paypal.com, manager.paypal.com, payflowlink.paypal.com, payflowpro.paypal.com, partnermanager.paypal.com, payments-reports.paypal.com/reportingengine, paypalmanager.paypal.com, registration.paypal.com, xml-reg.paypal.com, notify.paypal.com, api.sandbox.paypal.com, api-3t.sandbox.paypal.com, svcs.sandbox.paypal.com, ipnpb.sandbox.paypal.com, accounts.sandbox.paypal.com, batch.sandbox.paypal.com, disputes.sandbox.paypal.com, dropzone.sandbox.paypal.com, reports.sandbox.paypal.com, pilot-payflowpro.paypal.com, pilot-payflowlink.paypal.com, payments-reports.paypal.com/test-reportingengine, ipn.sandbox.paypal.com, api.paypal.com/nvp, api.sandbox.paypal.com/nvp, api.paypal.com/2.0/, api.sandbox.paypal.com/2.0/, api-3t.paypal.com/nvp, api-3t.sandbox.paypal.com/nvp, api-3t.paypal.com/2.0/, api-3t.sandbox.paypal.com/2.0/, payflowpro.paypal.com’);
“`