There are already many topics on Zapier blocks when WF Login Security is used.
The current issue I’m facing is with the “Disable XML-RPC authentication” setting.
Even though Zapier states it only uses the REST API still this setting appears to block Zapier from connecting to WordPress.
I did a quick search through the plugin and apparently there is only one action hooked to wfls_xml_rpc_blocked
and that is wordfence::checkSecurityNetwork()
which checks if the IP is blocked. I can verify that this is also not the case.
For any reCaptcha users out there, please note that I added a filter on all REST requests that when the Zapier user agent makes a request I disable reCaptcha so Zapier won’t be flagged as a bot (this is working nicely).
I’d really like to have XML-RPC blocked but cannot find the cause of Zapier not working anymore if it is.
Any help on this matter would be very much appreciated.
Cheers, Jory