IIS Authorization Rules breaks WP REST-API and results in fail in Site Health

Question

apperently it seems the wordpress rest-api cannot work with restricted authorizations.

when i change the default Allow All Users / this:

to a restricting ad group and remove the All Users (obviously):

which creates this web.config:

<system.webServer>
    <security>
        <authorization>
            <remove users="*" roles="" verbs="" />
            <add accessType="Allow" roles="DOMAINTest-Group" />
        </authorization>
    </security>
</system.webServer>

all seems fine

at first glance,

but if we go to WP Site Health it reveals this errors:

enter image description here

so it seems the wp REST-Api cannot operate without anonymous / All Users access.

How can i fix this or am i missing something and need to adjust some settings?

thank you

0
my2cents 6 months 2022-01-28T04:17:46-05:00 0 Answers 0 views 0

Leave an answer

Browse
Browse