Today, I noticed this warning on the AIO SEO plugin when writing a post:
AIOSEO relies on the WordPress Rest API and your site might have it disabled. Click here to learn more .
I went on to deactivate all the plugins, one by one to see when that warning would go away and it turns out that when I deactivate the s2Member Framework, the warning goes. When I re-enable it, the warning comes back. This seems to be related to the 240315 version.
Anyone else has similar issue? @clavaque ?
s2 is now applying your restrictions to posts/pages when requested via the REST API too. So your SEO plugin must now be finding some content not accessible and getting an error on those. The public content is accessible.
Something that was reported from a handful that had WP_DEBUG enabled, is a warning about using a variable that wasn’t there, but I don’t think that the warning (not an error) is causing your SEO plugin to mention it.
The coming release fixes the warning. If after that you still have trouble, maybe I could add an admin option to disable the restrictions for REST requests, too…
This is happening on my store blog where the only reason I am using s2 is to protect content for logged in members using a conditional. I tried removing that line with the conditional so the blog post was just a regular blog post, and it still shows that warning.
Do you mean that I should just ignore that warning?
I will include this in the next release, but you can try it now if you want…
In the file s2member/src/includes/classes/security-rest.inc.php
These are lines 45 and 46:
$type = sanitize_key($route[2]); // e.g. pages
$id = (int)$route[3];
You can add these right before/above:
if (empty($route[2]) || empty($route[3]))
return $response;
So you’ll have this:
$route = $request->get_route(); // e.g. /wp/v2/pages
$route = explode('/', trim($route, '/'));
if (empty($route[2]) || empty($route[3]))
return $response;
$type = sanitize_key($route[2]); // e.g. pages
$id = (int)$route[3];
Let me know if you try it and if it helps you!
Warnings are not serious, errors would stop the script from going on. But you may want to hide warnings and errors. If not disable them, at least not display them on the site, instead log them into a file. https://wordpress.org/documentation/article/debugging-in-wordpress/#wp_debug_log
Nope. The warning still shows.
Thanks. What does your warning say? What does it say in the PHP error (or WP Debug) log?
The warning still says
AIOSEO relies on the WordPress Rest API and your site might have it disabled. Click here to learn more .
As for the debug log, I am sorry but I don’t understand that article. I don’t know if it is something I should set, or where, or something that is already there, and where.
Thanks.
Well, s2 doesn’t disable the WP REST API, only applies the s2 restriction to REST requests that try to reach the protected content.
It’d be helpful to see more detail about what makes AIOSEO show that warning. Does it provide a log or something more specific?
What site are you having this happen on, so I take a quick look.
It happens on this site: https://creationcassel.com/blog/
As for the information about the warning, there is nothing other than the link in that warning.
I can email you some login credentials if you want.
Duh!!! My mistake. The edit works fine now.
I was working on the wrong site!
User error here!
Thanks.
Great! Thanks for the update!
One thing that puzzles me is that on my other site, I have the same s2M and the same AIO SEO plugins, and I never got the warning (although now, it has that edited file that I uploaded there by mistake). Was that change in the last update, this week? I had not posted anything on that site since last week so I might not have had the opportunity to see it.