wp-api-jwt-auth icon indicating copy to clipboard operation
wp-api-jwt-auth copied to clipboard

Published 20 hours ago verified publisher icon Tmeister

WP Engine doesnt support using htaccess file

Open Garcia-Julz opened this issue 1 year ago • 1 comments

WP Engine and .htaccess File Compatibility

Using JWT Authentication Plugin with WP Engine Hosting

Before submitting an issue, please answer the following questions:

  • [x] I am running the latest plugin version (1.3.4).
  • [x] I am running the latest WordPress version.
  • [x] I know what PHP version I'm using.
  • [x] I checked the documentation and found no answer.
  • [x] I checked to make sure that this issue has not already been filed.

Context

WP Engine has informed me that they do not support the use of the .htaccess file, even if we were to edit it. Complying with their new standards is essential. Instead of using the code snippet provided in the documentation, WP Engine recommends using a Web Rule or Nginx code snippet to ensure the proper functioning of this plugin.

  • WordPress version: 6.3.2
  • PHP Version: 8.0.30
  • JWT Auth Plugin Version: 1.3.4

I attempted to convert the provided .htaccess code into Nginx syntax, but I encountered issues, which is why I'm seeking assistance.

Original .htaccess Code:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Attempted Nginx Configuration:

location / {
    fastcgi_pass   backend;
    fastcgi_param  HTTP_AUTHORIZATION $http_authorization;
    # Other fastcgi_params and configurations
}

Update

Made another attempt to get around this issue. I added this to my function.php

// Enable JWT authentication
add_filter('jwt_auth_cors_allow_headers', function($headers) {
    $headers[] = 'Authorization';
    return $headers;
}, 10, 1);

add_filter('jwt_auth_secret_key', function($key) {
    // Replace 'YOUR_SECRET_KEY_HERE' with your actual secret key
    $key = 'YOUR_SECRET_KEY_HERE';
    return $key;
}, 10, 1);

just tried this with WP Engine and it did NOT work

location / {
    # Your existing Nginx configuration here

    # JWT authentication
    auth_jwt "[Key I Generated]"; // Use the JWT secret key you defined in functions.php
    auth_jwt_key_file /dev/null; // Use /dev/null to indicate no key file is used
    auth_jwt_alg HS256;

    # Continue with your existing Nginx configuration
}

Garcia-Julz avatar Oct 22 '23 14:10 Garcia-Julz

Flywheel, owned by WP Engine, uses NGINX servers and Google Cloud. We have websites that are hosted on Flywheel that currently use this plugin with no issues.

jared-leddy avatar Aug 12 '24 07:08 jared-leddy