外掛說明
Genbe Connector for Article Agent is a connector plugin that integrates Genbe Publishing with the Article Agent platform.
It enables a high-performance, headless publishing workflow by establishing a secure communication channel. This allows Article Agent to create posts, format content, and upload media directly to your media library without manual intervention.
Key Features:
- Secure Authentication: Uses site-specific API keys with timing-attack safe validation.
- Media Handling: Supports multipart uploads, Base64 encoding, and secure remote URL ingestion (with SSRF protection).
- Zero Bloat: No front-end CSS or JS is added to your site. It strictly handles API communication.
- Developer Friendly: Extends the REST API under the
genbe-connector/v1namespace.
Note: This is a third-party integration plugin. It requires an active account with the Article Agent service to function.
螢幕擷圖
Settings Page – The clean interface where you can generate and view your API Key.
安裝方式
- Upload the
genbe-connector-for-article-agentfolder to the/wp-content/plugins/directory, or install the ZIP via Plugins Add New Upload Plugin. - Activate the plugin through the ‘Plugins’ menu in WordPress.
- Navigate to Article Agent in the main admin sidebar.
- Copy the generated API Key and the Site URL.
- Paste these credentials into your Article Agent dashboard to authorize the connection.
常見問題集
-
Does this plugin affect my front-end theme?
-
No. The plugin runs entirely in the background. It registers REST API endpoints and an admin settings page. It does not output any HTML, CSS, or JavaScript on your live site and will not alter your theme’s appearance.
-
I am getting a “403 Forbidden” error when syncing. What do I do?
-
This is usually caused by a security plugin (like Wordfence, iThemes, or Cloudflare) blocking the connection.
- Wordfence: Go to Firewall options and whitelist the IP address of Article Agent, or set the firewall to “Learning Mode” briefly while you sync your first post.
- General: Ensure your security settings do not have “Disable REST API for anonymous users” checked. (WordPress considers API Key requests “anonymous” because no user is logged in via cookies).
- Cloudflare: If you use “Super Bot Fight Mode,” you may need to whitelist our User Agent.
-
Is the connection secure?
-
Yes. The plugin employs several security layers:
1. HTTPS: We recommend (and can enforce) SSL for all connections.
2. API Keys: We use high-entropy keys and valid them usinghash_equalsto prevent timing attacks.
3. SSRF Protection: Remote image uploads are scanned usingwp_safe_remote_getto prevent server-side request forgery.
4. MIME Type Checks: All uploads are strictly validated to ensure they are real images, not executable scripts. -
By default, posts are assigned to the administrator (User ID 1) or the user associated with the API request context. You can change the author manually in WordPress after the post is drafted.
使用者評論
這個外掛目前沒有任何使用者評論。
參與者及開發者
變更記錄
1.3.1
- Security: Implemented
wp_safe_remote_getto prevent SSRF vulnerabilities during remote image fetches. - Improvement: Enhanced file extension detection logic for URLs without explicit extensions.
- Maintenance: Added
uninstall.phpfor clean data removal upon deletion.
1.3.0
- Initial release.
- Added API key management screen.
- Registered REST endpoints.
- Added support for multipart and Base64 media uploads.