Dear Support,
Could adding the following code to .htninja work:
// If User-Agent exactly equals “Zapier”, whitelist
if (strcasecmp($userAgent, ‘Zapier’) === 0) {
define(‘NFW_UWL’, true);
return ‘ALLOW’;
}
Many thanks for your help with this.
Piet
Dear Support,
Here is another possible solution that might work better it allows requests that contain the header ‘User-Agent: Zapier’.
<?php
/*
+-----------------------------------------------------------------------------------------+
| NinjaFirewall - .htninja configuration |
| Purpose: Allow incoming requests that contain 'User-Agent: Zapier' |
| Reference: https://help.zapier.com/hc/en-us/articles/8496216020877 |
| Based on NinjaFirewall whitelisting pattern using NFW_UWL |
| https://portalzine.de/unleashing-the-power-of-ninjafirewall-for-wordpress-custom-rules |
+-----------------------------------------------------------------------------------------+
*/
// Retrieve the User-Agent header safely
$userAgent = '';
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgent = trim($_SERVER['HTTP_USER_AGENT']);
} elseif (function_exists('getallheaders')) {
foreach (getallheaders() as $headerName => $headerValue) {
if (strcasecmp($headerName, 'User-Agent') === 0) {
$userAgent = trim($headerValue);
break;
}
}
}
// Allow requests that contain 'Zapier' (case-insensitive)
if ($userAgent !== '' && stripos($userAgent, 'Zapier') !== false) {
// Mark this request as whitelisted
if (!defined('NFW_UWL')) {
define('NFW_UWL', true);
}
// Stop further processing and allow immediately
return 'ALLOW';
}
// All other traffic will continue to the standard firewall checks.
I look forward to your reply & suggestions.
Kind regards,
Piet
This is all you should need:
<?php
if ( isset( $_SERVER['HTTP_USER_AGENT'] ) && $_SERVER['HTTP_USER_AGENT'] == 'Zapier') {
define('NFW_UWL', true );
return 'ALLOW';
}
