Code is Poetry

WPML: Getting automatic updates while blocking external HTTP requests

by Alex
August 3, 2017
Comments 0

Due to security reasons I’m blocking external HTTP requests on many of my sites through a setting in wp-config.php. See this article for further exploration on working security through wp-config.php. Here’s the setting:

define( 'WP_HTTP_BLOCK_EXTERNAL', true );

This measure prevents a couple of plugins – mainly premium plugins that are not available through the offical WordPress plugin repository – from fetching their updates.

This was the case as well for the popular WPML multi-language plugin.

The fix is easy – by allowing WordPress to call only certain servers. In this case it is the server d2salfytceyqoe.cloudfront.net – as detailed here in the WPML support forums. This is how it looks in the wp-config.php:

define( 'WP_ACCESSIBLE_HOSTS', 'd2salfytceyqoe.cloudfront.net' );

You probably want to add more servers here, like *.wordpress.org et al.

***
UPDATE NOV. 25, 2017:

In order to reveive updates for the popular Toolset plugin suite by the makers of WPML you need to whitelist the following two servers, according to their support:

define( 'WP_ACCESSIBLE_HOSTS', 'api.wp-types.com, d7j863fr5jhrr.cloudfront.net' );

0 comments on “WPML: Getting automatic updates while blocking external HTTP requests

Leave a Reply

Your email address will not be published. Required fields are marked *

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)