Skip to main content

Hi,

I’m trying to connect with my wordpress instance but always get “Authentication failed” (403 error) until I disable the reCaptcha feature from Wordfence Plugin. Wordfence estimate that “the request was flagged as suspicious”.

Do you know a way to bypass reCaptcha control when trying to connect with Zapier (without deactivating it for other purposes off course)?

 

Hi @AMAP Coeur Bassin,

 

Welcome to the Community. 

 

The issue with reCAPTCHA blocking Zapier’s connection to your WordPress instance via Wordfence is due to reCAPTCHA’s design to prevent automated processes. To resolve this, you can whitelist Zapier’s IP addresses in Wordfence, use API keys for authentication, or contact Wordfence support for specific recommendations. Always prioritize your site’s security when making these changes.


Hi @JammerS, thanks for the reply 👍

Unfortunately, I’m not sure if the Zapier’s wordpress plugin allows to authenticate with API keys 🤔

As for the idea of ​​whitelisting Zapier's IPs, from what I've seen, it's hosted on Amazon so that must be a lot of IPs, right? 😅


Hi @AMAP Coeur Bassin,

 

Your correct Zapier uses OAuth for WordPress integration, requiring login through Zapier. Instead of IP whitelisting, which can be risky due to AWS’s large IP range, consider security measures like limiting login attempts or enabling two-factor authentication. You can also restrict Zapier’s access by assigning it a specific user role, such as “Editor” or “Author,” to prevent it from changing site settings.


Hi @JammerS, enabling 2FA is not an option for my users who are not really comfortable with these kind of technical stuff. Zapier’s access are already on “Editor”.

I’m afraid to disable reCaptcha only for this Zapier’s plugin … I think I’m going to do without it. I will wait for an update of the plugin that can manageAPI key authent. How can I suggest such a feature?

 

I just saw that issue has already been posted : https://wordpress.org/support/topic/403-forbidden-access-denied-3/ ...


Hi @AMAP Coeur Bassin,

 

You can contact our support team to request such feature. You can reach them through this link: https://zapier.com/app/get-help


Reply