I 'm developing a WordPress plugin related to a platform i created earlier. The plugin will be needing some data from the database of that platform.
What is the best way to let the plugin to communicate with my external database without risking the security of my platform?
Write some api routes for your platform,like:
https://myPlatform/api/posts
In your wordpress plugin, request the apis of your platform.
You could use these requests packages:
https://github.com/guzzle/guzzle
You should alse do some validation while requesting your platform.
The accepted answer is good, but i would like to add a few things.
1) Always use secure channels for communication if the information is more likely to contain critical information (https).
2) Make good use of permission based Queries on the platform side and maybe on the plugin wordpress side check for the current logged in roles (if needed), if a particular role doesn't have to access a specific endpoint don't allow him both ways earlier checks can avoid unnecessary requests.
3) Try to make those request to the platform in a non-blocking way (ajax), to prevent unnecessary page load times.
4) Anticipate as much scenarios of how the platform will communicate its multiple messages and how your plugin should interpret them.
Related
Woocommerce provides an API here which in order to use it, you have to provide a consumer key and consumer secret with a relevant authorization schema. What I fail to grasp is that, shouldn't be there an API for unauthorized / guest users ? I mean, I just want to create a display page (frontend) of available products, but without the need of generating CK/CS. Also looking in a similar question here
it seems that you cannot avoid using the keys. But a second question comes up. The frontend is not supposed to use the keys, because then the e-shop becomes exposed to the client. So, even by generating these keys in order to access woocommerce api, how am I supposed to correctly use them ? Please help me understand the flow.
TLDR;
Do NOT use CK/CS in front end. It's only for use in a secure backend. The keys can be used to read/write anything from products to, orders to all customer related information.
Based on you questions, I suspect APIs might not be the best way to do what you're intending to do. If you do need APIs, chances are, you have two backend servers communicating with each other. APIs are usually meant for use by other applications. For example, a lot of Point of Sale systems utilize this WooCommerce API. You might want to look into extending the WooCommerce plugin itself and creating end points to get the information or perform actions you need.
If you are not familiar with secure Authenticated APIs, I would highly suggest you familiarize yourself with them as failure to secure the website can result in huge financial losses to sensitive personal information leakage of the site users since WooCommerce APIs, at the time of this writing, only allows you to set read or write permissions with full access to everything.
With that in mind I will attempt to answer all of your questions one by one and give an idea of how you should use it.
To Answer your questions
What I fail to grasp is that, shouldn't be there an API for
unauthorized / guest users ? I mean, I just want to create a display
page (frontend) of available products, but without the need of
generating CK/CS
I'm guessing your misconception is that you need to use separate keys for each user. API keys are not meant to give access for front-end users. The API keys generated by the WooCommerece plugin gives full read/write access to any user to view/modify any information including that of other customers. Its meant for admins. If you check the official WooCommerce API reference for retrieving a customer you'll notice that you get to provide an id here. And if you check the response it shows everything from addresses to contact information.
The frontend is not supposed to use the keys, because then the e-shop
becomes exposed to the client. So, even by generating these keys in
order to access woocommerce api, how am I supposed to correctly use
them ?
Its quite simple actually. You just need to get between the communication between the front-end users and the WooCommerce API. If the users needs to be provided information from the WooCommerce end point, you need to get it for them using the CK/CS.
This way, you confirm what information is allowed to view/modify by whom, and the user does not need to be authenticated.
WooCommerce Endpoints <---> Your secure backend service/middleware/controller <---> front-end user
One thing to note though, is that you need to be careful about the parameters a front-end user is able to change in the request to your server end-point that is consuming the WooCommerce API key. A customer should not be able to change the id that is requesting their info for example. Id should be retrieved from the backend from the secure authentication information coming from the front-end.
I want to be able to add domains to Firebase hosting with the API instead of the web UI, is that possible?
I want to add potentially hundreds of domains, is there a domain limit per project in Firebase?
As far as I can tell from the entire CLI documentation, there isn't any way to do this.
Lets take a step back and consider what the web UI process involves i.e. the generation of a TXT record to add to your DNS records, after verifying the presence of said TXT record on the domain, providing A records that you (authorized owner) add to allow redirecting to your firebase hosted site.
In my opinion, this very manual back and forth is necessary as a security measure. The only way it is taken out of the equation via the CLI is by providing a means for you to authenticate ownership of a domain (registered with any one of many domain registrars), and being granted authorization to change your A records. These are both outside the scope of Firebase, and could potentially introduce severe security flaws. Regardless, even if it existed, it would still have to be step-by-step and somewhat manual via CLI rather than the single command it sounds like you're looking for.
It is not possible to add custom domains automatically through an API at this time.
Nor would it allow you to create a reseller or multi-tenant project (i.e. connect a large number of domains or subdomains dynamically) since you cannot connect more than about 36 domains connected to one project.
It's possible to add domains using Firebase Hosting Rest Api. I am not sure why they didn't put it on their official website but I checked today and it works. https://developers.google.com/resources/api-libraries/documentation/firebasehosting/v1beta1/java/latest/com/google/api/services/firebasehosting/v1beta1/FirebaseHosting.Sites.Domains.html
Answer that I've received from Firebase support:
There is no API yet that would allow you to add custom domains, it was
requested as a feature before but unfortunately we have no more
information on that - so for now, only the Console UI allows you to do
it.
When it comes to the limits, in a project, a custom domain is
attached to a site - there can be 36 sites per project, and for one
site there is no hard limit, but we recommend not exceeding 20 custom
domains. You can experience technical issues with SSL certs when you
exceed 20 domains per site, which we won’t be able to troubleshoot
since the system was not designed for such use cases.
hello so I have 2 wp installations with buddypress, I would like to pull the second site members remotely and display them on the first blog.
is there a way to use WP_User_Query with a different database ?
In most server configurations, external access to the database is not allowed, in order to increase security. Thus, direct access to the database is probably not an option.
But Wordpress has a API that is made for external access via HTTP. The API has a getUsers function that should help you.
There are several libraries that can help you make XML-RPC (the protocol of the Wordpress API) requests, see Which PHP RPC (XML or JSON) library have you successfully used? for an overview.
I'm developing an API for a project I'm involved in. The API will be consumed by an Android app, an iOS app, and a desktop website. Almost all of the API is accessible only to registered users. The API allows authentication via WSSE which is great for the mobile apps, but not so great for the website. However, I'm using Symfony2 to develop the API, and I have configured it to allow access to the API by both WSSE and/or session/cookie authentication (multiple firewalls with common security context, if you're interested).
With an API-first approach like this, I'm concerned about things being abused. Take my signup method for example. I only want it to be used by the apps or the website. However, there's nothing to stop someone writing a simple script to hammer the API with bogus signups. Then there's the concern about CSRF. Because the API is can be accessed by a logged in user, then there's a risk that this can be exploited.
I don't want the API to be public, but I don't know if this is possible given that it will be used by the website. Is there anything I can do remove (or reduce) the risks and the vulnerability exposure?
Kind regards.
For the signup brut force problem you could enable a "rate limit" for your API calls.
This blog post introduces this concept and how to use it in a Symfony2 application thanks to the RateLimitBundle.
Where would I find info about creating a user login system using meteor.js? Is there an existing library that I could use?
UPDATE 4: And Meteor now has full support for accounts, users, etc
see http://docs.meteor.com/#accounts_api
UPDATE 3: Since v0.5.0, Meteor supports authentication
and allow/deny rules on collections.
See http://docs.meteor.com/#allow for info.
Thanks, #Dan Dascalescu !
Update 2: As Greg points out, you actually can lock down the CRUD
methods by overriding them with empty functions (more info here:
https://stackoverflow.com/a/10116342/1180471). So while I assume the
auth functionality will make things simpler, you can already roll your
own with relatively low effort.
Original answer kept for historic purposes:
AFAIK meteor doesn't provide a way to do this yet since there is no way to lock down (part of) the database, so for the moment the only way to do it in a secure way is to bypass meteor and either:
- drop down to node and use a seperate database or authentication API
- use HTTP authentication
I imagine this is pretty high up on their todo list, though...
Update 1:
They already started implementing, you can see the code in the livedata-auth branch:
https://github.com/meteor/meteor/compare/master...livedata-auth
In the meantime, Meteor has implemented a full authentication and user management system, complete with a UI for easy login using popular OAuth services (Google, Facebook, GitHub, Twitter, Weibo).
It actually isn't too hard to do some simple auth in meteor. The blogging system britto has it setup. Essentially you, restrict the database from the client, then use an api key to make requests to server side methods.
restricting client db access: How do you secure the client side MongoDB API?
britto server code: https://github.com/jonathanKingston/britto/blob/master/server/server-britto.js
in the britto source, take a look at the methods create user and login user
You can find a working example of a user login system I've created for Meteor over at https://github.com/matb33/meteor-userauth.
You'll need Meteor > 0.3.5, so as of this writing you'll need to run the devel branch of meteor.
And you can also build a custom login system with Meteor very easily.
See my notes: http://meteorhacks.com/extending-meteor-accounts.html