I’ve been trouble shooting this all weekend and not finding any solutions. I’m trying to setup webhooks for Mailchimp and CiviCRM 4.6.1 through Wordpress 4.3.1.
The mailchimp settings panel in CiviCRM provides the web hook address as:
Webhook URL - http://<domain>/?page=CiviCRM&q=civicrm/mailchimp/webhook&reset=1&key=2345
Anytime I request the url in a browser window it returns a ‘null’ response. When I paste it into the Mailchimp webhook setup Mailchimp gives me a 403 error (“We couldn't verify the URL is working. Please double check and try again. HTTP Code: 403”).
I’ve tried to ensure that step 3 of the Veda Consulting instructions https://github.com/veda-consulting/uk.co.vedaconsulting.mailchimp was handled:
Make sure webhook url is accessible to public. If not, just make sure anonymous / public user has “allow webhook posts” permission.
but in wordpress settings (https://en.support.wordpress.com/webhooks/#what-would-i-use-something-like-this-for) I can’t find a webhook tool. Am I missing something? Is this from an older version of wordpress. I found the Hookpress plugin but it has a warning that it hasn’t been tested with the current version of wordpress.
Whoever can tell me how to get this webhook working for Mailchimp I would greatly appreciate it, thanks!
It's a civiCRM setting, not a Wordpress setting.
This comment from the developer reveals a URL to use to expose the permissions panel:
You can enable 'allow webhook posts' permission in wordpress access control by navigating to
http:///wp-admin/admin.php?page=CiviCRM&q=civicrm%2Fadmin%2Faccess%2Fwp-permissions&reset=1
Reference: https://github.com/veda-consulting/uk.co.vedaconsulting.mailchimp/issues/172#issuecomment-162478431
Not a totally satisfying answer but I ran my webhook link through firebug and it always returns an ok 200 response from the server.
I corresponded with Mailchimp and they confirmed that from what they can see there isn't an issue with the webhook I'm using. They suggested I whitelist their API's IP addresses but my hosting doesn't allow whitelist IPs. I've gone back to Mailchimp but it's looking like the fate is sealed on this one.
If not, just make sure anonymous / public user has “allow webhook posts” permission.
This refers to permissions configuration in your CMS.
In Drupal and Backdrop, this is configured under Admin > People > Permissions (admin/people/permissions) where you must grant "allow webhook posts" permission to the "anonymous user" role.
In WordPress, a similar pattern should allow you to grant the "allow webhook posts" capability to the "Anonymous User" role.
In Joomla, I think the Veda MailChimp plugin doesn't check permissions on that webhook callback.
I had to debug a site which hadn't had this configuration set today, and the HTTP response code for the callback to MailChimp was 500 when permission not granted, and 200 when it was granted. That might help debug your own situation (you should be able to duplicate this simply by GET to the webhook callback).
Related
I have a client with a Wordpress website. The contact form stopped sending, so I found a plugin called Mail Integration for Office 365/Outlook that could use his MS365 email to send all email from the website using that account.
I installed the plugin and followed the instructions to create an Azure AD App Registration and configure the plugin with the appropriate data from the App Registration. I tried submitting the contact form and there were no errors on the page (it gave me a success message), but the email never arrived in my inbox (yes, I checked spam). I installed a different form plugin, WP Forms, and put it on a test page. The call to admin-ajax appears to be going through successfully, receiving json with success and a confirmation message (which it outputs to the page).
So I searched the plugin's support forum where the creator mentioned using the plugin Check & Log Email to test that the emails are sending. I installed/activated the plugin and sent a test email. It shows it as sent successfully. It never arrived in my inbox (yes, I checked spam).
I have checked the error logs and didn't see anything helpful.
To fix the issue, I first need to find it:
Do I need to complete additional configuration that I've just missed?
How do I find out if the plugin can even connect to the App Registration? It doesn't have a Test Connection feature, which it clearly needs. The reviews on the plugin page are all positive and recent, so it's working for other people.
How do I troubleshoot this from the Azure Active Directory side to make sure it's receiving data?
Please help! Thanks.
I have Wordpress blog and I want to share my post blog automatically in my Facebook Fanpage.
I using NextScripts: Social Networks Auto-Poster plugin and insert App ID and App Secret (I'm already register in developers.facebook.com). But when I click Authorize Your Facebook Account, I get error that said:
"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
I'm already search answer in google, but still not able to fix it.
such as do this in developers.facebook.com account:
Use Strict Mode for Switch URIs => Turn off (but cannot turn it off)
Insert https://www.example.com/auth/facebook/callback into Valid OAuth URI redirect (not solving my problem, having another error : URL Blocked)
Is there any way to fix it? I only want to share my blog post automatically to save time, just it. Any help is very appreciated, Thank you.
I am trying to set up emails on my WordPress website using the WP Mail SMTP plugin and the Gmail API. (WordPress version 5.5.1; WP Mail SMTP Version 2.4.0)
The website I am trying to set this up on, https://souheganvalleychorus.org/ is part of a GSuite for non-profits domain.
I have followed the WP Mail SMTP setup instructions on:
https://wpmailsmtp.com/docs/how-to-set-up-the-gmail-mailer-in-wp-mail-smtp/
with meticulous care. However, when I get to the final step, where I click on the WP Mail SMTP plugin's setup page, and click on "Allow plugin to send emails using your Google account", get prompted with some dialog boxes, choose the email address that I used to set up the Gmail API, it finally comes back with a webpage that says simply:
Unauthorized
Back {a link}
the URL for this page is:
https://souheganvalleychorus.org/wp-admin/options-general.php?page=wp-mail-smtp&tab=auth&code=4/4AEw2mlaJPMgOg7boWHzLLDIJdg0Gwb98vGyJfrteQXcOE5cnL1HMj5wX6QSRZQ0x2rhrbxlzqKPBsF7uokdWCg&scope=https://mail.google.com/
I have been pulling my hair out trying to figure out what is happening, and what I can do to fix it. The 'Unauthorized' provides absolutely no additional information.
I have previously set up the WP Mail SMTP plugin to use the Gmail API, on another website (also a GSuite for non-profits domain, but a different one), and succeeded in that case. I seem to recall having had some problems setting that one up, too, but don't remember how I resolved the issue. When you do something (especially with such an arcane interface as the Google API interface) once in a blue moon, you tend to forget the details. I have tried to compare the two Gmail API setups, and can find no difference that would explain the failure in the current case.
I sure would appreciate anyone's help in resolving this. Until I do, I can't send email from the website. I've also tried using WP Mail SMTP's "Other SMTP" option, with the Gmail SMTP credentials, but that fails to authorize, so I'm stuck...
Help! (and thanks!)
I have just today realised that the authorisation emails sent from my perfectly legitimate Firebase backend are being flagged as malicious by Microsoft Outlook's "Advanced Threat Protection"
There is no reason for this other than perhaps it was flagged during development due to me sending myself repeated confirmation emails in order to test the functionality.
This warning does not show up in regular hotmail/outlook accounts, but I am an Office 365 subscriber so it appears as though I am lucky enough to get this "advanced" protection which protects me from my own completely non-malicious website.
Should I contact Microsoft or Firebase for a solution?
Thanks a lot!
Update: I contacted Firebase support and received the following:
My name is XXXX from Firebase Support, thank you for reaching out to us, problems on Microsoft services such as this “Advanced Threat Protection” is not in my area or expertise, I would suggest to open a ticket with Microsoft for this issue, I see that there is already a topic on Stack Overflow, please be sure to check other Firebase community channels as well.
I understand that this isn't Google's problem to solve, but it would seem any Firebase app using email verification is going to run into trouble with Microsoft email systems. Which is a lot of corporate and government systems...
Any suggestions on how to get some attention paid to this from either Google or Microsoft?
Cause
This error is caused by having inconsistent domains in the email. By default, user management emails link to the default action handler, which is a web page hosted at a URL in your project's Firebase Hosting domain ([project].firebaseapp.com), rather than the the same domain you may be sending emails from (veritification#yourdomain.com).
Solution
Make this “action link” go directly to your website. This will solve the outlook warning, and also make it less likely you'll end up in spam filters in general. On your website, you have 2 options for how to handle the actual validation.
Both solutions below require your domain to be authorized.
This can be done under Authentication -> Sign-In Providers -> Authorized Domains
Option 1 - Use Custom Email Action Handlers (Hard option)
You can setup a custom email action handler so that these actions take place directly on your website, rather than on the firebase hosted page. This is a more integrated experience.
This can handle
Resetting passwords
Revoking email address changes—when users change
their accounts' primary email addresses, Firebase sends an email to
their old addresses that allow them to undo the change
Verifying email addresses
1. Create your custom email handler page
custom email action handler page - firebase docs
2. Update Email Template In Firebase
This can be done under Authentication -> Templates -> Email Address Verification -> Customize Action URL
Option 2 - Just Redirect (Easy option)
Link the email back to a page on your website, that will immediately perform a javascript redirect to the [project].firebaseapp.com authentication page, carrying through the URL parameters required to perform necessary verifications and changes.
For Example
action url for email template: https://www.yourdomain.com/account-action (firebase will attach the appropriate params to the url automatically)
Javascript redirect on your website goes to ”https://project-name.firebaseapp.com/__/auth/action?” + params
I recommend ensuring you implement the continueUrl in your verification email delivery so that the user can easily get back to your website.
If you're using Firebase hosting, and you're serving from their built-in your-project.web.app address, then you can simply use the other built-in, your-project.firebaseapp.com, as your site address instead -- no configuration needed.
The .web.app address is a bit sexier, but the various action emails are actually sent from the .firebaseapp.com, and Outlook is suspicious of the mismatch. Having users originate from the .firebaseapp.com address solves the issue.
I opened a GitHub issue about this: https://github.com/firebase/firebase-js-sdk/issues/5021][1]
I have a WP multisite installation with various users each having their own installation
Ie
www.mysite.com/fearghal
www.mysite.com/john
etc.
Is there a way I can use one Twitter application that will allow each user to update their status? I know with one site it is simple, but with multiple url's like WP MS - could be tricky with various callback urls.
Any ideas folks?
You can do that. When you get a request token you will have to pass the callback url for that site to Twitter and callback URL will have a verifier passed to it that will need to be sent when you get an access token. You can read more about the process at http://dev.twitter.com/pages/auth