If the WordPress or MainWP REST API endpoints are not responding or the data cannot be exchanged, it’s likely that your WordPress REST API is disabled or not reachable.
Enabling the WordPress REST API on your MainWP Dashboard
By default, the REST API is active on your WordPress site, serving as a typical protocol for communication. There is no increased security risk associated with keeping the REST API active in contrast with the traditional methods that WordPress plugins use to facilitate communication between the client and server.
Check Permalink settings
Due to a WordPress limitation, REST API will not work with Plain permalinks.
To change Permalink settings,
Go to WP Admin > Settings > Permalinks Page
Choose any settings except for Plain (this is a WordPress REST API limitation)
Check if other plugins are disabling REST API
However, certain plugins give you, the site administrator, the option to turn off the REST API. The usual reasons for doing so include a wish to improve site performance or to tighten security measures. Nonetheless, deactivating the REST API is not commonly an effective strategy for achieving better performance or enhanced security.
Here is a list of plugins that have the capability to deactivate the REST API. Initially, none of these plugins disable the REST API; they simply possess the feature to disable it if you decide to implement it:
Solid Security (formerly iThemes Security)
Wordfence Security
All-In-One Security (AIOS)
Sucuri Security
Perfmatters
Cloudflare WAF
Swift Performance
Shield Security
WP Hide & Security Enhancer
BulletProof Security
NinjaFirewall (WP Edition)
Hide My WP Ghost
Clearfy Cache
WP OAuth Server
Disable REST API
Password Protected
Titan Anti-spam & Security
WP REST API Controller
Furthermore, you have the ability to limit access to the REST API within your web server’s configuration settings, commonly within Apache2 or NGINX. This restriction can be implemented deliberately or inadvertently by blocking requests that initiate with /wp-json/
How to check if the REST API is unreachable
You can check if REST API is unreachable on your site by visiting this URL https://your-dashboard-url.com/wp-json/.
If the block is in place, you will receive a message similar to this one: {"code":"rest_cannot_access","message":"DRA: Only authenticated users can access the REST API.","data":{"status":401}}
In that case, try disabling the security and/or performance plugins until you find the culprit, and then look for a setting in that particular plugin that affects this behavior.
These three REST API endpoints must be accessible for the MainWP Browser Extension to work:
/mainwp/v1/sites/all-sites
/mainwp/v1/sites/sites-available-updates-count
/mainwp/v1/site/non-mainwp-changes-count