[solved] 2 API questions: whitelisting and unsubbing subscriber by email

hitseveryday

New Member
1) whitelisting my IP
As soon as I add my ipv4 to the whitelist I get the error that I'm denied.

(
[_data:MailWizzApi_Params:private] => Array
(
[status] => error
[error] => Your IP address is not allowed to access this server.
)

[_readOnly:MailWizzApi_Params:private] =>
)​

2) when I work with the $endpoint->unsubscribeByEmail() method I receive this error:
(
[_data:MailWizzApi_Params:private] => Array
(
[status] => error
[error] => Method Not Allowed
)

[_readOnly:MailWizzApi_Params:private] =>
)​

If I could get my hands on the meanings of all those API error codes that would be great.
thanks!
 

twisted1919

Administrator
Staff member
@hitseveryday -
#1 - You have to enter the ip of the server, not yours. But please note that you don't have to use a whitelist, by default all requests with valid keys are allowed.
#2 - Do all calls return the error, or just for this endpoint?
 

hitseveryday

New Member
I actually want to restrict access to the API to myself only because I need to access it from my other application.

example reply from other test:

$response = $endpoint->create($list_id, array(
'EMAIL' => $email, // the confirmation email will be sent!!! Use valid email address
/*'FNAME' => 'John',
'LNAME' => 'Doe'*/
));

(
[_data:MailWizzApi_Params:private] => Array
(
[status] => error
[error] => The subscriber already exists in this list.
)

[_readOnly:MailWizzApi_Params:private] =>
)
 

hitseveryday

New Member
So to answer your questions properly:
#1 - ideally I would like to add an extra layer of security by whitelisting only my IP - I tried with various IPs but nothing works. In the code var_dump($currentIP) returns nothing, I need more time to figure out inner workings though.
#2 - I am able to create a subscriber via the API - only the removal fails.

thank you and good night
 

twisted1919

Administrator
Staff member
#1 - ideally I would like to add an extra layer of security by whitelisting only my IP - I tried with various IPs but nothing works. In the code var_dump($currentIP) returns nothing, I need more time to figure out inner workings though.
Maybe you're site is behind a proxy that doesn't set proper ip address ?
#2 - I am able to create a subscriber via the API - only the removal fails.
I'll have to test this, but if you look at the unsubscribeByEmail method you will see it is a shortcut for findByEmail() and then for unsubscribe(), so you might want to try them separately, see https://github.com/twisted1919/mail...MailWizzApi/Endpoint/ListSubscribers.php#L130 for more details.
 

hitseveryday

New Member
More light on the issue, it seems my hosting only allows get, head and post methods, quote:

"
405 : Only methods : get head post are allowed on any cpanel server with
apache, and no solution except seting up specific rewrites as shown in
example in zip file enclosed

"
and they sent me an example:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.+$ - [NC,L]
RewriteCond %{REQUEST_METHOD} (PUT|DELETE)
RewriteRule .* put.php
(and put.php is an fwrite() test file)

I'm lost tbh, sorry for all this. My webhost is very solid and I trust their judgement.
But I will leave this for tomorrow, thanks for your input.
good night
 

hitseveryday

New Member
regarding #1 - IP whitelisting:
I'm not behind a proxy but $_SERVER['REMOTE_ADDR'] is empty meaning
$currentIP = Yii::app()->request->getUserHostAddress(); won't work.
My mailer script runs on the same IP as the script calling the API. I can hack the code to make it work with
$currentIP = $_SERVER['SERVER_ADDR'];
 

hitseveryday

New Member
I'm still stuck with #1 and when I enable clean urls I get the error that I'm using the wrong API keys. Turning it back off and voila it works again.
Should I just open a support ticket?
 

twisted1919

Administrator
Staff member
I'm not behind a proxy but $_SERVER['REMOTE_ADDR'] is empty meaning
Then there's something wrong on the server, this should always be properly populated, so ask your hosting why it isn't ;)
I'm still stuck with #1 and when I enable clean urls I get the error that I'm using the wrong API keys.
Make sure you also update your api url in the code, to remove index.php from there too ;)
 

hitseveryday

New Member
I did that, doesn't work sadly.
Could you advise me on the Method not allowed part please? PUT and DELETE are disabled on many ISPs, is there not a common solution to this issue?
 

twisted1919

Administrator
Staff member
Could you advise me on the Method not allowed part please?
I don't see any reason for why these should be disabled, they are part of the HTTP specifications, so no reason to disable these.
The only way is to simply edit the php-sdk and the api code in mailwizz to use post instead of patch/put/delete.
PUT and DELETE are disabled on many ISPs,
No, they are not.
 

hitseveryday

New Member
It's just ISPs seem to shut it off to prevent information leakage, but I'll just get a separate VPS and that will be the END of this issue!
Thanks for all your support mate, I really appreciate it.
 
Top