HTTP and Wordpress module works on prelive site but won't work on live site

I have a problem with HTTP and Wordpress modules. We have 2 wordpress sites (prelive and live site).

My scenario works on prelive site but If I want to change the URL for live site then HTTP module will get 401 error (not logged in → application password is set up on both sites and URL is 100% right) and Wordpress module other hand will get 404 error. Anyone have any idea why it won’t work with live site?

Our IT team says that prelive and live sites are identical. Anyone had the same problem?

Both site have plugins installed but both sites have the same plugins…

It means that the client request has not been completed because it lacks valid authentication credentials for the requested resource. Try rechecking the authentication, and also maybe instruct your IT team to try the API on their end with the credentials you have, maybe ask them to verify the creds through Postman first.

Did you add a new connection for WordPress in your Make Scenario?


Yes I added a new connection for Wordpress in Make scenario. I was able to make a new connection in Wordpress module but wordpress module won’t load data (type etc). I also have rechecked all the authentications and all the connections are identical to prelive site…

I would suggest verifying through Postman as @Runcorn suggested.

If that fails, then it’s something on the Wordpress side.

If it’s successful, then I’d suggest raising a support ticket. If you DM me the ticket number I’ll follow up.

1 Like

Adding to the above, one of the things I had in the past on a client’s site, is that on the production/live environment a web firewall was blocking some requests, making Make unable to properly authenticate against it.

So if the production site is going through e.g. Cloudflare, that might be causing an issue.

1 Like

Yes we are using wordfence security on live site, but we already tested without wordfence and still the same… :thinking:

Hmm that’s weird. If I remember correctly though, Wordfence is by default blocking the REST API for application passwords (in an attempt to thwart bruteforce attacks).

Might be worth it to take a look there to see if they block something like that. Even when you deactivate Wordfence, some settings might still be enforced.

1 Like

Thanks for pointing that out. We will dig deeper into that :slight_smile: