So you’re referring to the REST API? What does the script look like, especially the API request?
it is a python script: I am not a programmer, Chatgpt made it for me stepping me through everything. So I will just post the script taking out my app password so you can see. Standby please
I asked Chatgpt to explain:
I’m using a Python script to automate blog posts. It fetches product data from Amazon, then uses the WordPress REST API to upload an image and create a draft post. The key parts of the script are two functions:
- Image upload: The script downloads a product image from its source URL and then POSTs it to
https://amazingproducts.blog/wp-json/wp/v2/media. It sets Content-Disposition and Content-Typeheaders and authenticates with my WordPress username and application password. The response returns a media ID that is later attached to the post.
- Post creation: Once the HTML content is assembled, the script makes a JSON POST request to
https://amazingproducts.blog/wp-json/wp/v2/posts using the requests library. Here is the core of that function:
def post_to_wordpress(wp_url, username, app_password, title, content_html, excerpt, status="draft"): post_endpoint = f"{wp_url}/wp-json/wp/v2/posts" auth = (username, app_password) data = { "title": title, "content": content_html, "excerpt": excerpt, "status": status, # set to "draft" } response = requests.post(post_endpoint, json=data, auth=auth, timeout=10) response.raise_for_status() return response.json().get("link")
This uses Basic Authentication with a WordPress application password and supplies the post title, full HTML content (≈16 kB), a short excerpt, and a status of "draft" so I can review the post before publishing.
What’s working and what’s not
- I can successfully upload a small test post via the REST API using a curl command (
-X POST -d '{"title": "API Test", "content": "This is a test", "status": "draft"}'). That returns a JSON object and creates a draft.
- When the Python script tries to create a larger post (~16 kB of HTML), the request returns
403 Forbidden, and the draft isn’t created. The same credentials are used in both cases.
Given that the REST API and my credentials work for small payloads, I’m wondering if WP Engine has a size limit or security rule (e.g., a WAF) that rejects larger POST bodies. If so, could you advise how to adjust that setting or whether it’s tied to my plan? The script is available if you need more context (I’m happy to share it without my password).
Thank you for your help!
If you have any questions about WP Engine, please contact their support team: https://wpengine.com/support/
I would recommend testing it with curl first, as you can be sure that it works (if it works). Only then should you adapt the request in your programming language.
Also, make sure that you don’t have any plugins in WordPress that affect the REST API. This includes security plugins.
Thanks, but I did the curl test and it works
I will contact wpengine. Thank you
