Title: CDNs and API?
Last modified: June 26, 2020

---

# CDNs and API?

 *  Resolved [cousinvinnymarketing](https://wordpress.org/support/users/cousinvinnymarketing/)
 * (@cousinvinnymarketing)
 * [5 years, 11 months ago](https://wordpress.org/support/topic/cdns-and-api/)
 * Hello,
 * Great work on the plugin, super useful and works great.
 * However, I can only get it fully working if I’m using no restrictions on the 
   API. This is a security/financial risk since the API key is exposed to unauthorized
   use.
 * I’ve set up the required APIs with their associated restriction (referrer & IP).
   For the Distance Matrix, I’m getting the error:
 * `Google Distance Matrix API error: REQUEST_DENIED - This IP, site or mobile application
   is not authorized to use this API key. Request received from IP address 35.188.192.47,
   with referer: https://maps.googleapis.com/maps/api/distancematrix/json?origins
   =-6.178784361374902,106.82303292695315&destinations=-6.181472315327319,106.8170462364319&
   key=THISISMYAPIKEY&avoid&language=en_US&units=metric&mode=driving`
 * I’ve made sure I’m using the correct IP address (using Flywheel for managed hosting
   and they give this to you in your dashboard). The IP above is not my Flywheel-
   provided IP, could it be because I use a CDN? If so what, any idea on a solution?
 * Thanks in advance!

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Thread Starter [cousinvinnymarketing](https://wordpress.org/support/users/cousinvinnymarketing/)
 * (@cousinvinnymarketing)
 * [5 years, 11 months ago](https://wordpress.org/support/topic/cdns-and-api/#post-13059708)
 * Hello,
 * I figured out that my provider cannot provide a static IP because they’re using
   Google Cloud w/ load balancers.
 * Given that the plugin recommends disabling the security, is Distance Matrix API
   calling on the backend, out of view of public, and then pushing the information
   to the front end?
 * That’s the only scenario I could imagine that you would recommend disabling API
   key security, for most non-tech users anyway.
 *  Plugin Author [Sofyan Sitorus](https://wordpress.org/support/users/sofyansitorus/)
 * (@sofyansitorus)
 * [5 years, 11 months ago](https://wordpress.org/support/topic/cdns-and-api/#post-13060383)
 * Hello Sir,
 * I think it will be fine if the API Key restriction is disabled in Google API 
   Key console.
 * Only user with administrator role that can view your API key when accessing the
   plugin settings page. I am pretty sure administrator users are not public.
 * The request to API server made using CURL which is not visible to the public.
 * Sofyan
    -  This reply was modified 5 years, 11 months ago by [Sofyan Sitorus](https://wordpress.org/support/users/sofyansitorus/).

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘CDNs and API?’ is closed to new replies.

 * ![](https://ps.w.org/wcsdm/assets/icon-256x256.png?rev=3405790)
 * [WooReer](https://wordpress.org/plugins/wcsdm/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wcsdm/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wcsdm/)
 * [Active Topics](https://wordpress.org/support/plugin/wcsdm/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wcsdm/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wcsdm/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [Sofyan Sitorus](https://wordpress.org/support/users/sofyansitorus/)
 * Last activity: [5 years, 11 months ago](https://wordpress.org/support/topic/cdns-and-api/#post-13060383)
 * Status: resolved