Printify – WooCommerce delete products 403 error

[AITpro Admin]

Email Question:

Hi,

Hope you are doing well.

I use your BPS pro plugin to protect our woocommerce based website and I needed your kind help to stop the plugin from interfering with the sync between my store and printify. (A print on demand provider with excellent woocommerce integration).

In short, we manage products on printify backend which uses REST api of woocommerce and webhooks to maintain sync between their backend and woocommerce. They have their own APIs as well which can be used to manage the shop programmatically.

Presently, I can publish products from printify backed to my store but when I try to delete them from printify backend , it should also delete in woocommerce, which is not happening..I did not yet test modifying product details which should also ideally sync but I have a feeling it might get blocked.

Maybe I am wrong but this is the security log which indicates your plugin blocked the printify API request?

[403 GET Request: September 5, 2025 - 7:35 pm]
BPS Pro: 17.5
WP: 6.8.2
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 13.58.237.109
Host Name: ec2-13-58-237-109.us-east-2.compute.amazonaws.com
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP: 
HTTP_FORWARDED: 
HTTP_X_FORWARDED_FOR: 13.58.237.109
HTTP_X_CLUSTER_CLIENT_IP: 
REQUEST_METHOD: GET
HTTP_REFERER: 
REQUEST_URI: /wp-json/wc/v3/products/447
QUERY_STRING: 
HTTP_USER_AGENT: Printify API/1.0

[403 GET Request: September 5, 2025 - 7:37 pm]
BPS Pro: 17.5
WP: 6.8.2
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 3.130.91.167
Host Name: ec2-3-130-91-167.us-east-2.compute.amazonaws.com
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP: 
HTTP_FORWARDED: 
HTTP_X_FORWARDED_FOR: 3.130.91.167
HTTP_X_CLUSTER_CLIENT_IP: 
REQUEST_METHOD: GET
HTTP_REFERER: 
REQUEST_URI: /wp-json/wc/v3/products/390
QUERY_STRING: 
HTTP_USER_AGENT: Printify API/1.0

Kindly let me know how to whitelist printify in its entirety since the sync is very important before we go live with orders. Nothing from them should be blocked.

Lastly, please let me know if I need to whitelist the cart or anything else if I use woocommerce since your help articles are from many years back and maybe your present plugin auto white lists everything as needed such as our Stripe payment plugin?

Printify is a print on demand provider and it is among the world’s largest and hence for your future clients you can whitelist them by default to save you time (assuming I am right about your plugin might be blocking :).

Have a nice ay ahead.

Best Regards,
WA

[AITpro Admin]

The Security Log entries do not contain anything that would be blocked by BPS. So what is happening is a JavaScript DELETE Request is occurring and the remaining GET Request is being logged. Use the solution below.

DELETE has been removed from the modified custom code below.
1. Copy the code below into this Root Custom Code text box: 9. CUSTOM CODE REQUEST METHODS FILTERED
2. Click the Save Root Custom Code button.
3. Go to the BPS Setup Wizard page and click the Pre-Installation Wizard and Setup Wizard buttons.

# REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]

[Author]

Posts