Whitelist the WooCommerce API when using the Force Login Plugin

Here’s how to whitelist any WooCommerce API request when using the Force Login plugin

While the WP Force Login plugin is great for restricting access to a website that you want to keep private, it can also block requests to the WooCommerce API. We found this out the hard way after hours of digging we realized that the plugin was redirecting all of our API requests to the WordPress login page. Here’s how we solved the problem by whitelisting any URLs that start with wc-api (the start of any WooCommerce API path).

function my_forcelogin_whitelist() {
    // List of single page URLs
    $my_whitelist = array(
       // site_url('/any-directory/')
    // Add any page URL within a directory to my whitelist
    if( in_array('wc-api', explode('/', $_SERVER['REQUEST_URI'])) ) {
        $my_whitelist[] = site_url($_SERVER['REQUEST_URI']);
    return $my_whitelist;
add_filter('v_forcelogin_whitelist', 'my_forcelogin_whitelist', 10, 1);