Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #46104
    projectego
    Guest

    Hi,

    I’ve installed the Cloudflare extension for W3 Total Cache. The extension is working perfectly, however, my Cloudflare API key and the websites I host for clients are all accessible from this page.

    They are able to ‘reauthorize’ the extension and see my API key and client sites. Is there any way to make this data completely hidden from other users, or perhaps require that users reenter the API key in order to make any changes to this area?

    #46114

    Hello,

    Thank you for reaching out and I am happy to assist you with this.
    Unfortunately, no. The problem, in this case, is that the Global API is used to authorize Cloudflare with W3 Total Cache, which contains all sites created under a single account.
    We are working on improving this and adding the ability to use API token with required permissions per zone/domain, that way it wouldn’t have permissions to view/edit others from the Cloudflare account.
    Please make sure to follow the progress of the GitHub issue, and feel free to leave any comments which you may find helpful.
    Thanks!

Viewing 2 posts - 1 through 2 (of 2 total)
  • The topic ‘Hide sensitive details from W3 Total Cache pages?’ is closed to new replies.