Using WordPress ‘http_allowed_safe_ports’ PHP filter

by

The http_allowed_safe_ports WordPress PHP filter allows you to modify and control the list of ports considered safe in the HTTP API, enabling external requests for the HTTP request.

Table of contents

Usage

add_filter('http_allowed_safe_ports', 'your_custom_function', 10, 3);

function your_custom_function($allowed_ports, $host, $url) {
    // your custom code here

    return $allowed_ports;
}

Parameters

  • $allowed_ports (array) – An array of integers representing valid ports.
  • $host (string) – The host name of the requested URL.
  • $url (string) – The requested URL.

More information

See WordPress Developer Resources: http_allowed_safe_ports

Examples

Add a custom port to the allowed list

To allow an additional custom port for external requests, add it to the $allowed_ports array.

add_filter('http_allowed_safe_ports', 'allow_custom_port', 10, 3);

function allow_custom_port($allowed_ports, $host, $url) {
    // Add custom port 8080 to the list of allowed ports
    $allowed_ports[] = 8080;

    return $allowed_ports;
}

Restrict allowed ports to a specific host

Limit the allowed ports to a specific host by checking the $host parameter.

add_filter('http_allowed_safe_ports', 'restrict_ports_for_host', 10, 3);

function restrict_ports_for_host($allowed_ports, $host, $url) {
    // Restrict allowed ports for example.com
    if ($host === 'example.com') {
        $allowed_ports = array(80, 443);
    }

    return $allowed_ports;
}

Remove a port from the allowed list

To remove a port from the allowed list, use the array_diff function.

add_filter('http_allowed_safe_ports', 'remove_allowed_port', 10, 3);

function remove_allowed_port($allowed_ports, $host, $url) {
    // Remove port 80 from the list of allowed ports
    $allowed_ports = array_diff($allowed_ports, array(80));

    return $allowed_ports;
}

Allow all ports

Allow all ports by returning an empty array.

add_filter('http_allowed_safe_ports', 'allow_all_ports', 10, 3);

function allow_all_ports($allowed_ports, $host, $url) {
    // Allow all ports by returning an empty array
    return array();
}

Allow ports based on a specific URL pattern

Allow additional ports for URLs that match a specific pattern.

add_filter('http_allowed_safe_ports', 'allow_ports_for_pattern', 10, 3);

function allow_ports_for_pattern($allowed_ports, $host, $url) {
    // Allow port 8080 for URLs that contain "custom"
    if (strpos($url, 'custom') !== false) {
        $allowed_ports[] = 8080;
    }

    return $allowed_ports;
}

Leave a Comment

Your email address will not be published. Required fields are marked *