The FooEvents Check-ins app connects to your WordPress website via the REST API. We recommend that you confirm that your website’s REST API is accessible by entering the following address in your web browser: ‘www.YOURWEBSITE.com/wp-json/fooevents/v1’. You should see a screen that displays code which starts with {"namespace":"fooevents\/v1","routes": as opposed to an error page such as 404 file not found which indicates that something is wrong with your server configuration or the REST API is blocked.
If the REST API is not accessible and the app tries to fallback to the less preferred XML-RPC connection, please check that your xmlrpc.php file is accessible. Enter ‘www.YOURSITE.com/xmlrpc.php’ in your web browser. You should see the following message if the xmlrpc.php file is accessible: “XML-RPC server accepts POST requests only.”
FooEvents uses the XML-RPC file for it’s intended purpose, however, spammers often use this file for nefarious proposes. As such, some hosting providers or security plugins may incorrectly flag the increased server requests through this file as suspicious and block the FooEvents Check-ins app from accessing the XML-RPC file.
If you have a security related plugin installed on your website such as Wordfence, please temporarily disable it and try sign-in to the app again. If you are able to sign-in, then the plugin was blocking access and will need to be permanently disabled or configured differently.
You can also ask your hosting company to ensure that there are no security restrictions on the ‘xmlrpc.php’ file which is part of WordPress and that they whitelist all IP addresses on your server for the duration of the event.
Finally, we strongly recommend that you test the app as thoroughly as possible before the event, and to be safe, make sure that you have a contingency plan in place such as a spreadsheet containing all the event attendees for example.