Wordpress Rest API reverse Proxy

Question

I am trying to setup reverse proxy with wordpress and exclude couple of paths. My exclude rules work for admin, includes, ..etc but it doesn't work for /wp-json/. I am suspecting it is because of the .htaccess. I need wordpress to return the rest api data because I use that in gatsbyjs.

I have spent the whole day trying to figure this out. For some reason with my setup /wp-json/ returns 404 and it is proxied to the netlify server where the front-end part of my site lives. If I remove all the proxy rules wp-json works.

.htaccess contains the default wordpress stuff.

Here is a pastebin of my virtual host: https://pastebin.com/vFh6hCkN

<IfModule mod_ssl.c>
   <VirtualHost *:443>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.

    Protocols h2 http/1.1
    ServerName  www.michaelharwinlaw.com
    ServerAlias michaelharwinlaw.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/

    <Directory /var/www/html>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Order allow,deny
            allow from all
    </Directory>

    SSLProxyEngine on
    ProxyPass /wp-admin/ !
    ProxyPass /wp-login/ !
    ProxyPass /wp-json/ !
    ProxyPass /wp-content/plugins/ !
    ProxyPass /wp-includes/ !
    ProxyPassMatch .*\.xml !
    ProxyPass / https://stag.michaelharwinlaw.com/
    ProxyPassReverse / https://stag.michaelharwinlaw.com/

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/mc-error.log
    CustomLog ${APACHE_LOG_DIR}/mc-access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

    Include /var/www/html/wp-content/uploads/wpseo-redirects/.redirects

    SSLCertificateFile /etc/letsencrypt/live/www.michaelharwinlaw.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/www.michaelharwinlaw.com/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

.htaccess

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Answer 1

It does not work because /wp-json is not a real file or directory, without reading the .htaccess, local requests will get a 404 not found response, so Apache will continue to forward the request to remote server.

To fix this URL rewriting we need to send the requests to the local index.php.

Replace ProxyPass /wp-json/ ! with

ProxyPass /index.php !
ProxyPass /wp-json !

/wp-json without the ended slash / is needed to handle request for both domain/wp-json or domain/wp-json/.

Any other non exist URL will be handled by remote server.