Home › Forums › Support Forum › PHP session › Reply To: PHP session
The session_start function is used in the optional Brute-Force Login Protection. If you have activated this protection on the Firewall Options page (found under the Anti-Malware menu in your wp-admin) then it will execute the session_start function from an include file that was added to the top line in your wp-config.php file, even if you deactivate the plugin. Deleting the plugin, or removing this line in your wp-config.php file will disable the Brute-Force Login Protection, but you can probably just ignore this warning if you want to keep the extra protection. I have yet to my session_start actually interfere with and REST API calls.
Please let me know if you have any more questions on any of this, or if you would like to report an actual conflict with your REST API usage and my session code please send me the details and I’ll look into it further.