I’m getting “A PHP session was created by a session_start() function call. This interferes with REST API and loopback requests. The session should be closed by session_write_close() before making any HTTP requests.”
With plugin deactivated I get the same error message.
After uninstalling or simply renaming the folder the error is gone.
Does anyone else get the same error message or is it a unique incident on my setup?
The session_start function is used in the optional Brute-Force Login Protection. If you have activated this protection on the Firewall Options page (found under the Anti-Malware menu in your wp-admin) then it will execute the session_start function from an include file that was added to the top line in your wp-config.php file, even if you deactivate the plugin. Deleting the plugin, or removing this line in your wp-config.php file will disable the Brute-Force Login Protection, but you can probably just ignore this warning if you want to keep the extra protection. I have yet to my session_start actually interfere with and REST API calls.
Please let me know if you have any more questions on any of this, or if you would like to report an actual conflict with your REST API usage and my session code please send me the details and I’ll look into it further.
Thank you for the quick response and this detailed explanation. I actually don’t have any real error related to the REST API.
Nevertheless, such error output during the “health check” is annoying.
You want to have a page that is as error-free as possible. Now I can decide for myself whether I want to do without the
additional “brute force protection” or not. Thanks a lot.
