{"id":7391,"date":"2023-03-01T11:43:13","date_gmt":"2023-03-01T17:43:13","guid":{"rendered":"https:\/\/www.knownhost.com\/kb\/?p=7391"},"modified":"2023-03-09T08:14:49","modified_gmt":"2023-03-09T14:14:49","slug":"preventing-cloud-waf-bypass","status":"publish","type":"post","link":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/","title":{"rendered":"Preventing Cloud WAF Bypass by limiting HTTP Access"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 ez-toc-wrap-right counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #212121;color:#212121\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #212121;color:#212121\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#preventing_waf_bypass\" >Preventing WAF Bypass<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#cloudflare\" >CloudFlare<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#incapsula\" >Incapsula<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#sucuri\" >Sucuri<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n\n<p>When your website is online, it&#8217;s potentially vulnerable. To combat this, online services are utilized to mask or &#8216;hide&#8217; the website&#8217;s origin IP address. This is handled by using services such as CloudFlare, Incapsula or Sucuri that offer a <a href=\"https:\/\/www.knownhost.com\/kb\/what-is-a-website-application-firewall\/\">Website Application Firewall<\/a>. These services are dependent by a large majority of individuals in today&#8217;s internet environment. The protective capabilities of these CDNs make it difficult to find the websites origin IP address. However, these CDNs are not bullet proof. There are ways to obtain the origin IP address behind such service. When this has happened, it creates a attack vector on your websites web server.<\/p>\n\n\n\n<p>When an attacker has the origin IP for your website it allows them to hit the web server directly as they&#8217;ve now fully circumvented the protective cloud service. Your web service is now at the mercy of the attack that&#8217;s likely occurring or going to occur in the future. This isn&#8217;t being said to alarm you, just bring attention to the possibilities of what could happen. Such attack vectors as this can be mitigated when you introduce a layered configuration into your environment. Utilizing configurations that allow the origin web server to restrict all inbound traffic to the set IP addresses of the chosen Cloud services WAF. <\/p>\n\n\n\n<p>Such a configuration will prevent malicious requests from bypassing the WAF even if they have the servers origin IP address. Attempts made would result in a 403 Forbidden error or a web server timeout. which given would depend on the CDN\/WAF service used. Attackers with the origin IP would no longer be able to negatively affect your website operations since the malicious requests are now being filtered.<\/p>\n\n\n\n<p>This is a hardening technique that isn&#8217;t as common as it should be, some WordPress Plugins (like Sucuri) can do it natively. This hardening technique is accomplished by utilizing the webservers configuration, whether it be Apache or Nginx. It&#8217;s important to know that this won&#8217;t prevent DDoS attacks against the origin IP as those attack vectors are usually not towards the web server and more other services. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"preventing_waf_bypass\"><\/span>Preventing WAF Bypass<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"cloudflare\"><\/span>CloudFlare<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>Apache (.htaccess):<\/strong><\/p>\n\n\n\n<p>Servers using the Apache webserver should add the following to the top of their .htaccess file<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;FilesMatch \".*\"&gt;\nOrder deny,allow \nDeny from all\nAllow from 103.21.244.0\/22\nAllow from 173.245.48.0\/20\nAllow from 103.21.244.0\/22\nAllow from 103.22.200.0\/22\nAllow from 103.31.4.0\/22\nAllow from 141.101.64.0\/18\nAllow from 108.162.192.0\/18\nAllow from 190.93.240.0\/20\nAllow from 188.114.96.0\/20\nAllow from 197.234.240.0\/22\nAllow from 198.41.128.0\/17\nAllow from 162.158.0.0\/15\nAllow from 104.16.0.0\/13\nAllow from 104.24.0.0\/14\nAllow from 172.64.0.0\/13\nAllow from 131.0.72.0\/22\nAllow from 2400:cb00::\/32\nAllow from 2405:8100::\/32\nAllow from 2405:b500::\/32\nAllow from 2606:4700::\/32\nAllow from 2803:f800::\/32\nAllow from 2c0f:f248::\/32\nAllow from 2a06:98c0::\/29\n&lt;\/FilesMatch&gt;<\/code><\/pre>\n\n\n\n<p id=\"line1\"><strong>Nginx (ngx_http_access_module):<\/strong> <br><br>Servers using Nginx would add this to their site configuration file<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>location \/ {\nAllow 173.245.48.0\/20;\nAllow 103.21.244.0\/22;\nAllow 103.22.200.0\/2;2\nAllow 103.31.4.0\/22;\nAllow 141.101.64.0\/18;\nAllow 108.162.192.0\/18;\nAllow 190.93.240.0\/20;\nAllow 188.114.96.0\/20;\nAllow 197.234.240.0\/22;\nAllow 198.41.128.0\/17;\nAllow 162.158.0.0\/15;\nAllow 104.16.0.0\/13;\nAllow 104.24.0.0\/14;\nAllow 172.64.0.0\/13;\nAllow 131.0.72.0\/22;\nAllow 2400:cb00::\/32;\nAllow 2405:8100::\/32;\nAllow 2405:b500::\/32;\nAllow 2606:4700::\/32;\nAllow 2803:f800::\/32;\nAllow 2c0f:f248::\/32;\nAllow 2a06:98c0::\/29;\n\ndeny all;\n    # Existing NGINX rules\n}<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"incapsula\"><\/span>Incapsula<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>Apache (.htaccess):<\/strong><\/p>\n\n\n\n<p>Servers using the Apache webserver should add the following to the top of their .htaccess file<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;FilesMatch \".*\"&gt;\nOrder deny,allow \nDeny from all\nallow from 199.83.128.0\/21\nallow from 198.143.32.0\/19\nallow from 149.126.72.0\/21\nallow from 103.28.248.0\/22\nallow from 185.11.124.0\/22\nallow from 45.64.64.0\/22\nallow from 192.230.64.0\/18\nallow from 107.154.126.0\/24\nallow from 2a02:e980::\/29\n&lt;\/FilesMatch&gt;<\/code><\/pre>\n\n\n\n<p id=\"line1\"><strong>Nginx (ngx_http_access_module):<\/strong> <br><br>Servers using Ngix would add this to their site configuration file<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>location \/ {\n# allow Incapsula\nallow 199.83.128.0\/21;\nallow 198.143.32.0\/19;\nallow 149.126.72.0\/21;\nallow 103.28.248.0\/22;\nallow 185.11.124.0\/22;\nallow 45.64.64.0\/22;\nallow 192.230.64.0\/18;\nallow 107.154.126.0\/24;\nallow 2a02:e980::\/29;\n\n# nobody else gets in\ndeny all;\n}<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"sucuri\"><\/span>Sucuri<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>Apache &amp; Nginx Instructions:<\/strong><\/p>\n\n\n\n<p>Sucuri has a section within their dashboard that provides instructions on how to limit HTTP Access to only their Sucuri CloudProxy. Found in Settings &gt; Security (tab).<\/p>\n\n\n\n<p>Alternatively, you can find it here: <a href=\"https:\/\/docs.sucuri.net\/website-firewall\/configuration\/prevent-sucuri-firewall-bypass\/\">docs.sucuri.net\/website-firewall\/configuration\/prevent-sucuri-firewall-bypass\/<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"conclusion\"><span class=\"ez-toc-section\" id=\"conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>We&#8217;ve covered how to prevent WAF bypassing and hardening the configuration to further protect your website when using a CDN service. We hope that this was informational.<\/p>\n\n\n\n<p>KnownHost offers 365 days a year, 24 hours a day, all 7 days of the week best in class technical support. A dedicated team ready to help you should you need our assistance. You\u2019re not using KnownHost for the best webhosting experience? Well, why not? Check with&nbsp;<a href=\"https:\/\/www.knownhost.com\/contact\">our Sales team<\/a>&nbsp;to see what can KnownHost do for you in improving your webhosting experience.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When your website is online, it&#8217;s potentially vulnerable. To combat this, online services are utilized to mask or &#8216;hide&#8217; the website&#8217;s origin IP address. This is handled by using services such as CloudFlare, Incapsula or Sucuri that offer a Website Application Firewall. These services are dependent by a large majority of individuals in today&#8217;s internet [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[92],"tags":[181,660,188,661,662,465,466],"class_list":["post-7391","post","type-post","status-publish","format-standard","hentry","category-technical-support","tag-apache","tag-cdn","tag-cloudflare","tag-incapsula","tag-nginx","tag-waf","tag-website-application-firewall"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Preventing Cloud WAF Bypass by limiting HTTP Access - KnownHost<\/title>\n<meta name=\"description\" content=\"Learn with KnownHost how you can protect your website when using certain Cloud WAF services by hardening your website against WAF Bypass.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Preventing Cloud WAF Bypass by limiting HTTP Access - KnownHost\" \/>\n<meta property=\"og:description\" content=\"Learn with KnownHost how you can protect your website when using certain Cloud WAF services by hardening your website against WAF Bypass.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/\" \/>\n<meta property=\"og:site_name\" content=\"KnownHost\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-01T17:43:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-09T14:14:49+00:00\" \/>\n<meta name=\"author\" content=\"Jonathan K. W.\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jonathan K. W.\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/\"},\"author\":{\"name\":\"Jonathan K. W.\",\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/#\\\/schema\\\/person\\\/3db6e20d1f33519cd68fe0ba1230a48b\"},\"headline\":\"Preventing Cloud WAF Bypass by limiting HTTP Access\",\"datePublished\":\"2023-03-01T17:43:13+00:00\",\"dateModified\":\"2023-03-09T14:14:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/\"},\"wordCount\":562,\"keywords\":[\"apache\",\"cdn\",\"cloudflare\",\"incapsula\",\"nginx\",\"waf\",\"website application firewall\"],\"articleSection\":[\"Technical Support\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/\",\"url\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/\",\"name\":\"Preventing Cloud WAF Bypass by limiting HTTP Access - KnownHost\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/#website\"},\"datePublished\":\"2023-03-01T17:43:13+00:00\",\"dateModified\":\"2023-03-09T14:14:49+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/#\\\/schema\\\/person\\\/3db6e20d1f33519cd68fe0ba1230a48b\"},\"description\":\"Learn with KnownHost how you can protect your website when using certain Cloud WAF services by hardening your website against WAF Bypass.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/preventing-cloud-waf-bypass\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Preventing Cloud WAF Bypass by limiting HTTP Access\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/#website\",\"url\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/\",\"name\":\"KnownHost\",\"description\":\"KnownHost provides a comprehensive webhosting knowledge base to help answer many of your common webhosting and linux questions.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.knownhost.com\\\/kb\\\/#\\\/schema\\\/person\\\/3db6e20d1f33519cd68fe0ba1230a48b\",\"name\":\"Jonathan K. W.\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f432b99e6651fe8d1deb57a285bd84e806f1c9ae8b4c6c585d7e3a0b33789ad9?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f432b99e6651fe8d1deb57a285bd84e806f1c9ae8b4c6c585d7e3a0b33789ad9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f432b99e6651fe8d1deb57a285bd84e806f1c9ae8b4c6c585d7e3a0b33789ad9?s=96&d=mm&r=g\",\"caption\":\"Jonathan K. W.\"},\"sameAs\":[\"https:\\\/\\\/www.knownhost.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Preventing Cloud WAF Bypass by limiting HTTP Access - KnownHost","description":"Learn with KnownHost how you can protect your website when using certain Cloud WAF services by hardening your website against WAF Bypass.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/","og_locale":"en_US","og_type":"article","og_title":"Preventing Cloud WAF Bypass by limiting HTTP Access - KnownHost","og_description":"Learn with KnownHost how you can protect your website when using certain Cloud WAF services by hardening your website against WAF Bypass.","og_url":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/","og_site_name":"KnownHost","article_published_time":"2023-03-01T17:43:13+00:00","article_modified_time":"2023-03-09T14:14:49+00:00","author":"Jonathan K. W.","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jonathan K. W.","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#article","isPartOf":{"@id":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/"},"author":{"name":"Jonathan K. W.","@id":"https:\/\/www.knownhost.com\/kb\/#\/schema\/person\/3db6e20d1f33519cd68fe0ba1230a48b"},"headline":"Preventing Cloud WAF Bypass by limiting HTTP Access","datePublished":"2023-03-01T17:43:13+00:00","dateModified":"2023-03-09T14:14:49+00:00","mainEntityOfPage":{"@id":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/"},"wordCount":562,"keywords":["apache","cdn","cloudflare","incapsula","nginx","waf","website application firewall"],"articleSection":["Technical Support"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/","url":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/","name":"Preventing Cloud WAF Bypass by limiting HTTP Access - KnownHost","isPartOf":{"@id":"https:\/\/www.knownhost.com\/kb\/#website"},"datePublished":"2023-03-01T17:43:13+00:00","dateModified":"2023-03-09T14:14:49+00:00","author":{"@id":"https:\/\/www.knownhost.com\/kb\/#\/schema\/person\/3db6e20d1f33519cd68fe0ba1230a48b"},"description":"Learn with KnownHost how you can protect your website when using certain Cloud WAF services by hardening your website against WAF Bypass.","breadcrumb":{"@id":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.knownhost.com\/kb\/preventing-cloud-waf-bypass\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.knownhost.com\/kb\/"},{"@type":"ListItem","position":2,"name":"Preventing Cloud WAF Bypass by limiting HTTP Access"}]},{"@type":"WebSite","@id":"https:\/\/www.knownhost.com\/kb\/#website","url":"https:\/\/www.knownhost.com\/kb\/","name":"KnownHost","description":"KnownHost provides a comprehensive webhosting knowledge base to help answer many of your common webhosting and linux questions.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.knownhost.com\/kb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.knownhost.com\/kb\/#\/schema\/person\/3db6e20d1f33519cd68fe0ba1230a48b","name":"Jonathan K. W.","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f432b99e6651fe8d1deb57a285bd84e806f1c9ae8b4c6c585d7e3a0b33789ad9?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f432b99e6651fe8d1deb57a285bd84e806f1c9ae8b4c6c585d7e3a0b33789ad9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f432b99e6651fe8d1deb57a285bd84e806f1c9ae8b4c6c585d7e3a0b33789ad9?s=96&d=mm&r=g","caption":"Jonathan K. W."},"sameAs":["https:\/\/www.knownhost.com"]}]}},"_links":{"self":[{"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/posts\/7391","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/comments?post=7391"}],"version-history":[{"count":0,"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/posts\/7391\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/media?parent=7391"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/categories?post=7391"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.knownhost.com\/kb\/wp-json\/wp\/v2\/tags?post=7391"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}