After happily posting my post 10 days ago, I had to less happily realise that we don’t, actually, federate. Something was, in fact, fucky.
But now I think I figured out.
See the problem was that even though I could find my blog’s handle on Mastodon and initiate a follow, it wouldn’t actually work: my follow would get stuck in a perpetual follow request state, and would not show up in my ActivityPub plugin settings on the blog admin.
Webfinger generally worked:
Neither my php-fpm error log, nor Nginx errorlog contained anything. The request seemingly made it fine to WordPress, then fell into the void.
BUT THEN.
I remembered this blog uses the WP Cerber hardening plugin, which, among other things, restricts use of the WP REST API. It didn’t click right away (in fact it took me these 10 days between seeing the problem with my “And now we federate” post and resolving it), but REST API also covers anything under /wp-json/.
So all I needed to do was add “activitypub” as an allowed namespace (WP Cerber allows you to do this for specific namespaces under the Hardening tab on its admin interface), and tada.wav — it works.
So yeah, now we really federate (WordPress).
@blog my federation finally works on my hardened wp setup! o/ all i needed to do was whitelist the activitypub wp-json namespace. if you have a hardened blog and get stuck at that perpetual "follow request" issue, you might need to do that. thx for this great plugin to @pfefferle 🤜🤛
@blog well hello there!