[Resolved] Toolset Maps and Google Maps API restrictions
This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.
Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.
No supporters are available to work today on Toolset forum. Feel free to create tickets and we will handle it as soon as we are online. Thank you for your understanding.
Google has started sending notifications to API key owners when credentials are publicly exposed on sites and not sufficiently restricted. Toolset has always had this problem and it has, at times, cost me and my clients a fair amount of money in API usage fees when credentials get stolen and abused.
Is Toolset ever going to enhance Maps so that we can use http referrer restrictions on the front-end Google Maps API Key credentials?
Hi Minesh, I know how to restrict Maps API keys. Toolset's documentation says that we cannot use http referrer restrictions. My question is whether that will ever change?
I have the browser keys restricted to javascript api and places api but I'd also like to restrict them to requests referred from the web server as I'm still seeing some abuse of the APIs with the restrictions that work with Toolset Maps and my clients are now getting emails from Google saying their API keys aren't well enough protected.