Was there a change to CustomHttpHeaders recemtly?

Hello (I accidentally posted this as a comment on a question marked as Answered so I doubt anyone with solutions would read it. So sorry for reposting this as its own thread)

I have used it for more than a year and it has worked fine but it has recently (It seemed to have happened around 9-11 am GMT+01 the 20th of july) stopped working for me.

I have the following configuration on the dashboard

and then on our side (php) seen:
$_SERVER["HTTP_HIDDEN_API_KEY"] === "some-very-secure-api-key-lolz"

And it has worked fine, but that has recently stopped working.

$_SERVER["HTTP_HIDDEN_API_KEY"] is no longer set (and the value "some-very-secure-api-key-lolz" is not assigned to any variable). And that is even though we haven't edited CustomHttpHeaders (nor any of the other webhooks.)

Has there been any changes to this?


  • Hi @UpstairsDigital,

    Thank you for reporting this.
    I will investigate and get back to you.
  • Hi @UpstairsDigital,

    I was not able to reproduce this issue.
    CustomHttpHeaders is working properly as expected.
    I ran some tests and checked this.

    Make sure there is nothing wrong on your end.
  • Ah that is excellent.

    The real culprit was our hosting provider or apache. They updated the version of apache which dropped changed some of the default settings, here is the snippet that affected us: "Headers containing invalid characters (including underscores) are now silently dropped."

    We had underscores in our header, so this was a simple fix.
  • OK.
    Good to know.
    Thanks for the heads up and all the info.
    I'm glad you solved this easily and quickly.
Sign In or Register to comment.