Is it possible to whitelist access to a headless Wordpress instance (serving a graphQL endpoint) during build time? As .htaccess is being phased out by WPEngine (the instance host), the configuration would need to be done via their nginx config.
Essentially our client wishes to lock down access to the wp-admin dashboard (which will be whitelisted to the admin’s IP address). However they also wish to limit access to the endpoint to only the developer’s IP for local testing and also to netlify as it consumes the api at build time.
As the netlify IPs are subject to change I’ve been advised that this wouldn’t necessarily be suitable and that something around netlify.app would be more appropriate. Just wanted to check if anyone else had done something similar and had an example nginx directive that I could pass on to WP Engine to implement.
The frontend is a GatsbyJS site which builds upon pushes to bitbucket.