diff --git a/includes/class-signature.php b/includes/class-signature.php
index 59d20c7..47ab002 100644
--- a/includes/class-signature.php
+++ b/includes/class-signature.php
@@ -195,8 +195,7 @@ class Signature {
 			}
 		}
 
-		strtok( $signature_block['keyId'], '?');
-		$public_key = \Activitypub\get_remote_metadata_by_actor( $signature_block['keyId'] ); // phpcs:ignore
+		$public_key = \Activitypub\get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $signature_block['keyId'] ), '?' ) ); // phpcs:ignore
 		if ( \is_wp_error( $public_key ) ) {
 			return $public_key;
 		} else {
diff --git a/includes/rest/class-server.php b/includes/rest/class-server.php
index fb3e569..585b68b 100644
--- a/includes/rest/class-server.php
+++ b/includes/rest/class-server.php
@@ -90,13 +90,13 @@ class Server {
 				}
 			} else {
 				// SecureMode/Authorized fetch.
-				// $secure_mode = \get_option( 'activitypub_use_secure_mode', '0' );
-				// if ( $secure_mode ) {
-				//	$verified_request = Signature::verify_http_signature( $request );
-				// 	if ( \is_wp_error( $verified_request ) ) {
-				// 		return $verified_request;
-				// 	}
-				// }
+				$secure_mode = \get_option( 'activitypub_use_secure_mode', '0' );
+				if ( $secure_mode ) {
+					$verified_request = Signature::verify_http_signature( $request );
+					if ( \is_wp_error( $verified_request ) ) {
+						return $verified_request;
+					}
+				}
 			}
 		}
 	}