Greate experience, while vulnerable somehow - [Smart Forms - when you need more than just a contact form] Review | ww.wp.xz.cn

betrAtr6nE8H
(@cheonsoon)

9 years, 10 months ago

it owns a greate experience for my newly built website, while, when I block my wp-admin page for some security reason, I found that, the forms post request were also blocked. Because the request url contains something like ** admin-ajax.php … **. But why the frontend should request something to backend admin, and how to avoid it?

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author EDGARROJAS
(@edgarrojas)

9 years, 10 months ago

Hello!

Thanks for your review =).

Regarding the admin-ajax.php that is a general wordpress page that is used by any plugin to do ajax requests (which are like requests to the website without the need of refreshing the page, in my case in the front end it is used to save the form information).

Although the name of the page has the word ‘admin’ it doesn’t mean that it is doing back end admin/insecure requests, it is perfectly fine and secure (and actually is a best practice to use it) to do request to that page from the front end.

Here are a couple of links that could help in case you want to learn more about admin-ajax:
http://code.tutsplus.com/articles/more-tips-for-best-practices-in-wordpress-development–cms-21013
https://codex.ww.wp.xz.cn/AJAX_in_Plugins

Hope this helps but if it doesn’t please let me know =) (by creating a support ticket here please: smartforms.uservoice.com)

Regards.

Thread Starter betrAtr6nE8H
(@cheonsoon)

9 years, 10 months ago

Hello, Haha, I think I have got it(⊙o⊙)
Thanks for your detailed reply, and the two reference links~~

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Greate experience, while vulnerable somehow’ is closed to new replies.

2 replies
2 participants
Last reply from: betrAtr6nE8H
Last activity: 9 years, 10 months ago