nnimis's Replies | ww.wp.xz.cn

Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] 403 on admin-ajax.php

Thread Starter nnimis
(@nnimis)

9 years, 2 months ago

Yes… well, it did the trick finally. Not sure if this is because we are upgrading from previous versions or what, but this code seemed to be generating the HTTP 403 on Ajax calls

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] 403 on admin-ajax.php

Thread Starter nnimis
(@nnimis)

9 years, 2 months ago

Apache 2 on a CentOS dedicated server, hosted on GoDaddy

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] how to avoid admin-ajax.php call as forbidden (403)

nnimis
(@nnimis)

9 years, 2 months ago

Hi all! I have faced the same issue this week, plugin Version 6.1.1
I did not have the “Filter Suspicious Query Strings in the URL” options, nor the htaccess file modified.

The solution I have found: comment some plugin code. The file is better-wp-security/core/modules/wordpress-tweaks/config-generators.php
I have commented these lines:
107: $modification .= “\t\tif (\$http_user_agent ~ \”^$\”) { return 403; }\n”;
111: $modification .= “\t\tif (\$invalid_referer) { return 403; }\n”;

Not sure how it blocks request to admin-ajax.php… The config. option affecting this behavior was ‘Comment Spam’ under ‘WordPress Tweaks’ group. I had it disabled tough… but it seemed to be irrelevant. Ajax calls started working again after commenting those lines. Hope it helps!

Viewing 3 replies - 1 through 3 (of 3 total)