• I am working on this website for a client. I did not create this site, I only help with additions/changes. They work with a company called Kenect that provided script for the “chat” module. I installed that last year without incident. Now they are working with Kenect to install a “carousel” to the site. Kenect provided me with the script (which we tested on https://www.w3schools.com and it works). We’ve tried putting the script in the page as a code block, we also tried using the WP Headers and Footers plugin and we’ve tried the Code Snippets plugin. We think Wordfence may be causing it to not display on the site. We agreed to the allowlist prompt when we added the script. We also put the firewall into learning mode. I am not sure what else to do. The support team at Kenect said they have done all they can do and to contact WP for support at this point.

    The page I need help with: [log in to see the link]

Viewing 11 replies - 1 through 11 (of 11 total)
  • What kind of script is it and where do you currently have it installed?

    Thread Starter loribethnc

    (@loribethnc)

    This is the script”
    <script async src=’https://review-carousel-resource.kenect.com/reviews_widget.min.js&#8217; data-publicId=’o6MF-32GYGLO6VfhDy1cWjk’ type=’text/javascript’></script>

    It’s a carousel and the script was provided by a company called Kenect. The script is in a “code block” that was added to the home page of the site right below the “contact” today button


    The script is not loaded because of CSPO headers in your page. You must adapt the CSPO headers so that the script is also integrated. I don’t see what you have configured CSPO with, if you can’t find it yourself, first look for a security plugin in the project, then in the hosting itself if necessary.

    Thread Starter loribethnc

    (@loribethnc)

    I’m not a code writer, just a marketing/graphic designer. I don’t know what a CSPO is. There is some code in the header section on the WP Header and Footer plug in. Are you saying I need to add this script to that section after the code that’s already there?

    Thread Starter loribethnc

    (@loribethnc)

    Tried adding it after the code that was in the header area. That didn’t work.

    Thread Starter loribethnc

    (@loribethnc)

    The site is running Wordfence. I am not sure if that’s causing an issue? I did add the action to the approved list when the script was added. That’s the only thing we could think of.

    CSPO or CSP stands for Content Security Policy. This is set in the HTTP header, so it is not visible in the HTML code. It seems to me that you are not responsible for this, so I would recommend that you contact the host’s support.

    Thread Starter loribethnc

    (@loribethnc)

    I couldn’t find any info from Google for CSPO. I did find CSP. The site was build with WP “Staxx” which I’m not familiar with. I primarily use Divi Builder. We manage the website for this client now. It looks as though the website was built about 10 years ago. We are their IT company now and I am the marketing person that helps with websites. I didn’t built this so I’m going behind whomever did to try to update/edit it as needed. We host the site as well through Pressable. Any help you can provide for finding why this isn’t functioning properly would be GREATLY appreciated. I’ve been round and round with Kenect and WP forums trying to fix this for over a week now.

    As already written, the host should be the most likely to be able to help with this. If you can’t rely on them, you could try deactivating all plugins to see if that improves the situation. If it works without all plugins, you can reactivate them individually to see when it stops working. However, if it doesn’t work without all plugins, then it must be the hosting.

    Since you are using the commercial theme/page builder Divi, you should also ask their support whether it could be due to a setting on their part: https://divi.help/ – since this is a commercial product, they cannot help you with this one.

    If you are looking for personal support and cannot get it from your host, for example, I would recommend looking for someone here: https://jobs.wordpress.net

    Hello @loribethnc,

    This is not related to a plugin or a theme, it’s a hosting side. Show this screenshot to your hosting -> https://prnt.sc/eCKYtot8-46I – tell them that you need to change the Content Security Policy directive to allow resources to load from https://review-carousel-resource.kenect.com

    They will know what to do, it seems they use nginx, so they will need to tweak nginx configuration to add that directive.

    Kind Regards.

    Thread Starter loribethnc

    (@loribethnc)

    @wpmajestic THANK you for your kind response. I am working with the host company we use and hopefully this info will help them get this working.

Viewing 11 replies - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.