403 error apbct_set_important_parameters

Hello.
Seems like something is wrong with your web server’s performance.
Please, try to use admin-ajax for the Anti-Spam plugin. To do this please add in your wp-config.php this line:

define(‘APBCT_SET_AJAX_ROUTE_TYPE’, ‘admin_ajax’);

If the issue persists please contact us via our ticket system: https://cleantalk.org/my/support/open

It seems to have fixed the problem, thank you.

Can you explain the problem? Our webserver is a VPS which is running smoothly right now, with enough memory to sustain wp websites and nearly a hundred other sites. We have other WordPress sites with cleantalk running on this one, I’m going to check other sites if they have the same problem, and other sites on other servers, but if you could specify why this problem occurs so I can anticipate the problem, because I don’t like when clients call and see problems before we do.

Thanks!

Glad to know it helped!

This request is made to the website backend. The backend takes a long time to respond and the result is a 403 error. Why it took so long – it is impossible to say without additional research into the problem.

Well, the problem is back. I checked the wp-config and my edit is still there, so it didn’t fix the problem entirely.

For further actions please contact us by our private Ticket System:
https://cleantalk.org/my/support/open

Hello.
Seems like the issue is solved by disabling the cache on the specific page, so I’m going to close this topic.

If the issue returns, please let us know.

Hello, I’m having the same problem on multiple similar WordPress installations.
It seems that caching of the HTML code of the URL causes error rest_cookie_invalid_nonce with below copied settings of the CleanTalk Anti-Spam.

Any advice, please?

Details:

At https://pagespeed.web.dev/ is displayd “/wp-json/cleantalk-antispam/v1/apbct_set_important_parameters:1:0
Failed to load resource: the server responded with a status of 403 (Forbidden)”

And if directly accessing the https://www … /wp-json/cleantalk-antispam/v1/apbct_set_important_parameters it displays:
“{“code”:”rest_no_route”,”message”:”Nebyla nalezeno odpov\u00eddaj\u00edc\u00ed spojen\u00ed mezi adresou URL a po\u017eadavkem.”,”data”:{“status”:404}}”

If the page URL is opened in Chrome with open WebDeveloper toolbar > Network, than I see error “rest_cookie_invalid_nonce”… Full details:
code: “rest_cookie_invalid_nonce”
data: {status: 403}
message: “Kontrola soubor? cookie se nezda?ila”


The installation uses caching plugin https://www.ads-software.com/plugins/w3-total-cache/.

If the page cache is flushed, the problem disapears.

https://cleantalk.org/my/services_templates?product=antispam > Template Options are:


SpamFireWall:Off
Anti-Flood:Off
Anti-Flood Page Views Limit:20
Anti-Crawler:Off
Uniq GET option:Off
Registration Forms:On
Comments form:On
Contact forms:On
forms__flamingo_save_spam:Off
Custom contact forms:On
WooCommerce checkout form:Off
Spam test for registration during checkout:Off
Check anonymous users when they add new items to the cart:Off
Test default WordPress search form for spam:Off
Protect external forms:Off
Capture buffer:Off
Protect internal forms:Off
Disable all comments:Off
Disable comments for all posts:Off
Disable comments for all pages:Off
Disable comments for all media:Off
BuddyPress Private Messages:Off
Don’t check trusted user’s comments:On
Automatically delete spam comments:Off
Remove links from approved comments:Off
Show links to check Emails, IPs for spam:On
Manage comments on public pages:Off
comments__the_real_person:On
Hide the “Website” field:Off
Protect logged in Users:On
Use AJAX for JavaScript check:Off
Use static keys for JS check:On
Check all post data:Off
Set cookies:Off
data__bot_detector_enabled:Off
Add a CleanTalk Pixel to improve IP-detection:2
Check email before POST request:On
data__honeypot_field:On
data__email_decoder:Off
data__email_decoder_buffer:Off
data__wc_store_blocked_orders:Off
exclusions__log_excluded_requests:Off
URL exclusions:Off
Use Regular Expression in URL Exclusions:Off
Field name exclusions:Off
Use Regular Expression in Field Exclusions:Off
exclusions__form_signs:Off
exclusions__bot_detector:Off
exclusions__bot_detector__form_attributes:Off
exclusions__bot_detector__form_parent_attributes:Off
exclusions__bot_detector__form_children_attributes:Off
Roles which bypass spam test:{“0″:”Administrator”}
Show statistics in admin bar:Off
Show All-time counter:Off
Show 24 hours counter:Off
SpamFireWall counter:Off
Send connection reports:Off
Async JavaScript loading:On
Store visited URLs:On
Complete deactivation:Off
Use WordPress HTTP API:On
Notify users with selected roles about new approved comments:Off
Roles:{}
Show Dashboard Widget:On
trusted_and_affiliate__shortcode:Off
trusted_and_affiliate__shortcode_tag:Off
trusted_and_affiliate__footer:Off
trusted_and_affiliate__under_forms:Off
trusted_and_affiliate__add_id:Off
cleantalk_custom_logo:Off

Any advice/recommendation, how to change the settings to work with W3TC Page caching (and ideally without Cookies)?

• This reply was modified 6 months, 1 week ago by jan.mazanek. Reason: Removal of HTML code styling

Hello @janmazanek,

Did you try the recommendation from here https://www.ads-software.com/support/topic/403-error-apbct_set_important_parameters/#post-17907168?

Hello @dimitrycleantalk,
I tried it now. But it probably does NOT solve the problem, even thought it may at first sight seem to solve it.

After I’ve added to wp-config.php: define(‘APBCT_SET_AJAX_ROUTE_TYPE’, ‘admin_ajax’); I had accessed the URL with testing parameters ?t=1309. This caused that the the server-side cached page was not used. The new HTML page was generated, which differs in values of:
* var ctPublicFunctions = {“_ajax_nonce”:”fcd42fb3e2″,”_rest_nonce”:”b1ef1393a0″, …no changes futher…
* var ctPublic = {“_ajax_nonce”:”8b4064fb3b”, …. no changes …, “emailEncoderPassKey”:”3b74e2559112991f4694f6c4c88a39a3″ … no changes …

The new nonces in “?t=1309” page IMHO caused, that it seems to solve the problem.

But when I open in browser the server-side cached version of the page, the problem still persists.

And after I have diff/compare the HTML code of the two entire pages, I see that there are no other changes in the HTML code, that should fix the problem.

I see in /wp-content/plugins/cleantalk-spam-protect/inc/cleantalk-pluggable.php:1513-1517 that the constant APBCT_SET_AJAX_ROUTE_TYPE forces function apbct_settings__get_ajax_type() to always return ‘rest’/’admin_ajax’ if the constant is set to one of these values. But it seems not to solve the problem.

Probably you are using https://developer.www.ads-software.com/reference/functions/wp_create_nonce/ which uses https://developer.www.ads-software.com/reference/functions/wp_nonce_tick/ which created nonces that are by default valid for 2 days. Is it so?

This may be a reason, why define(‘APBCT_SET_AJAX_ROUTE_TYPE’, ‘admin_ajax’); + reseting the HTML/Page cache may seem to solve the problem for 2 days, but in fact the problem remains?

I do not plan to spend hours on testing of this issue. I would be really pleased, if someone from CleanTalk would test/fix the issue with nonces and many-weeks cached versions of the pages.

Can you tell me the URL of your website? If not, please contact us via our ticket system:?https://cleantalk.org/my/support/open

Thank you.

@dimitrycleantalk I’m working on CleanTalk in parallel on 3 websites:
1) https://www.llentab.cz/ – where I just manually installed your Version 6.40.1-fix from https://github.com/CleanTalk/wordpress-antispam/releases/download/fix-version/cleantalk-spam-protect.zip to solve https://www.ads-software.com/support/topic/function-apbctcheckaddtocartbyget-should-be-defined-before-used/
2) https://www.llentab.se/ – where is Version 6.38, and I used this installation while reporting the problem in this ticket (because at this installation wasn’t refreshed the W3TC cache for couple days, but today the cache was refreshed too, so you can’t use it to see the problem at this moment)
3) https://www.llentab.lt/ – where is Version 6.40

Thank you.

Please follow the recommendations in this guide: https://cleantalk.org/help/cleantalk-and-w3-total-cache

Did it help?