Ajax-Calls from WordPress servers

  • Resolved Matthias Nordwig

    (@matthiasnordwig)


    1 year, 5 months ago

    Hi.

    I am developing a WordPress plugin for spam-protection, that is blocking post-requests, which have not solved a respective proof-of-state-challenge.

    GDPR-compliant ReCaptcha for all forms and logins – WordPress plugin | www.ads-software.com

    Thus the option “Connecting back to this site” of the Diagnostics-page of Wordfence runs into an error, as it gets blocked by my plugin. I found that the page is calling “wordfence_testAjax” for testing-purpose and white-listed this ajax-action respectively at my plugin and the test succeeds.

    But I am pretty sure, that for updates, scans and alike you may use other ajax-calls which would be blocked again.

    My question: Which ajax-calls do I need to whitelist in order to stop my plugin from blocking wordfence? Is there a better way to whitelist wordfence (i.e. whitelist a specific IP address or something else)?

    Hint: In order to test “Connecting back to this site” it might be helpful to call those actions that you really use, maybe passing a parameter that says “no processing required as it is just a test”.

    Cheers, Matthias

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Thread Starter Matthias Nordwig

    (@matthiasnordwig)

    Hi again.

    I‘ve found a solution on my own. After a scan of your Ajax-calls I just whitelist all actions with ?wordfence_*“ and some which don’t stick to that naming convention.

    Cheers, Matthias

Viewing 1 replies (of 1 total)
  • The topic ‘Ajax-Calls from WordPress servers’ is closed to new replies.