Divi editing blocked by Wordfence?

  • Resolved nicolar

    (@nickyr)


    6 months, 3 weeks ago

    I’m unable to edit some pages on my client’s site using Divi. From the error messages (see below) ET thought it could be a hosting issue.

    “An error has occurred while saving your page. Various problems can cause a save to fail, such as a lack of server resources, firewall blockages, plugin conflicts or server misconfiguration. You can try saving again by clicking Try Again, or you can download a backup of your unsaved page by clicking Download Backup.”

    Divi suggested the following:

    “You can inform the web host that you’re getting an admin-ajax error on your WordPress website and that you were advised to check mod_security or firewall settings on your website. They will need to whitelist any rule that gets triggered by our Divi Builder and it should work correctly after that.”

    I didn’t have any luck with the hosting company. They didn’t know what to do.

    All the PHP variables are fine. But I have just received the monthly Wordfence report and from the error codes below, it looks like Wordfence is blocking my editing attempts. Does this sound right? Or am I on the wrong track?

    Blocked for XSS: Cross Site Scripting in POST body: modules = [{“type”:”et_pb_section”,”attrs”:{“admin_label”:”Header”,”_builder_version”:”4.16″,”background_color…

    (I also had to put Wordfence in ‘learning mode’ to allow me to use the WP Staging plugin).

    I’m really stuck. Any advice or recommendations would be greatly appreciated.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfmargaret

    (@wfmargaret)

    Hi @nickyr,

    Thanks for reaching out. Set the firewall to Learning Mode if it isn’t already. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.

    https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

    Thanks,
    Margaret

    Thread Starter nicolar

    (@nickyr)

    Hi @wfmargaret

    Thank you for your quick reply and recommendation. I had already set Wordfence firewall to Learning Mode on the staging site I’m working on (the following advice is on the Wordfence Firewall page):

    WP STAGING – Wordfence firewall deactivated
    We`ve disabled the WordFence Web Application Firewall on this site by renaming the WordFence file user.ini to make sure this staging site will work perfectly fine.?
    When you push this site to live, your WordFence firewall settings on the live site will not be affected by this step.”

    Should I also be setting Wordfence firewall to Learning Mode on the production live site?

    Plugin Support wfmargaret

    (@wfmargaret)

    Hi @nickyr,

    Yes, you’ll want to enable Learning Mode in the firewall temporarily on the production site while performing the updates in Divi.  You do not want to leave Learning Mode enabled permanently, but just long enough to make Wordfence aware of which actions are safe to perform.  Once you’ve performed the updates, please switch the firewall back to Enabled and Protecting and test making those updates again to ensure it works with the firewall on.

    If you’re still running into errors when making updates once the firewall is enabled, please check for any blocked actions from your IP address under Wordfence > Tools > Live Traffic.  Click on the entry or eye icon to expand it and see if you are presented with an “Add Param to Firewall Allowlist” button. Clicking this should allow the blocked actions in future.

    Thanks,
    Margaret

    Thread Starter nicolar

    (@nickyr)

    Hi @wfmargaret

    Thank you so much! Enabling?Learning Mode?in the firewall on the production site worked! I can now edit the pages I was having issues with! I really appreciate your help.

    Cheers, Nicky

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Divi editing blocked by Wordfence?’ is closed to new replies.