Live Traffic Can't Work

Have you blocked access to the wp-admin folder (NOT the wp-admin url)?

tim

Hi Tim,

As far as I know, access to wp-admin folder is not blocked.

There is no .htaccess on the wp-admin’s root.

On WordPress’s root, the only rules in .htaccess that mention wp-admin are these:

#AIOWPS_FORBID_PROXY_COMMENTS_START
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP:VIA}%{HTTP:FORWARDED}%{HTTP:USERAGENT_VIA}%{HTTP:X_FORWARDED_FOR}%{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}%{HTTP:HTTP_PC_REMOTE_ADDR}%{HTTP:HTTP_CLIENT_IP} !^$
RewriteCond %{REQUEST_URI} !^/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).* [NC]
RewriteRule .* - [F,NS,L]
#AIOWPS_FORBID_PROXY_COMMENTS_END

RedirectMatch 403 admin\_db\_utilities\.
RedirectMatch 403 admin\.webring\.docs\.

Just to confirm, in the error message where you took out your site name, are the two site names exactly the same? One doesn’t have a “www” in front, or anything like that? I’ve usually only seen that type of message when the requested link is on another domain.

If that isn’t the issue, which browser are you using, and do you have any browser extensions/add-ins installed?

If you have a second browser installed, can you try using that on the site (with extensions disabled, especially security extensions, if there are any installed)?

Last, can you also try typing the url directly in the browser, like:
my-site.com/wp-admin/admin-ajax.php
(This should give you a blank page with a “0” in the corner if ajax is working.)

Hi,

I am sorry. You are right, I forgot to keep the www from one of the url. Let me paste it again more carefully. This one is on Chrome browser.

XMLHttpRequest cannot load https://my-site.com/wp-admin/admin-ajax.php. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://www.my-site.com’ is therefore not allowed access.

I tried it on another browser (Mozilla) without any addons installed, and got these messages on the console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://my-site.com/wp-admin/admin-ajax.php. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://my-site.com/wp-admin/admin-ajax.php. (Reason: CORS request failed).

Maybe a bit more details can help:
I set on the ‘General Settings’, ‘WordPress Address (URL)’ to be https://my-site.com – and ‘Site Address (URL)’ is https://www.my-site.com.

I also have on root’s .htaccess to redirect all urls from non-www to www. And set it to disallow hot-link and to prevent the site being displayed on iframe.

I tried to access my-site.com/wp-admin/admin-ajax.php and this got redirected to https://www.my-site.com/wp-admin/admin-ajax.php. On https://www.my-site.com/wp-admin/admin-ajax.php, I got blank page with a 0 on the top left corner.

Ok, that “www” is the issue — your browser sees that the domains aren’t exactly the same, and it’s trying to protect you from a script loading from a “different” site. (The browser doesn’t even try loading it, so it doesn’t see that it redirects to the www site.)

Unless you have a very unusual setup, the domains should be the same in those two boxes in General Settings. Usually on the directory after the domain would be different on some sites, but if you don’t have a directory now, you wont’ need it. (If you’re redirecting to the “www.” domain already, then that www domain would normally need to be in both fields.)

Be extremely careful with this — if you save changes with the wrong domain in the field, it might try to redirect you in a loop or just won’t load at all, and you wouldn’t be able to get back into the admin pages without editing wp-config.php to temporarily fix the URLs.

If anything does go wrong, the WordPress codex has a detailed explanation on how to change the URLs when you don’t have access to wp-admin, here:
https://codex.www.ads-software.com/Changing_The_Site_URL

Hi,

Thank you very much! Now I can access Live Traffic again. ??

Solution for anyone who might get the same problem:
The problem solved by changing all non-www urls to www. Somehow I got problem (locked out of admin) when I changed ‘WordPress Address (URL)’ to www. So I did it by replacing non-www to www on database using a search and replace script. I hope that can help.

Cheers!