Wordfence – Goolemaps

Hi @arsoftware2018, thanks for reaching out!

It sounds like Learning Mode could help here. From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now perform the actions that were causing issues, such as visiting the page(s) containing the iframe code. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if your iframe works correctly.

If it doesn’t help, take a look at your browser console to see if any potential CSP rules or code containing errors are flagged there. Feel free to post any messages you see here if you’re not sure of the cause.

Thanks,
Peter.

Hi Peter, thanks for the reply, but I still have the problem. I attach the image of the console. I would like to insert only the classic html iframe from Google Maps

Hi @arsoftware2018, thanks for including that screenshot.

So it looks like a number of things are violating Content Security Policy (CSP), which is not set by Wordfence and are usually set in the HTTP headers for your site. There may be another plugin that handles this for you. CSP can be hard to get right currently without something going wrong in WordPress or a plugin/theme.

There are some examples of integrating Google Maps with a CSP, and also some information around “frame-src”, which is one of the rules showing up in your browser console, which could help, here:

https://content-security-policy.com/examples/google-maps/
https://content-security-policy.com/frame-src/

Thanks,
Peter.

• This reply was modified 1 year ago by wfpeter. Reason: Changed "meta tags" for "HTTP headers"