Gary H

Thank you. That was the problem.

Gary H.

Thank you for your reply.
The plugin version is the latest version available. The wordpress version is also the latest version available. The popup is NOT working on the website built with Elementor. When you click the link it just goes back to the top of the page. The popup is set to open with the OnClick trigger. The page it is on is here, https://169.60.137.196/full-product-line/ (Scroll to the bottom and click to expand the title that says Pressure Gravity Fill to Level with Vacuum Nozzle, it is at the bottom of that section)
There is currently no cache plugin on the site yet.
General settings for the popup box are as follows
Set as a shortcode popup. The popup is enabled. Title, description and shortcode are all set.
Show only for author is unchecked. Display is set to include, Post type is pages, posts is Nozzles and Full product line (The pages I want the popup to be displayed on). Show on homepage is unchecked. Trigger is set to OnClick. CSS selector is set as .MyButton

I have added my custom CSS code to the custom CSS code area in the styles tab on popup box.
This is the custom code I added.

.MyButton {
	box-shadow: 0px 10px 14px -7px #276873;
	background:linear-gradient(to bottom, #599bb3 5%, #408c99 100%);
	background-color:#599bb3;
	border-radius:8px;
	display:inline-block;
	cursor:pointer;
	color:#ffffff;
	font-family:Arial;
	font-size:20px;
	font-weight:bold;
	padding:13px 32px;
	text-decoration:none;
	text-shadow:0px 1px 0px #3d768a;
}
.MyButton:hover {
	background:linear-gradient(to bottom, #408c99 5%, #599bb3 100%);
	background-color:#408c99;
}
.MyButton:active {
	position:relative;
	top:1px;
}

.MyButton1 {
	box-shadow: 0px 10px 14px -7px #276873;
	background:linear-gradient(to bottom, #599bb3 5%, #408c99 100%);
	background-color:#599bb3;
	border-radius:8px;
	display:inline-block;
	cursor:pointer;
	color:#ffffff;
	font-family:Arial;
	font-size:20px;
	font-weight:bold;
	padding:13px 32px;
	text-decoration:none;
	text-shadow:0px 1px 0px #3d768a;
}
.MyButton1:hover {
	background:linear-gradient(to bottom, #408c99 5%, #599bb3 100%);
	background-color:#408c99;
}
.MyButton1:active {
	position:relative;
	top:1px;
}

.MyButton2 {
	box-shadow: 0px 10px 14px -7px #276873;
	background:linear-gradient(to bottom, #599bb3 5%, #408c99 100%);
	background-color:#599bb3;
	border-radius:8px;
	display:inline-block;
	cursor:pointer;
	color:#ffffff;
	font-family:Arial;
	font-size:20px;
	font-weight:bold;
	padding:13px 32px;
	text-decoration:none;
	text-shadow:0px 1px 0px #3d768a;
}
.MyButton2:hover {
	background:linear-gradient(to bottom, #408c99 5%, #599bb3 100%);
	background-color:#408c99;
}
.MyButton2:active {
	position:relative;
	top:1px;
}

Thank you for your help.
Gary H.

I have the same issue, restoring to the older version worked for now. Can I get a notification when the problem is resolved?

Here’s what my htaccess file looks like.

# Protect wp-config.php
<Files wp-config.php>
    order deny,allow
    deny from all
</Files>
# HTTP security settings start
<IfModule mod_headers.c>
  Header always set X-Content-Type-Options "nosniff"
  <IfModule mod_setenvif.c>
    SetEnvIf Origin "^(|https://drivesaversdatarecovery\.com)$" CORS=$0
  </IfModule>
  Header set Access-Control-Allow-Origin %{CORS}e env=CORS
  Header append Vary "Origin" env=CORS
  Header set Access-Control-Allow-Credentials "true" env=CORS
  Header set Access-Control-Allow-Methods "GET, POST, OPTIONS" env=CORS
  Header set Access-Control-Allow-Headers "Origin" env=CORS
  <FilesMatch "\.(php|html)$">
    Header set X-Frame-Options "DENY"
    Header set X-XSS-Protection "1; mode=block"
    Header set Strict-Transport-Security "max-age=2592000; includeSubDomains" env=HTTPS
    Header set Content-Security-Policy "default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' http: https://drivesaversdatarecovery.com; style-src 'unsafe-inline' http: https://drivesaversdatarecovery.com/; img-src http: data:; font-src 'self' http: data: https://drivesaversdatarecovery.com; media-src 'self' https://drivesaversdatarecovery.com; frame-src 'self' https://drivesaversdatarecovery.com; base-uri 'self'; sandbox allow-forms allow-same-origin allow-scripts"
    Header set P3P 'CP="CAO PSA OUR"'
    Header set Referrer-Policy "no-referrer-when-downgrade"
  </FilesMatch>
</IfModule>

Not working either way. If I separate by comma, a space or a semicolon.

When I deactivated it after exporting and deleting tables on deactivation, I also selected to delete wordfence login security tables. It broke my site when I deactivated it. I then used PhpMyAdmin to repair and optimize tables. That worked to fix the site. Then I re-installed WF and tried with the default settings… And it works. Must be something in the tables that I deleted that was left over from when it didn’t have the SSL certs. Wish I had tried deleting the tables on deactivation the first time I tried uninstalling and reinstalling it. I’m gonna play around with adding my settings one at a time so I can figure it out if I set something wrong. Thanks for all your help.
Axe6st

Did you see my second post, it says OK with https. Is that still saying something is blocking ajax? One of my first steps was to uninstall it completely and reinstall it. I don’t mind having to set up the features I want again, but I’ll try again a little later and save my settings and then test before and after importing my settings back in. I have to run out for a while so I’ll update you here later. Thanks for your help.
Axe6st

OK, I looked the view full log and I was using a shortened url. With the correct url I get OK with https on that url.
Axe6st

That’s a really long url. I tried it in a browser and I get 400 bad request. Tried it on both my server and my home pc.
AXe6st

I’m assuming it started when I enabled SSL, but to be honest, I didn’t check wordfence for a week or 2 after enabling SSL since it seemed to be working correctly. I whitelisted that url in IIS but still no luck. If I try to ping it doesn’t ping back. Probably not supposed to though. If I got to the url I whitelisted in a web browser I get a blank page that says Your site did not send an API key when contacting the Wordfence servers, so I think that means my server is not blocking that url. I also just added rules to the windows firewall allowing all wordfence server IP’s to connect. After restarting the server I am still getting the same messages.
Axe6st

No luck. It’s interesting that right after I click scan, it shows this. [SEP 08 11:33:51] Scan stop request received. Wordfence does work on my sites that don’t have SSL enabled. And I’m wondering what the error in the event viewer is about that says none of the cipher suites supported by the client application are supported by the server.
I’m at a loss, but does that mean I need to add cipher suites used by wordfence? Or am I reading too much into that?
Axe6st

This is what was added to the log from the new scan attempt.
Sep 08 11:23:09] Calling Wordfence API v2.26:https://noc1.wordfence.com/v2.26/?k=8592d1b2d838528add53321214c0a0336d2372bcbe60600743188b20412b2b6a03636c9d90b8052eb069c298b9397fc1352143e74b82ca52fa6a77e2164dfdab41479930c1b7b3f77a7a1f3375871fc9&s=eyJ3cCI6IjUuNS4xIiwid2YiOiI3LjQuMTEiLCJtcyI6ZmFsc2UsImgiOiJodHRwczpcL1wvcGFja2FnaW5nZHluYW1pY3MuY29tIiwic3NsdiI6MjY5NDg4MjU1LCJwdiI6IjcuNC45IiwicHQiOiJjZ2ktZmNnaSIsImN2IjoiNy43MC4wIiwiY3MiOiJPcGVuU1NMXC8xLjEuMWciLCJzdiI6Ik1pY3Jvc29mdC1JSVNcLzEwLjAiLCJkdiI6IjguMC4xOCJ9&betaFeed=0&action=timestamp
[Sep 08 11:23:16] Calling Wordfence API v2.26:https://noc1.wordfence.com/v2.26/?k=8592d1b2d838528add53321214c0a0336d2372bcbe60600743188b20412b2b6a03636c9d90b8052eb069c298b9397fc1352143e74b82ca52fa6a77e2164dfdab41479930c1b7b3f77a7a1f3375871fc9&s=eyJ3cCI6IjUuNS4xIiwid2YiOiI3LjQuMTEiLCJtcyI6ZmFsc2UsImgiOiJodHRwczpcL1wvcGFja2FnaW5nZHluYW1pY3MuY29tIiwic3NsdiI6MjY5NDg4MjU1LCJwdiI6IjcuNC45IiwicHQiOiJjZ2ktZmNnaSIsImN2IjoiNy43MC4wIiwiY3MiOiJPcGVuU1NMXC8xLjEuMWciLCJzdiI6Ik1pY3Jvc29mdC1JSVNcLzEwLjAiLCJkdiI6IjguMC4xOCJ9&betaFeed=0&action=resolve_ips
[Sep 08 11:23:24] Scan stop request received.
[Sep 08 11:23:28] Ajax request received to start scan.
[Sep 08 11:23:28] Entering start scan routine
[Sep 08 11:23:28] Got value from wf config maxExecutionTime: 0
[Sep 08 11:23:28] Got max_execution_time value from ini: 300
[Sep 08 11:23:28] ini value of 300 is higher than value for WORDFENCE_SCAN_MAX_INI_EXECUTION_TIME (90), reducing
[Sep 08 11:23:28] getMaxExecutionTime() returning half ini value: 45
[Sep 08 11:23:28] Starting cron via proxy at URL https://noc1.wordfence.com/scanp/packagingdynamics.com/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=standard&cronKey=547ad1fa3e9a8131671287a117d252bb&k=8592d1b2d838528add53321214c0a0336d2372bcbe60600743188b20412b2b6a03636c9d90b8052eb069c298b9397fc1352143e74b82ca52fa6a77e2164dfdab41479930c1b7b3f77a7a1f3375871fc9&ssl=1&signature=37e7fed95746f7e240d8cf931c638d8f95a0de3b6f8d74f4ef7f7cdf94fe8129
[Sep 08 11:23:28] Scan process ended after forking.

Diagnostic report sent. Thank you. I checked my SSL also using a tool called iisencrypt. There’s a section named drown under the protocols that seems to be not supported. Also, I made sure TLS 1.2 is enabled and I am getting this message in windows event viewer
An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Axe6st

Thanks for your reply. I have enable ssl verification checked. I use IIS IP address restrictions to block the wp-admin folder but I have the wordfence servers IP address range in there as allowed. I also did change that to default feature setting set to allow all and made no difference. I ran the curl command listed in another article about a similar issue and it came back saying server didn’t send an api key. I checked my IIS logs but didn’t find anything helpful in there. I followed the guide at wordfence titled scan won’t start. I can get to the admin-ajax.php also.
I’m lost as to where to check next but I’m wondering if when I set up my SSL I missed something and it’s only half correct.
Axe

Lap, Thank you. That makes sense. I added it and am going to test it now.
Axe