I’m currently working on a WordPress website and everything appears to be working fine, however I happen to check the console and noticed an error that reads:
XML Parsing Error: syntax error
Line Number 1, Column 1:
I did some research and noticed some people with similar errors that said it was caused by Cloudflare and a fix was to add a rule in their Cloudflare firewall. Can any one provide insight based off my error?
Thank you for asking.
This does not sound to me like an Cloudflare error, rather as PHP/WordPress related.
Unfortunately, a very well known error for WordPress → caused by PHP or some plugin, or a caching plugin which cached even the XML and presented it as a TXT/HTML.
Maybe the request expected the content to be like text/html, but was returned as something else?
Otherwise, the request to it was somehow challenged, either due to your Security Level set, or Bot Fight Mode, or Browser Integrity Check, or if you enabled “I am under an attack” option, or some custom-made Firewall Rule to challenge everyone from XYZ country or some similar, at Cloudflare dashboard for your domain name.
If anything was challenged or blocked, you should see that event and reqest should be shown under the Firewall tab → Overview.
I took a quick peek in Firewall>Overview and see around 16 entries that all look like this
The path in each record varies but the all appear to in the directory where WordPress in installed (most in wp-includes, some in wp-login, but targeting the same .xml file and all from the same IP). Only thing I see in common is the Action Taken is ‘JS Challenge’ and and the console error references ‘challenge-platform’
Unfortunately, from your screenshots, these are know “paths” to attack WordPress (DDoS, xmlrpc, wlwmanifest, wp-login …) and do some harm or gather some intel/information if possible. It’s good to have them challenged or blocked as seen at your shared screenshot from Firewall Events.
I’ve known to had 1000s per day on one specific domain, which was targeted a lot from Microsoft AS number and all the requests went to paths like //cms, //sito, //wp with wlwmanifest.xml.
Yes I agree these blocks appear legitimate. One thing I just noticed after typing my last reply is that this error is only appearing in Firefox, but not Chrome or Edge. As I said, my site is function very well, so maybe this console error is of no concern. Thank you for your help!
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.