CSS and JS minifying

Hello, I am having an issue with our customer login issue that’s tied to Cloudflare. Whenever a customer logs into their account on our website then navigates to another page, typically whenever they navigate back to our Home page, they get logged out. Cloudflare is blocking /wp-admin/admin-ajax.php and this is due to CSS and JSS minifying. I’ve already purged our cache in Cloudflare but that didn’t fix the issue. Any advice would be greatly appreciated.

If you’re using the minification feature, you’ll have to stop using it pretty soon, as it’s being deprecated:

1 Like

Thank you for replying. I just took a look at Auto Minify in our dashboard and it doesn’t appear to be turned on. I’m basing this on the fact that none of the boxes next to it are checked. By the way, I’m not a developer, but I am asking on behalf of the developer that I am working with.

Ok, then it’s not related to any minification at Cloudflare’s end.

The 403 should show up in the firewall events log.


Filtering for POST requests may make the event easier to find:

1 Like

Thank you so much for taking the time to walk me through what the problem may be. I filtered for POST just like you advised and it says, “No firewall events found matching your filters”. So, does this prove that it isn’t a firewall problem?

1 Like

Is there anything else in browser’s console log when this happens? I would suggest to confirm that all cookies stay in place when you navigate back to Home page, as it could be a caching issue rather than a WAF one.

Also, you can try running the same request via Trace and review which rules are executed on it to narrow down what is causing this.

Thank you. I will pass this information along to my developer. The last thing he had me do in an attempt to resolve the issue was purge my Cloudflare cache, but that didn’t help, which is why he suggested that I contact someone at Cloudflare.

If you go over to the Network tab and look at the 403 response, you can look at the Preview or Response, and it should give you a solid clue what blocked the request, as it’d usually be a web page showing you a block message.