I am at a loss as to why the only way I can seem to get the form to submit properly is to disable/pause Cloudflare entirely. Development mode or removing proxies doesn’t help. No caching plugin on website.
Does anyone know how to fix this? Or whether it’s occurring from the “Managed Rules”, which seem to be off limits from modifying/viewing if you’re on a free plan.
I remember this comes up on topics lately much more than ever before and I am sorry to hear that you’re experiencing this.
Before moving to Cloudflare, was your Website working over HTTPS connection?
I wonder if any of Cloudflare security & protection settings like Bot Fight Mode or Browser Integrity Check challenged or blocked the request
Kindly you check and provide some more details about which service did it trigger and got that result in the Cloudflare dashboard → Security → Overview for the past 24hours or so. Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …).
Nevertheless, I am not sure if that request to the admin-ajax.php was made via WordPress itself or via some plugin?
Development mode, however If you temporary enable the “Pause Cloudflare for this site” option from the CF dashboard bottom-right corner, does it work then or still shows the same warning/error?
Does your Website work fine over HTTPS when Paused?
Furthermore, I wonder if the plugin is using some kind of a JS code as it implements Ajax Maybe the script code is in some kind of a conflict with the the Cloudflare’s Rocket loader feature or Auto Minify options at Cloudflare dashboard?
Nevertheless, I wonder how the WordPress is configured to sent out an e-mail (I guess?) when the form is submitted, and if the request uses your SMTP (unproxied hostname like mail.example.com) with correct credentials for your domain name.
In a case if you’re using some 3rd-party plugin, maybe their IPs might need to be whitelisted too? I just wonder.
Otherwise, I am kind of hard a bit to figure it out.
May I ask if some kind of the the plugin is being used to build the form, and then used to submit it further?
That’s the output from the Developer Console, correct?
May I ask if you’ve tried using some other form plugin if the effect and end result is the same?
Or this form is manually build/codded by you or some other web developer?
Yes, the plugin does have some js files. Although I do have Rocket loader and Auto Minify disabled. I don’t know if pastebin is allowed here, but here are the 3 js files for plugin under Sources in development tools: https://pastebin.com/2bEvxuHM
I don’t have SMTP setup properly yet. Using a VPS, WHM/cpanel creates a mail account and then Wordpress handles it in the default way (php mail function). Cloudflare MX record is unproxied with just my root domain (mydomain.com) as entry for name and mail server field.
The way the form submission seems to work is that it adds the message to the database under a specific table as entry, then in the admin panel there is a section to review the message. It acts as a user report feature for abusive content. It can send an email notifying the admin of a report occurring though.
I am not sure if it is connecting anywhere but internally. The form class is method=“post” action=“”>
The one plugin is responsible for the form submission, although it is a plugin made to work with/for BuddyPress.
Yes, in developer tools>Network tab, it’s the response shown for the admin-ajax.php request from the plugin.
It some seem other forms using POST method on website from other plugins are working.
Just for the reference and double-check, usually, the MX record should point to a hostname such as mail, and the A (or CNAME ) type record for that hostname mail should be set to (DNS Only) at the DNS tab of Cloudflare dashboard.
Furthermore, in your email client or web application (WordPress), you should use mail.domain.com for POP3/IMAP/SMTP.
Kindly, I’d suggest you to download and install below plugin as far as it works perfectly for WordPress, just configure it to use your e-mail account with the credentials:
Ok, thanks for information. I will use this as reference when I set up SMTP. The MX records were what Cloudflare assigned when I scanned for DNS. Though I assume this isn’t related to the form submission issue?
Yes, there is. See below, I will add some more details/most of them from the HTTP header, in case it helps:
Request header, content-type, looks like it’s: application/x-www-form-urlencoded; charset=UTF-8