I am using Cloudflare through the cPanel of my hosting provider, Siteground where I created my Cloudflare account and added my site through.
However, when I enable Cloudflare on my site, my AJAX ‘login’ stops working on all pages except for the homepage.
The login action was returning a 403-Forbiddnen response. I have an included php file which adds the wp_ajax_nopriv_ajaxlogin permission to allow login from outside the default wordpress login screen. However, by the looks of it, this is only being run on the homepage so users were unable to even see if they had a good or bad login on the site.
I disabled Cloudflare, static and dynamic caching and then re-enabled each individually. It looks like when Cloudflare is enabled, the above issue is replicated. However I can disable Cloudflare and enable static and dynamic caching in my cPanel and the issue goes away.
Not sure if it’s linked to the fact that the SSL certificate for the site lists as invalid from most pages. My client has control over their domain and have appended my DNS servers alongside ones they were currently using, I’m just wondering whether that may be a part of the problem? Alternatively is there anything that can be added in the CNAME record or somewhere else for me to be able to restart using Cloudflare?
I also modified the settings from SSL (Strict) to just simple SSL, but that didn’t seem to help nor hurt.
I have a wildcard Let’s Encrypt certificate on my domain as well.