Cloudfare security is preventing wordpress from updating plug-ins on our site. The following error is being produced by our FB plug-in update requests on wordpress:
Update failed: The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions.
Looks like Cloudflare is preventing wordpress from being able to write its own files on the server.
My best guess is either Bot Fight Mode or Browser Integrity Check feature challenges or blocks the request.
You should see the challenged/blocked firewall events in the firewall events if you navigate to the Cloudflare dashboard → Security → Overview and lookup for Firewall events for the past 24hours or so. Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …).
Could you share some details which service was triggered that blocked you?
You could determine if this behaviour continues even by using a “Pause” option at Cloudflare as follows:
- Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com .
- The link is in the lower right corner of that page.
- Give it five minutes to take effect, then make sure site is working as expected with HTTPS.
- Re-try with updating.
- Upon success, un-pause and continue using Cloudflare.
Otherwise, it might be some Timeout error?
Since it’s related to the WordPress, I’d suggest you to whitelist your origin host / server / hosting IP address by navigating to the Security → WAF → Tools → IP Access Rules with the action “allow” for your Website and try again.
It knows to happen due to the WordPress using HTTP/1.0 and empty user-agent, therefore while executing WP-Cron or some other related JSON/REST API request via plugin.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.