Weird issue with WordPress

My website is running on WordPress. Everything works but my Thrive Apprentice plugin.

I contacted their support, they seemed to think it was an issue with the host or Cloudflare.

This is what is going on:

image

And this is the “technical details” that the plugin support said could be causing the issue:

“I propose contacting your hosting provider once more and requesting that PHP PUT/GET/DELETE/POST requests be enabled, as our products require those methods to function correctly. Also, please ask that they rule out any wp-JSON , admin-ajax or mod security plugin restrictions.”

Would Cloudflare be blocking or causing issues with these requests…?

I’m not a developer so I honestly have no idea what this means, but hopefully someone does!

Thank you for any reply in advance

Greetings,

Thank you for asking.

Bot Fight Mode or Browser Integrity Check, yes.

You should see the challenged/blocked firewall events in the firewall events if you navigate to the Cloudflare dashboard → Security → Overview and lookup for Firewall events for the past 24hours or so. Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …).

Could you share some details which service was triggered that blocked you? (Managed Rule something my best guess)

Just in case, related to the WordPress, I’d suggest you to whitelist your origin host / server / hosting IP address by navigating to the Security → WAF → Tools → IP Access Rules with the action “allow” for your Website and try again.

It knows to happen due to the WordPress using HTTP/1.0 and empty user-agent, therefore while executing WP-Cron or some other related JSON/REST API request via plugin.

Otherwise, you could test if you still get this error by temproary “Pausing Cloudflare” for your Website by following the steps from below:

  • Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com .
  • The link is in the lower right corner of that page.
  • Give it five minutes to take effect, then make sure site is working as expected with HTTPS.
  • Determine if the error still persists
  • If yes, contact your web hosting provider or double-check within your WordPress plugins
  • Once done, un-pause Cloudflare

Thanks so much for the reply.

I checked inside the firewall events, and none are listed at least as I can see.

This was the output that the Thrive support saw when they were inspecting the page:

I’ve gone ahead and created the allow rule for the server IP.

I tried pausing Cloudflare but it is still doing it, does this mean that Cloudflare is not the source of the problem…?

Thanks

Thank you for feedback information.

Unfortunately, exactly as it seems :thinking:
Are there any security plugins you’re having enabled which might restrict those request?

Thanks for the reply.

I think this may be an issue with my host, not Cloudflare. I’ve had issues with Mautic installs and Thrive plugins on WordPress sites.

I’m going to reach out to CyberPanel since that’s what I’m using, I no longer think Cloudflare is causing any of the issues but I could be wrong.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.