Also worth noting that all of the websites are displaying a ‘ERROR: An error was encountered while trying to authenticate. Please try again.’ when trying to login. After renaming the plugin in FTP (disabling wordfence) we can login but the issues with JSON still persist.
Hi @algraham93,
Thanks for reaching out! I see that the REST API has <?php?> inserted at the beginning, which is causing the JSON errors (and, in turn, the login errors when Wordfence is activated). This would not have been added by Wordfence, as you’ve also confirmed by checking that the issue remained after temporarily disabling Wordfence.
If you or your developer have recently made any changes to the site, I recommend reviewing those changes to ensure they were implemented properly.
Please let me know if you have any questions!
Thanks,
Margaret
Hey Margaret,
Thanks for the reply – I should add that it has happened to all of my sites on the server which are running wordfence. Is there a possibility that wordfence has added something as a security measure on the root of the server? It seems to be using a lot of resource like it is constantly trying to run some sort of cron and being blocked
Hi @algraham93,
Thanks for following up! When Wordfence blocks a page view or action, it returns a 503 or 403 response. Since the additional tag was added even when Wordfence was disabled, Wordfence wouldn’t be involved.
It does look like you’ve found the cause though, as I no longer see the additional tag at the beginning of the REST response. That’s great to see! If you’re still having issues with Wordfence’s cron jobs or if you see any Wordfence block pages, please let me know.
Thanks,
Margaret
