Will Mayall
Forum Replies Created
-
Forum: Plugins
In reply to: [Code Snippets] Text “<script" cannot be saved with 403 errorA WAF (ModSecurity) with Comodo rules is causing the error.
I have two very similar sites that both exhibited the error. Turning off the WAF eliminated the error.
Forum: Plugins
In reply to: [Code Snippets] Text “<script" cannot be saved with 403 errorOn the production site, I thought I’d try entering “<script” in another field. I did it in a search field. The server blocked the entry with a 403 error.
At this point, I’m assuming there is a server level protection trying to block code injection.
You can mark this issue as closed since the issue is not specific to Code Snippet.
Again, thanks for your excellent support.
Forum: Plugins
In reply to: [Code Snippets] Text “<script" cannot be saved with 403 errorI just created a clean WordPress install and the issue does not appear. I’ll try adding some plugins and see if I can find a conflict.
Forum: Plugins
In reply to: [Code Snippets] Text “<script" cannot be saved with 403 errorWere you able to reproduce the issue? I could create a test site to try.
What is puzzling to me is that I found the issue when editing an old script. The script used to allow the “<script” text. Clearly something changed somewhere, perhaps in WordPress itself.
Forum: Plugins
In reply to: [Code Snippets] Text “<script" cannot be saved with 403 errorI assume you are suggesting that something — probably a plugin — is trying to prevent a code injection. That certainly seems reasonable.
Sucuri is installed but has been installed for years and before the script was originally created. I tried it with Sucuri off and the problem remained.
I know Jetpack has security tests as well but assume the issue would be appearing for others.
The one big change was a recent update from Ubuntu 18LTS to 22LTS but I had not edited the code for years so I think that was simply coincidental.
I know the following can be used as a workaround:
$result = “<“;
$result .= “script”;I updated the script directly in the db.
If you have other ideas, that would be great. Thanks for your support.
I updated WP-Optimize to 2.2.10 and the issue with Avada no longer appears.
I should note that I did a number of other updates at the same time including WP 5.0.3.
In any case, thanks for the support and I have marked this resolved.
Forum: Plugins
In reply to: [Mailchimp for WooCommerce] Brought server to it’s kneesHi Pearl, thanks for following up.
I’d be happy to provide you with info via a more private venue. You could use Facebook to send me a private message.
In general, we have done little beyond disabling the plugin since it was tough to find the cause and we are wary of further debugging at this moment because of high sales volumes.
- This reply was modified 8 years, 11 months ago by Will Mayall.
I can’t get my replies on this thread to show up. I already have a ticket open but the issue has not been resolved. Ticket #2845636
Ticket #2845636 was opened but we’ve yet to get it resolved via that ticket.
We’ve tried many things. I’ll summarize below.
– Reinstalled WordPress.
– Reinstalled JetPack.
– Gone through all the troubleshooting pages.
– Compared Debug from working site.
– Turned off our custom Theme.
– Turned off Cloudflare.
– Tweaked Cloudflare.
– Turned off Plugins.
– Disabled Jetpack https requirement.
– Checked xmlrpc.php
– Flushed every cache I can think.
– Deleted WordPress Transients.
– Tried other WordPress account.
– Downgraded to JetPack 4.2.2.Error messages:
Jetpack: [verify_secrets_mismatch] Secret mismatch Jetpack: [invalid_grant] Error Details: Invalid authorization_code.This is the basic error from the xmlrpc test:
{"error":"Can not resolve your domain \"A record\"","error_description":"We were unable to resolve the A record for your domain. It is likely that you have recently registered your domain name. It takes several hours for new or transferred domain names to start working, so please come check back later. If you're still having the same error after 48 hours, please contact your web hosting provider."}The debug response:
Debug Info jQuery version: 1.12.4 CLIENT_ID: 46520644 BLOG_TOKEN: 8RHKT*l@B6qRg98C95S&Ulu7ov1QiWdi.V8nfy9Ik5oT89eh5t4kK&99nRdMfYcWx MASTER_USER: CERT: 0 TIME_DIFF: 0 VERSION: 4.3.1:1474729102 OLD_VERSION: 4.3.1:1474729102 PUBLIC: 1 USER_ID: 31 USER_TOKEN: [this user has no token] PHP_VERSION: 5.3.10 WORDPRESS_VERSION: 4.6.1 JETPACK__VERSION: 4.3.1 JETPACK__PLUGIN_DIR: /var/www/vhosts/holykaw.alltop.com/httpdocs/wp-content/plugins/jetpack/ SITE_URL: http://holykaw.alltop.com HOME_URL: http://holykaw.alltop.com Jetpack Sync Full Status:Array
(
[started] => Thu, 01 Jan 1970 00:00:00 +0000
[queue_finished] => Thu, 01 Jan 1970 00:00:00 +0000
[sent_started] => Thu, 01 Jan 1970 00:00:00 +0000
[finished] => Thu, 01 Jan 1970 00:00:00 +0000
[sent] => Array
(
)[queue] => Array
(
)[config] => Array
(
)[total] => Array
(
))
Next Jetpack Full Sync Schedule: Not Scheduled Sync Queue size: 2 Sync Queue lag: 5 days, 5 hours, 24 minutes, 22 seconds Full Sync Queue size: 0 Full Sync Queue lag: 0 seconds HTTP_HOST: holykaw.alltop.com SERVER_PORT: 80 HTTP_CF_CONNECTING_IP: 73.189.31.157 HTTP_X_FORWARDED_FOR: 73.189.31.157 REMOTE_ADDR: 73.189.31.157 PROTECT_TRUSTED_HEADER: {"trusted_header":"REMOTE_ADDR","segments":1,"reverse":false} TEST RESULTS: HTTP: PASS HTTPS: PASS IDENTITY_CRISIS: PASS SELF: FAIL RAW TEST RESULTS: HTTP Array ( [headers] => Requests_Utility_CaseInsensitiveDictionary Object ( [data:protected] => Array ( [server] => nginx [date] => Thu, 29 Sep 2016 20:07:13 GMT [content-type] => text/plain;charset=utf-8 [vary] => Array ( [0] => Accept-Encoding [1] => Cookie ) [expires] => Wed, 11 Jan 1984 05:00:00 GMT [cache-control] => no-cache, must-revalidate, max-age=60 [x-hacker] => Jetpack Test [content-encoding] => gzip [x-ac] => 3.ord _dca ) ) [body] => OK [response] => Array ( [code] => 200 [message] => OK ) [cookies] => Array ( ) [filename] => [http_response] => WP_HTTP_Requests_Response Object ( [response:protected] => Requests_Response Object ( [body] => OK [raw] => HTTP/1.1 200 OK Server: nginx Date: Thu, 29 Sep 2016 20:07:13 GMT Content-Type: text/plain;charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Cookie Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=60 X-hacker: Jetpack Test Content-Encoding: gzip X-ac: 3.ord _dca OK [headers] => Requests_Response_Headers Object ( [data:protected] => Array ( [server] => Array ( [0] => nginx ) [date] => Array ( [0] => Thu, 29 Sep 2016 20:07:13 GMT ) [content-type] => Array ( [0] => text/plain;charset=utf-8 ) [vary] => Array ( [0] => Accept-Encoding [1] => Cookie ) [expires] => Array ( [0] => Wed, 11 Jan 1984 05:00:00 GMT ) [cache-control] => Array ( [0] => no-cache, must-revalidate, max-age=60 ) [x-hacker] => Array ( [0] => Jetpack Test ) [content-encoding] => Array ( [0] => gzip ) [x-ac] => Array ( [0] => 3.ord _dca ) ) ) [status_code] => 200 [protocol_version] => 1.1 [success] => 1 [redirects] => 0 [url] => Requests_IRI Object ( [scheme:protected] => http [iuserinfo:protected] => [ihost:protected] => jetpack.wordpress.com [port:protected] => [ipath:protected] => /jetpack.test/1/ [iquery:protected] => [ifragment:protected] => [normalization:protected] => Array ( [acap] => Array ( [port] => 674 ) [dict] => Array ( [port] => 2628 ) [file] => Array ( [ihost] => localhost ) [http] => Array ( [port] => 80 ) [https] => Array ( [port] => 443 ) ) ) [history] => Array ( ) [cookies] => Requests_Cookie_Jar Object ( [cookies:protected] => Array ( ) ) ) [filename:protected] => [data] => [headers] => [status] => ) ) HTTPS Array ( [headers] => Requests_Utility_CaseInsensitiveDictionary Object ( [data:protected] => Array ( [server] => nginx [date] => Thu, 29 Sep 2016 20:07:14 GMT [content-type] => text/plain;charset=utf-8 [vary] => Array ( [0] => Accept-Encoding [1] => Cookie ) [expires] => Wed, 11 Jan 1984 05:00:00 GMT [cache-control] => no-cache, must-revalidate, max-age=60 [x-hacker] => Jetpack Test [content-encoding] => gzip [x-ac] => 3.ord _dca [strict-transport-security] => max-age=15552000 ) ) [body] => OK [response] => Array ( [code] => 200 [message] => OK ) [cookies] => Array ( ) [filename] => [http_response] => WP_HTTP_Requests_Response Object ( [response:protected] => Requests_Response Object ( [body] => OK [raw] => HTTP/1.1 200 OK Server: nginx Date: Thu, 29 Sep 2016 20:07:14 GMT Content-Type: text/plain;charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Cookie Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=60 X-hacker: Jetpack Test Content-Encoding: gzip X-ac: 3.ord _dca Strict-Transport-Security: max-age=15552000 OK [headers] => Requests_Response_Headers Object ( [data:protected] => Array ( [server] => Array ( [0] => nginx ) [date] => Array ( [0] => Thu, 29 Sep 2016 20:07:14 GMT ) [content-type] => Array ( [0] => text/plain;charset=utf-8 ) [vary] => Array ( [0] => Accept-Encoding [1] => Cookie ) [expires] => Array ( [0] => Wed, 11 Jan 1984 05:00:00 GMT ) [cache-control] => Array ( [0] => no-cache, must-revalidate, max-age=60 ) [x-hacker] => Array ( [0] => Jetpack Test ) [content-encoding] => Array ( [0] => gzip ) [x-ac] => Array ( [0] => 3.ord _dca ) [strict-transport-security] => Array ( [0] => max-age=15552000 ) ) ) [status_code] => 200 [protocol_version] => 1.1 [success] => 1 [redirects] => 0 [url] => Requests_IRI Object ( [scheme:protected] => https [iuserinfo:protected] => [ihost:protected] => jetpack.wordpress.com [port:protected] => [ipath:protected] => /jetpack.test/1/ [iquery:protected] => [ifragment:protected] => [normalization:protected] => Array ( [acap] => Array ( [port] => 674 ) [dict] => Array ( [port] => 2628 ) [file] => Array ( [ihost] => localhost ) [http] => Array ( [port] => 80 ) [https] => Array ( [port] => 443 ) ) ) [history] => Array ( ) [cookies] => Requests_Cookie_Jar Object ( [cookies:protected] => Array ( ) ) ) [filename:protected] => [data] => [headers] => [status] => ) ) IDENTITY_CRISIS PASS SELF Array ( [headers] => Requests_Utility_CaseInsensitiveDictionary Object ( [data:protected] => Array ( [server] => nginx [date] => Thu, 29 Sep 2016 20:07:14 GMT [content-type] => text/plain;charset=utf-8 [expires] => Wed, 11 Jan 1984 05:00:00 GMT [cache-control] => no-cache, must-revalidate, max-age=60 [x-hacker] => Jetpack Test [x-ac] => 3.ord _dca [strict-transport-security] => max-age=15552000 ) ) [body] => {"error":"Can not resolve your domain \"A record\"","error_description":"We were unable to resolve the A record for your domain. It is likely that you have recently registered your domain name. It takes several hours for new or transferred domain names to start working, so please come check back later. If you're still having the same error after 48 hours, please contact your web hosting provider."} [response] => Array ( [code] => 400 [message] => Bad Request ) [cookies] => Array ( ) [filename] => [http_response] => WP_HTTP_Requests_Response Object ( [response:protected] => Requests_Response Object ( [body] => {"error":"Can not resolve your domain \"A record\"","error_description":"We were unable to resolve the A record for your domain. It is likely that you have recently registered your domain name. It takes several hours for new or transferred domain names to start working, so please come check back later. If you're still having the same error after 48 hours, please contact your web hosting provider."} [raw] => HTTP/1.1 400 Bad Request Server: nginx Date: Thu, 29 Sep 2016 20:07:14 GMT Content-Type: text/plain;charset=utf-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=60 X-hacker: Jetpack Test X-ac: 3.ord _dca Strict-Transport-Security: max-age=15552000 {"error":"Can not resolve your domain \"A record\"","error_description":"We were unable to resolve the A record for your domain. It is likely that you have recently registered your domain name. It takes several hours for new or transferred domain names to start working, so please come check back later. If you're still having the same error after 48 hours, please contact your web hosting provider."} [headers] => Requests_Response_Headers Object ( [data:protected] => Array ( [server] => Array ( [0] => nginx ) [date] => Array ( [0] => Thu, 29 Sep 2016 20:07:14 GMT ) [content-type] => Array ( [0] => text/plain;charset=utf-8 ) [expires] => Array ( [0] => Wed, 11 Jan 1984 05:00:00 GMT ) [cache-control] => Array ( [0] => no-cache, must-revalidate, max-age=60 ) [x-hacker] => Array ( [0] => Jetpack Test ) [x-ac] => Array ( [0] => 3.ord _dca ) [strict-transport-security] => Array ( [0] => max-age=15552000 ) ) ) [status_code] => 400 [protocol_version] => 1.1 [success] => [redirects] => 0 [url] => Requests_IRI Object ( [scheme:protected] => https [iuserinfo:protected] => [ihost:protected] => jetpack.wordpress.com [port:protected] => [ipath:protected] => /jetpack.testsite/1/ [iquery:protected] => url=http://holykaw.alltop.com/xmlrpc.php [ifragment:protected] => [normalization:protected] => Array ( [acap] => Array ( [port] => 674 ) [dict] => Array ( [port] => 2628 ) [file] => Array ( [ihost] => localhost ) [http] => Array ( [port] => 80 ) [https] => Array ( [port] => 443 ) ) ) [history] => Array ( ) [cookies] => Requests_Cookie_Jar Object ( [cookies:protected] => Array ( ) ) ) [filename:protected] => [data] => [headers] => [status] => ) )- This reply was modified 9 years, 7 months ago by Will Mayall.
- This reply was modified 9 years, 7 months ago by Will Mayall. Reason: Pasted wrong debug response
I don’t think this is what the forum suggests in terms of where it gets posted. Honestly, the structure and “rules” for posting are obscure.
We are having the same problem.
Forum: Plugins
In reply to: Error message when try to connect Jetpack to WP.comI’m getting the same error and it is also a recent issue, i.e. Sept 2016.
Forum: Plugins
In reply to: [Canva - Design beautiful blog graphics] Fatal PHP error in version 1.2.2Our site also gets the fatal error. We are in the process of restoring the previous version.
Forum: Plugins
In reply to: [W3 Total Cache] MaxCDN Sub-Directory Images Not Being Pulled CompletelyMy site works fine for images and content that comes from the “default” folders. But it does not work for anything that needs to be listed in the “custom files list”.
I created two identical sites to demonstrate the issue. The only difference between the sites was that one was not at the root level. That site did not have the URLs updated for the CDN.
BTW. Remember to check the source code of the pages. That’s the most reliable way to determine if W3TC is properly replacing the local URLs with the CDN URLs.
Forum: Plugins
In reply to: [W3 Total Cache] MaxCDN Sub-Directory Images Not Being Pulled CompletelyI believe this is a confirmed issue. See this post:
http://wordpress.org/support/topic/cdn-custom-file-list-not-working-on-moved-site?replies=2