Hi @kdoronzio,
Thank you for reaching out to us.
To help me assist you further, please let me know which exact error you are getting when you upload the files.
Navigate to your Wordfence > Tools > Live Traffic page and find the blocks for the file uploads. The best way to do this would be to attempt uploading a PDF/A file, then head over to the Live Traffic page. If Wordfence is blocking the file uploads, you should be able to see them here with an explanation of why the file uploads are being blocked.
Once you confirm that Wordfence is blocking the file uploads, enabling Learning mode may help resolve the issue. Sometimes, Wordfence may block something that is not malicious due to false positives.
From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now proceed to upload a few files as a test. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished uploading the files, switch the WAF from Learning Mode back to Enabled and Protecting then test to see that you can still upload files without getting the same errors.
If Wordfence is not blocking the file uploads, you may need to allow the PDF/A file type to be uploaded in WordPress. I found the article below that may be of help:
https://www.wpbeginner.com/wp-tutorials/how-to-add-additional-file-types-to-be-uploaded-in-wordpress/
Note: We are not affiliated with the Upload Types by WPForms plugin cited in the article above and can’t offer support for it. There may be others that offer the same functionality.
I hope this helps you out.
Thanks,
Janet
Hi Janet – thanks for the reply.
I assume turning on & off the WF firewall would determine whether wordfence is blocking the upload, correct? The uploads work fine when the firewall is turned off, or in learning mode. However learning mode does not solve the issue and I don’t see specific log entries regarding the upload in my “live traffic” page.
We’re seeing the same issue on another gravity form with just image types. Uploading a .png shows this error in the browser:
Error: -200, Message: HTTP Error., File: <filename>.png
and this in the browser’s console log:
POST https://www.<DOMAIN>.org/?gf_page=5eb8a8b847a3bfe 403 (moxie.min.js?ver=13.5:1)
I’ve been searching for a manual entry to put into the firewall whitelist, but nothing I’ve tried works. Since I don’t see this entry in the live traffic, do you have any suggestions regarding how to add an exception?
In trying a few things, I created a very simple gravity form with a single image selector and tried submitting the form. When I submitted it, this was the resulting page. However, i didn’t see anything in the log indicating that we’d been blocked. Is there anywhere else I can look to determine how to create a whitelist for this action?
A potentially unsafe operation has been detected in your request to this site
Your access to this service has been limited. (HTTP response code 403)
If you think you have been blocked in error, contact the owner of this site for assistance.
Block Technical Data
Block Reason: A potentially unsafe operation has been detected in your request to this site
Time: Fri, 29 Apr 2022 3:16:58 GMT
About Wordfence
Wordfence is a security plugin installed on over 4 million WordPress sites. The owner of this site is using Wordfence to manage access to their site.
You can also read the documentation to learn about Wordfence’s blocking tools, or visit wordfence.com to learn more about Wordfence.
Click here to learn more: Documentation
Generated by Wordfence at Fri, 29 Apr 2022 3:16:58 GMT.
Your computer’s time: Fri, 29 Apr 2022 03:16:58 GMT.
Can you let us know what version of PHP you are running?
Tim
Thanks for confirming that.
On the Wordfence > Firewall > All Firewall Options page in the Advanced Firewall Options section scroll down to the Rules subsection.
At the bottom click on the gray button that says “Show All Rules”.
This will open up a list of firewall rules running on your website.
Search for, or scroll down and find the entry that says
“file_upload Malicious File Upload (PHP)”
Note : Make sure it is the one with (PHP) at the end of it.
Turn the slider beside it to off and save the changes.
Try uploading the PDF/A file again and let me know if it works. I’ll share the details about the solution once you test this.
Tim
Yes – that fixes both upload forms – both Gravity images and the PDF/A uploads!
Does that make my site more vulnerable? Is there a workaround that still stops malicious files from being uploaded?
Thanks
Ken
It doesn’t. We do have two general rules that prevent most malicious uploads, along with targeted rules for specific plugins’ vulnerabilities. We should have an update later this year that reworks this feature for PHP 8, to avoid the false positives on sites like yours. It is specific to sites running PHP 8 and above.
Tim
This issues is also occurring for me and I am running PHP 7.4 on the webserver
