Support » Plugin: Async JavaScript » 403 Forbidden – admin-ajax.php error makes unusable

  • Longtime user of Async Javascript and other plugins by the same author.

    Very odd results at a recently migrated site. Though nearly identical to several other installations on the same account, all running Async Javascript, at this new site I get the 403 error referenced in the title when trying to enable.

    I’ve tried disabling all other plugins and switching to WordPress 2020. I’ve checked file and directory permissions, permalinks, and .htaccess. I’ve even tried re-installing WordPress and deleting and re-installing Async Javascript. Still getting the same error, making the plugin unusable.

    Any ideas?

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Author Optimizing Matters

    (@optimizingmatters)

    no idea I’m afraid .. do you have other plugins doing admin-ajax and is that working?

    yes

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    weird .. I have no idea I’m sorry to have to admit :-/

    Can you think of another plugin or function that makes heavy/direct use of admin-ajax that I can install and test “fresh”?

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    not by heart, but let me check with some of the wordpress guys & girls I know .. more later.

    Thanks – I’ll look forward to it.

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    apperantly revslider uses a lot of ajax, don’t know if you have that?

    No, that’s not it – the problem persisted even after all plugins disabled – but I think I figured it out, though I still don’t understand why the problem affects Async Javascript only, and only on this installation, now.

    The problems seems to originate in Wordfence “extended protection” from a higher level installation. The affected site is installed in a subdirectory where Wordfence is in operation in a site installed in the main directory – public_html. When I disabled Wordfence in that site – call it the main site – the 403 admin-ajax error went away in the new sub-site.

    When I reactivate Wordfence in the main site, the admin-ajax error comes back, but, when I install Wordfence in the sub-site”, configuring the Firewall to include the higher level one (there’s an option with default to “include”), then I can operate Async JS on both installations, with Wordfence, without issue.

    The Wordfence info on setting up the firewall is verbose as usual, but isn’t specific on this type of action. Possibly something in some buried security protocol might have changed sometime over the last few months. In the past, I had some somewhat similar problem with Wordfence in a site structured this way, affecting operation of a different (also widely in use) site migration plugin. It was just a one-time problem encountered during migration, so not something I’ve thought about much since.

    I end up installing both Wordfence and Async JS on most sites, including many structured in this way, but, like I said, this is the first time I’ve encountered this particular issue.

    Also, I’ll leave this question open just in case you – with your much better understanding and more extensive experience – have any specific ideas about whitelisting Async JS on Wordfence or avoiding this issue in some other way – not that temporarily disabling Wordfence in a higher level installation is necessarily a huge deal. Please feel free to mark it as resolved if you prefer.

    Thanks as ever.

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    wow, that one weird edge-case horror-scenario you had there, kudo’s on finding cause & solution! 🙂

Viewing 10 replies - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.