Support » Plugin: Anti-Malware Security and Brute-Force Firewall » API error with Thrive Comments plugin

  • Resolved WPsuperduperuser

    (@wpsuperduperuser)


    I’m trying to use the Thrive Comments plugin AND GOTLMS, which I love, but when your plugin is activated my API’s don’t work correctly for email subscriptions to my comment sections.

    Here’s the error screenshot from the developer console.

    2019-03-28_1722

    Is there anything I can do on my end to have your plugin bypass API calls for this plugin?

    In case it helps, here’s the text from those errors, in a pasted format in case you need to copy them and not just see them in an image.

    ----------------
    
    Access to XMLHttpRequest at 'https://safe-load.gotmls.net/report.php?ver=4.18.63&attack[]=FW__fs_blog_admin&SERVER_REMOTE_ADDR=159.118.41.185&SERVER_HTTP_HOST=freestooges.com&SERVER_REQUEST_URI=%2Fwp-admin%2Fadmin-ajax.php%3F_fs_blog_admin%3Dtrue&SERVER_HTTP_REFERER=https%3A%2F%2Ffreestooges.com%2Fwp-admin%2Fadmin.php%3Fpage%3Dtve_dash_api_connect&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28iPad%3B+CPU+OS+11_0+like+Mac+OS+X%29+AppleWebKit%2F604.1.34+%28KHTML%2C+like+Gecko%29+Version%2F11.0+Mobile%2F15A5341f+Safari%2F604.1' (redirected from 'https://freestooges.com/wp-admin/admin-ajax.php?_fs_blog_admin=true') from origin 'https://freestooges.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    
    Access to XMLHttpRequest at 'https://safe-load.gotmls.net/report.php?ver=4.18.63&attack[]=FW__fs_blog_admin&SERVER_REMOTE_ADDR=159.118.41.185&SERVER_HTTP_HOST=freestooges.com&SERVER_REQUEST_URI=%2Fwp-admin%2Fadmin-ajax.php%3F_fs_blog_admin%3Dtrue&SERVER_HTTP_REFERER=https%3A%2F%2Ffreestooges.com%2Fwp-admin%2Fadmin.php%3Fpage%3Dtve_dash_api_connect&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28iPad%3B+CPU+OS+11_0+like+Mac+OS+X%29+AppleWebKit%2F604.1.34+%28KHTML%2C+like+Gecko%29+Version%2F11.0+Mobile%2F15A5341f+Safari%2F604.1' (redirected from 'https://freestooges.com/wp-admin/admin-ajax.php?_fs_blog_admin=true') from origin 'https://freestooges.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    • This topic was modified 5 years ago by t-p.
    • This topic was modified 4 years, 11 months ago by Jan Dembowski.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    This CORS Error has been fixed by altering my Firewall rules but you will want to make sure that this API of your’s does not misuse the FW__fs_blog_admin parameter to validate admin authorization falsely. It has been discovered that some plugins that use the older Freemius Class without understanding the potential vulnerability.

Viewing 1 replies (of 1 total)
  • The topic ‘API error with Thrive Comments plugin’ is closed to new replies.