Blocked Background Request | WordPress.org

Resolved mesmer7
(@mesmer7)

4 years, 1 month ago

I’ve been using wordfence for two years without a problem. But starting today every time I’ve edited a post, Wordfence gives the following warning:

Wordfence Firewall blocked a background request to WordPress for the URL https://www.hypnoticdreams.com…x.php?wpacu_check_external_url. If this occurred as a result of an intentional action, you may consider whitelisting the request to allow it in the future.

In the tools I see this:

… left https://www.hypnoticdreams.com/wp-admin/post.php?post=5204&action=edit and was blocked by firewall for XSS: Cross Site Scripting in POST body: wpacu_check_urls=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DSource%2BSans%2BPro%3A400%2C300%2C300italic%2C40… at https://www.hypnoticdreams.com/wp-admin/admin-ajax.php?wpacu_check_external_url=
3/12/2020 1:36:41 AM (46 seconds ago)
IP: 69.14.154.236 Hostname: d14-69-236-154.try.wideopenwest.com
Human/Bot: Human
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:73.0) Gecko/20100101 Firefox/73.0

That’s definitely my computer and my IP address. And as far as I know, the editor doesn’t request google fonts. So what’s triggering the warning?

Viewing 3 replies - 1 through 3 (of 3 total)

wfdave
(@wfdave)

4 years, 1 month ago

Hi @mesmer7,

The URL fragment ?wpacu_check_urls=https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,40 shouldn’t trigger any XSS rules.

Can you expand the traffic row to see the entire URL? Currently there’s three dots at the end of the URL, so I can’t see the whole URL.

It’s possible that another plugin on the editor page is requesting Google Fonts – note that even a CSS file can request google fonts.

Dave

Thread Starter mesmer7
(@mesmer7)

4 years, 1 month ago

I think this is it:

https://www.hypnoticdreams.com/wp-admin/admin-ajax.php?wpacu_check_external_url=

This just started happening today. But it has happened almost every time I’ve edited a post or product today. I ran a malware scan on my browser, cleared my cache and cookies, and ran a Wordfence scan on the web site. Still can’t identify the cause.

Thread Starter mesmer7
(@mesmer7)

4 years, 1 month ago

It took a couple of hours of experimenting, but I finally managed to eliminate the warning by reverting to a previous version of Asset Cleanup. The current version is 1.3.5.9 (which was released 3 days ago), and I had to revert to 1.3.5.7.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Blocked Background Request’ is closed to new replies.

In: Plugins
3 replies
2 participants
Last reply from: mesmer7
Last activity: 4 years, 1 month ago
Status: resolved