Plugin Author
icc0rz
(@icc0rz)
Hi,
Most likely this is a third-party plugin doing stuff it shouldn’t or maybe you aren’t aware of. Are there any error if you open your browser console on the page that fails? (Ctrl+Shift+J in Chrome)
I would try disabling different third-party plugins until it starts working.
Another thing to be aware of is security plugins creating .htaccess files in the uploads folder. You should probably check there aren’t any you haven’t configured/setup.
Hi, thank you for your reply.
I see…
I got these from the browser console.
JQMIGRATE: Migrate is installed, version 3.3.2 load-scripts.php?c=1&load%5Bchunk_0%5D=jquery-core,jquery-migrate,utils&ver=6.0.2:5
jquery.js?ver=1.15.4:2
Allow attribute will take precedence over ‘allowfullscreen’.
attr @ jquery.js?ver=1.15.4:2
h5peditor-metadata-author-widget.js:1
Failed to load resource: the server responded with a status of 403 ()
h5peditor-metadata.js?ver=1.15.4:23
Uncaught TypeError: H5PEditor.metadataAuthorWidget is not a function
at new MetadataForm (h5peditor-metadata.js?ver=1.15.4:23:486)
at ns.Form.processSemantics (h5peditor-form.js?ver=1.15.4:47:590)
at h5peditor-library-selector.js?ver=1.15.4:12:241
at h5peditor.js?ver=1.15.4:17:126
at h5peditor.js?ver=1.15.4:10:1
at script.onload (h5peditor.js?ver=1.15.4:2:181)
DevTools failed to load source map: Could not load content for chrome-extension://aajahhgggmjeoanmebkebnikpnfkbejb/js/Content.js.map: System error: net::ERR_BLOCKED_BY_CLIENT
load-scripts.php?c=1&load%5Bchunk_0%5D=jquery-core,jquery-migrate,utils&ver=6.0.2:2 POST https://www.ttjpl.com/wp-admin/admin-ajax.php net::ERR_NAME_NOT_RESOLVED
As for .htaccess files, I remember adding some code to enforce https.
Plugin Author
icc0rz
(@icc0rz)
It appears your web server is blocking the loading of important JS files, such as: h5peditor-metadata.js
Most likely it’s a security plugin doing this. It has probably created an .htaccess file refusing to load JS from other third-party plugins.
Thank you for your reply.
My site has Wordfence and my host has Immunity 360 and Mod Security.
What kind of scripts(?) should I be looking for? (Is it safe to post the .htaccess code here publicly?)
Also, how can I delete the link I posted above? I wasn’t thinking thoroughly about posting it publicly..
So Wordfence has below in .htaccess file. (I changed some parts to *.)
Is this the reason?
# Wordfence WAF
<IfModule LiteSpeed>
php_value auto_prepend_file ‘/home/****com/public_html/wordfence-waf.php’
</IfModule>
<IfModule lsapi_module>
php_value auto_prepend_file ‘/home/****com/public_html/wordfence-waf.php’
</IfModule>
<Files “.user.ini”>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
Plugin Author
icc0rz
(@icc0rz)
Is there a file called wp-content/plugins/.htaccess or wp-content/.htaccess in your WordPress install folder?
Optionally, it could of course be in your Apache config, but if you are on a shared host it’s not likely.
There is wp-content/.htaccess that has below:
# BEGIN ShortPixelWebp
# The directives (lines) between “BEGIN ShortPixelWebp” and “END ShortPixelWebp” are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
# END ShortPixelWebp`
Plugin Author
icc0rz
(@icc0rz)
Ok, nothing there.
Does the following file exist? wp-content/plugins/h5p/h5p-editor-php-library/scripts/h5peditor-metadata.js
If so, you’re going to have to check it’s permission and owner + the permission and owner of all parent folders and that there is no .htaccess file in any of those blocking .js files.
For some reason your web server can’t serve a regular .js file, which should be pretty basic. I assume this is an issue with file permissions or web server config.
Yes, the file you mentioned exists.
How should I check it? Open the file, copy, and paste it here?
Plugin Author
icc0rz
(@icc0rz)
You web server has to be able to read that file. That means you have to set up the permission/owner of so that the user running the web server can see and open that file.
The easiest way is usually just to check that it’s the same as for the rest of the WordPress files that you know the web server is able to serve.
Ok, thank you.
Where in the file do I check permissions/owners? How can I see it for each file? I don’t know where to look.
Plugin Author
icc0rz
(@icc0rz)
What guide did you use to setup your site?
WordPress Support has an good page explaining file permissions and pitfalls here: https://wordpress.org/support/article/changing-file-permissions/
