• Resolved markwill

    (@markwill)


    I am using the free version of WordFence and, as an admin, I am regularly (multiple times per day) being unable to access my site, due “Request Header Or Cookie Too Large” errors. In digging into this I find many wf_loginalerted* cookies, which seems to be the culprit.

    I found this post from a year ago.

    https://wordpress.org/support/topic/400-bad-request-by-wf_loginalerted-expiring-in-2020-05-07/

    However, turning off the options suggested doesn’t resolve the issue (mine are all disabled, as shown here).

    11.05.2020-07.23.09

    This is becoming a pretty significant issue for me, so any help would be appreciated.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @markwill, thanks for reaching out to us on this.

    I genuinely think, despite the 400 error which is HTTP, this is an issue at the browser’s end that could be remedied by clearing cookies for your domain. Sometimes they get too large and the site has trouble writing to the cookie due to local restrictions.

    If you are a Google Chrome user as suggested to me by the specific error text you’re receiving, you can check and delete the cookies of your domain in the cookie section of the Chrome:

    • Open Google Chrome, click the 3 dots in the top-right corner and select Settings option.
    • Navigate to the Privacy and security tab down the left-hand side and click the Site settings option.
    • Click Cookies and site data and then the See all cookies and site data link. Then, in this screen, search for your domain at the top to filter the results. Finally, click the Remove All Shown option.

    Let me know how you get on, or if you can’t find this option in an alternative browser.

    Thanks,

    Peter.

    Thread Starter markwill

    (@markwill)

    Thank you Peter. I am already using this process to fix the issue when it occurs. However, this happens multiple times per day and is, of course, very tedious to have to do this each time. I have used WordFence for a couple of years but this has started happening in the last couple of weeks.

    My question is not how I can clear my cookies but how I can stop this occurring in the first place. Whenever this happens I am seeing around 40 of these WordFence-created cookies (with a different GUID).

    I have disabled the suggested WordFence options (see original post) disabled but still see these cookies. How can I avoid them?

    Thank you.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @markwill, ah thank-you for trying and letting me know that it still occurs after that as well as the settings change.

    Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    Note: For the fastest response time, please make sure and add any information or questions directly to this topic and not the email address above unless asked.

    Thanks,

    Peter.

    Thread Starter markwill

    (@markwill)

    Thank you again, Peter. Although I would eventually like to understand this a little better, I discovered a way to adjust NGINX today for a larger header/cookie size. On first glance that seems to have resolved this issue.

    My working assumption here is that this is an issue that would only be evident to admins. As such, this workaround is fine for now.

    If, for any reason, this comes back or has side effects I will let you know and get the report you requested.

    Thank you again.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @markwill,

    Naturally as we have a large amount of installations without seeing this issue, the NGINX settings would be a strong contender for why this was occurring and for now I’m glad this seems to have remedied what you were seeing.

    If it does come back despite the settings change, I’ll leave this topic open for the next week or so, in case you need to drop the diagnostics report our way.

    Thanks again,

    Peter.

    Hi Mark

    I am experiencing exactly the same issue. Would you be kind enough to share the way you found to adjust NGINX for a larger header/cookie size

    Thanks in advance

    Paul

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Cookies too large (wf_loginalerted*)’ is closed to new replies.