Support » Plugin: Easy Sign Up » Failed Nonce Security Check

Viewing 12 replies - 1 through 12 (of 12 total)
  • Also, the email that did work ended up in the Spam folder. That rarely happens when I use the Amazon SES API.

    I added a Thank You page and set it up as the redirect site. To test it, I deleted the Easy Sign Up data for the email address that worked. Then, I went to http://specialtywebinars.com and re-entered the data to see if the page redirect worked.

    Now, I received the same “Failed Nonce Security Check” message, even though that email worked twice before in testing!

    Frustrating!

    I also tried deactivating WP Super Cache. That did not solve the problem. I only have 12 active plug-ins, all of which are critical.

    Plugin Author Greenweb

    (@greenweb)

    Hi drgraden I have had a look at the easy sign up form in 3 different browsers to check the nonces generated by the plugin.

    They are all the same value. To work they should be different.

    The only way they could be the same is if the form’s HTML is so aggressively cached that WordPress is unable to generate the random nonce value. Or if the form’s HTML was cut and pasted from a form generated earlier.

    Here is a quick summery of what a WordPress nonces is and how they are used.

    A nonce is a “number used once” to help protect URLs and forms from certain types of misuse, malicious or otherwise. WordPress nonces aren’t numbers, but are a hash made up of numbers and letters. Nor are they used only once, but have a limited “lifetime” after which they expire. During that time period the same nonce will be generated for a given user in a given context. The nonce for that action will remain the same for that user until that nonce life cycle has completed.

    If the issue is that the code was cut and paste then the fix would be to use the shortcode or widget to generate the form.

    The shortcode won’t work with my theme’s opt-in features. I could past it into a page, but you caan see my layout and how I want it to look.

    When I used a widget in the sidebar, it was fairly plain. I am not a web developer and am limited in my ability to “pretty it up”.

    Would you be willing to look at it for me if I gave you the log-in credentials? OptimizePress is a widely used theme and I’m sure that you have run into this before.

    Plugin Author Greenweb

    (@greenweb)

    Hi drgraden, I hadn’t heard of OptimizePress till today. I did google them after reading your other post in the forum.

    I would suggest using the widget in the sidebar and then pretty it up with a bit of CSS.

    If you add the widget, let me know and also let me know what look your going for and I’ll see what I can do to help out.

    Here is a rather extreme example of a customised easy sign up form using CSS: http://www.beforesite.com/2015/02/03/customise-easy-sign-form/

    And if you want to take the customisations a but further there is an add-on for that too http://www.beforesite.com/downloads/easy-sign-up-styles-extra/

    Plugin Author Greenweb

    (@greenweb)

    drgraden I am heading out of the office but if you need my help please message me directly either by email help@beforesite.com or fill out a ticket form at http://www.beforesite.com/support-ticket/

    Okay, I bought the style plugin and replaced what I had with a widget.

    It works now and I modified the CSS that you provided.

    Can you test it like you did before to make sure that the values are different in different browsers, as you mentioned above?

    If you get the proper results, we can mark this as resolved.

    Almost there…

    Thanks,

    Paul

    Plugin Author Greenweb

    (@greenweb)

    Hi Paul looks good my tests worked on both Firefox and Chrome.

    Thanks for using the plugin good luck with the campaign.

    Thanks so much

    I am having this same issue at http://4br.biz/join-4br, but can’t have it in a widget. I am using the shortcode. How do I fix this?

    It works for some and not for others.

    Plugin Author Greenweb

    (@greenweb)

    dgbrackett you have a similar issue to the one we solved for Paul.
    Your WordPress site is outputting the same nonce each time the page is loaded. If your WP site set to the “out of the box” WordPress configuration* it would be a unique value each time. The issue is not with the plugin.

    First thing I would check is your WP Super Cache plugin. I searched the WordPress forum and found these links where folks are running into a nonce issue while using WP Super Cache. Perhaps this will help.

    https://wordpress.org/support/topic/how-to-stop-the-plugin-caching-the-online-contact-form?replies=7

    https://wordpress.org/support/topic/plugin-contact-form-7-forms-not-sending-with-super-cache-enabled?replies=10

    My tips on troubleshooting your WP plugin:
    https://wordpress.org/plugins/easy-sign-up/faq/

    *I realize that every website is unique so there may be a very valid reason for your settings. Not a judgment 😉

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Failed Nonce Security Check’ is closed to new replies.