Support » Plugin: Sucuri Security - Auditing, Malware Scanner and Security Hardening » Sucuri blocking access to admin-ajax.php

  • Resolved John Eckman

    (@johneckman)


    On a site with Ninja Forms 3 (3.2.18) and WordPress 4.9.4, activating Sucuri 1.8.14 makes form submission via ajax fail, with a 403 Forbidden error on /wp-admin/admin-ajax.php

    Didn’t see a setting anywhere in Sucuri to turn that off – is that possible?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Didn’t see a setting anywhere in Sucuri to turn that off – is that possible?

    There is no option.

    In fact, this is not the intended behavior of the Sucuri plugin.

    I haven’t implemented any feature to do reactive blocking. The blockage must be coming either from another security plugin running in the background, or from an incompatibility between Ninja Forms and the Sucuri plugin, in which case I will need to investigate further comparing both code bases.

    I will pass this to my project manager and they will decide what is the priority.

    Thanks for the reply – sorry if I jumped to the conclusion it was Sucuri. We’re not running any other security plugin, and disabling Sucuri made the form immediately start working.

    I will also investigate whether I can replicate with *just* sucuri and ninja forms or if other plugins are involved.

    Turn out it isn’t Sucuri at all, but a caching plugin – it was caching the nonce which then meant the post to admin-ajax.php was failing

    Ah good to know, thank you for sharing 🙂

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Sucuri blocking access to admin-ajax.php’ is closed to new replies.