Support » Plugin: Ajax Search Lite » The request failed. Status:403

  • Resolved Gary

    (@garyfo)


    Hello,

    For some reason since a while a do get an error message when I type some words in the searchbar instead of getting the autocomplete. Pressing enter will still return to the first suggestion tho.

    I read some tickets about the same issue, but on other extensions page, so I tried to disable other extensions with no luck. I saw it might be an .htaccess related issue, so here is mine if it can help ?

    # BEGIN WordPress
    # Les directives (lignes) entre « BEGIN WordPress » et « END WordPress » sont générées
    # dynamiquement, et doivent être modifiées uniquement via les filtres WordPress.
    # Toute modification des directives situées entre ces marqueurs sera surchargée.
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress
    # BEGIN ShortPixelWebp
    # Les directives (lignes) entre « BEGIN ShortPixelWebp » et « END ShortPixelWebp » sont générées
    # dynamiquement, et doivent être modifiées uniquement via les filtres WordPress.
    # Toute modification des directives situées entre ces marqueurs sera surchargée.
    # END ShortPixelWebp
    <files .htaccess>
    Order allow,deny
    Deny from all
    </files>
    <files readme.html>
    Order allow,deny
    Deny from all
    </files>
    <files license.txt>
    Order allow,deny
    Deny from all
    </files>
    <files install.php>
    Order allow,deny
    Deny from all
    </files>
    <files wp-config.php>
    Order allow,deny
    Deny from all
    </files>
    <files error_log>
    Order allow,deny
    Deny from all
    </files>
    <files fantastico_fileslist.txt>
    Order allow,deny
    Deny from all
    </files>
    <files fantversion.php>
    Order allow,deny
    Deny from all
    </files>
    # Bloquer l'utilisation de certains scripts
    RewriteEngine On
    RewriteBase /
    RewriteRule ^wp-admin/includes/ - [F,L]
    RewriteRule !^wp-includes/ - [S=3]
    RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
    RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
    RewriteRule ^wp-includes/theme-compat/ - [F,L]
    # Protection contre les injections de fichiers
    RewriteCond %{REQUEST_METHOD} GET
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
    RewriteRule .* - [F]
    # Protections diverses (XSS, clickjacking et MIME-Type sniffing)
    <ifModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-Content-Type-Options: "nosniff"
    </ifModule>
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
    <IfModule mod_headers.c>
    Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' www.google-analytics.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com www.google-analytics.com https://www.googletagmanager.com; frame-src 'self' https://maps.google.com https://www.google.com https://www.youtube.com; img-src 'self' www.google-analytics.com www.googletagmanager.com data: *.gravatar.com https://i.ytimg.com;"
    </IfModule>
    # Wordfence WAF
    <Files ".user.ini">
    <IfModule mod_authz_core.c>
    	Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
    	Order deny,allow
    	Deny from all
    </IfModule>
    </Files>
    # END Wordfence WAF
    # BEGIN WP Cloudflare Super Page Cache
    # Les directives (lignes) entre « BEGIN WP Cloudflare Super Page Cache » et « END WP Cloudflare Super Page Cache » sont générées
    # dynamiquement, et doivent être modifiées uniquement via les filtres WordPress.
    # Toute modification des directives situées entre ces marqueurs sera surchargée.
    # END WP Cloudflare Super Page Cache

    Thank you for your time 🙂

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author wpdreams

    (@wpdreams)

    Hi,

    I believe it is because of the CDN browser check. When I try to access the WordPress ajax handler: “https://yoursite.com/wp-admin/admin-ajax.php&#8221;
    Then instead of returning a white page with a 0 printed on it, I am redirected to a captcha page. Once I get by the captcha, the issue is gone.
    Try adding an exception on the cloudflare settings for the WordPress ajax handler – it should be accessible to the public, otherwise there is no way to pefrorm ajax requests.

    Best,
    Ernest M.

    Thread Starter Gary

    (@garyfo)

    Oh thank you I didn’t know that I needed a script from wp-admin ! I removed captcha for this specific file in the folder and it now works perfeclty !

    Plugin Author wpdreams

    (@wpdreams)

    Great 🙂

    I will mark this as resolved then.

    Feel free to rate the plugin if you like it, it is greatly appreciated.

    Best,
    Ernest M.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.