We have a 403 with https://elitedjanimation.fr/wp-json/cleantalk-antispam/v1/apbct_set_important_parameters

Failed to load resource: the server responded with a status of 403 ()

Clic on next page on the blog to simulate.

It’s blocking admin-ajax and making the site unstable. We have had too many errors like this on our websites, this is getting exhausting…

Cheers.

Here is a screenshot.

I tried to deactivate the minfy-Options but this did not not change anything. I also checked memory ressources – they are fine.

My question is there an internal chache process that started after lets say an hour that may create this kind of error? How can I deactivate or change it?

` wp-core

version: 6.5.3
site_language: de_DE
user_language: de_DE
timezone: Europe/Berlin
permalink: /unser-blog/%postname%/
https_status: true
multisite: false
user_registration: 0
blog_public: 1
default_comment_status: undefined
environment_type: production
user_count: 14
dotorg_communication: true wp-paths-sizes

wordpress_path: /var/www/vhosts/campus-lab.de/httpdocs
wordpress_size: 798,26 MB (837033349 bytes)
uploads_path: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/uploads
uploads_size: 634,66 MB (665484297 bytes)
themes_path: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/themes
themes_size: 21,80 MB (22860352 bytes)
plugins_path: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/plugins
plugins_size: 129,38 MB (135660469 bytes)
database_size: 100,71 MB (105605117 bytes)
total_size: 1,65 GB (1766643584 bytes) wp-dropins (4)

advanced-cache.php: true
db.php: true
maintenance.php: true
object-cache.php: true wp-active-theme

name: Astra (astra)
version: 4.6.14
author: Brainstorm Force
author_website: https://wpastra.com/about/?utm_source=theme_preview&utm_medium=author_link&utm_campaign=astra_theme
parent_theme: none
theme_features: core-block-patterns, astra_hooks, widgets-block-editor, align-wide, automatic-feed-links, title-tag, post-thumbnails, starter-content, html5, post-formats, custom-logo, customize-selective-refresh-widgets, editor-style, woocommerce, rank-math-breadcrumbs, amp, widgets, menus
theme_path: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/themes/astra
auto_update: Deaktiviert wp-themes-inactive (1)

Twenty Twenty-Four: version: 1.1, author: Das WordPress-Team, Automatische Aktualisierungen deaktiviert wp-mu-plugins (3)

1&1 Managed WordPress: version: 1.1.0, author: 1&1
1&1 Product Subdomain: version: 1.1.0, author: 1&1
IONOS Marketplace: version: 1.1.0, author: wp-plugins-active (13)

Astra Pro: version: 4.6.9, author: Brainstorm Force
Broken Link Checker: version: 2.2.4, author: WPMU DEV
EWWW Image Optimizer: version: 7.6.0, author: Exactly WWW
MainWP Child: version: 5.0.1.1, author: MainWP
Media Cleaner: version: 6.7.4, author: Jordy Meow
Polylang: version: 3.6.1, author: WP SYNTEX
Real Cookie Banner: version: 4.7.8, author: devowl.io
Spectra: version: 2.13.2, author: Brainstorm Force
Statify: version: 1.8.4, author: pluginkollektiv
Statify – Extended Evaluation: version: 2.6.4, author: Patrick Robrecht
UpdraftPlus - Backup/Restore: version: 1.24.3, author: UpdraftPlus.Com, DavidAnderson,
W3 Total Cache: version: 2.7.2, author: BoldGrid
Yoast SEO: version: 22.7, author: Team Yoast

WP-Memory-Usage: version: 1.2.9, author: Bernhard Kux

image_editor: EWWWIO_Imagick_Editor
imagick_module_version: 1690
imagemagick_version: ImageMagick 6.9.10-23 Q16 x86_64 20190101 https://imagemagick.org
imagick_version: 3.7.0
file_uploads: 1
post_max_size: 16M
upload_max_filesize: 16M
max_effective_size: 16 MB
max_file_uploads: 20
gd_version: bundled (2.1.0 compatible)
gd_formats: GIF, JPEG, PNG, WebP, BMP, XPM
ghostscript_version: 9.50 wp-server

server_architecture: Linux 5.4.0-96-generic x86_64
httpd_software: Apache
php_version: 8.2.19 64bit
php_sapi: fpm-fcgi
max_input_variables: 1000
time_limit: 600
memory_limit: 256M
max_input_time: 60
upload_max_filesize: 16M
php_post_max_size: 16M
curl_version: 7.68.0 OpenSSL/1.1.1f
suhosin: false
imagick_availability: true
pretty_permalinks: true
htaccess_extra_rules: true
current: 2024-05-17T06:26:20+00:00
utc-time: Friday, 17-May-24 06:26:20 UTC
server-time: 2024-05-17T08:26:18+02:00 wp-database

extension: mysqli
server_version: 10.3.39-MariaDB-0ubuntu0.20.04.2
client_version: mysqlnd 8.2.19
max_allowed_packet: 16777216
max_connections: 151 wp-constants

WP_HOME: undefined
WP_SITEURL: undefined
WP_CONTENT_DIR: /var/www/vhosts/campus-lab.de/httpdocs/wp-content
WP_PLUGIN_DIR: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/plugins
WP_MEMORY_LIMIT: 256M
WP_MAX_MEMORY_LIMIT: 256M
WP_DEBUG: false
WP_DEBUG_DISPLAY: false
WP_DEBUG_LOG: false
SCRIPT_DEBUG: false
WP_CACHE: true
CONCATENATE_SCRIPTS: false
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_ENVIRONMENT_TYPE: Nicht definiert
WP_DEVELOPMENT_MODE: undefined
DB_CHARSET: utf8
DB_COLLATE: undefined wp-filesystem


wpml:
plugins/real-cookie-banner-pro: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/plugins/real-cookie-banner-pro/wpml-config.xml
plugins/ultimate-addons-for-gutenberg: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/plugins/ultimate-addons-for-gutenberg/wpml-config.xml
plugins/wordpress-seo: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/plugins/wordpress-seo/wpml-config.xml
themes/astra: /var/www/vhosts/campus-lab.de/httpdocs/wp-content/themes/astra/wpml-config.xml

I disabled JS minifying and combining to fix my websites.

I have an existing CloudFront distribution serving my WP, and I want to add it to W3TC so I can use auto-invalidation. I added the CloudFront domain and CNAME in the “Replace site’s hostname with” field, but then I click to test I get the error “Error: Distribution for origin “www.my-website.com” not found. The user permissions are correct (I’ve even tried attaching admin permissions and got the same error).

The DNS www.my-website.com is pointing to the CloudFront distribution, so the origin domain is different (origin-www.my-website.com) since it points to an ALB, however I can’t edit or rename the field “Origin” on the W3TC configuration page.

As part of the troubleshooting, I’ve tested adding a dummy origin with origin domain “origin-www.my-website.com” and the test passed.

Is there a way to rename the “Origin” on the W3TC CDN Configuration? If not, what is the correct way to import an existing CloudFront distribution?

We’re using W3 Total Cache to expose the Memcached object cache. Can you confirm whether or not WPP works with W3TC when caching pageviews?

Accessing wp-login.php or /wp-admin creates either “too many redirects” or an “Access Denied error” depending on whether W3TC plugin directory is deleted or unchanged.

I can’t get into WordPress Admin after renaming and stripping I have renamed W3TC

I tried many corrections:

1. no .htaccess

2. Added (in wpconfig.php) – define( ‘AIOS_NO_FIREWALL’, true);

Its not clear how to recover AIOS after hours of troubleshooting how to remove the W3TC plugin.

Any suggestions?

On another domain we hos that uses WP Fastest Cach we can add this entry to solve the issue:

If REQUEST_URI Contains spbc_remote_call_action in their EXCLUDE PAGE Wizard.

How can we achieve the same in your cache plugin?

Regards

Steve B

We finally managed to find the root cause why certain sites keep on going down, frequently taking the whole server with it. These are large websites which are frequently visited by all sorts of bots (some legit, many not) to a point they get more traffic from non-humans than from actual visitors.

To speed it up we installed w3tc total cache, with Page cache set on Disk (enhanced), which uses .htaccess to serve the static content, has increased the performance significantly, however, sporadically, every 10 or 20 uncached pages that get visited result in an out of memory error (so this is almost every second due to the amount of traffic), the php error mentioning it is Wordfence running out. At such requests, the caching succeeds, the user get served a 500 error, but only after a refresh the cached content is shown.

The problem seems to be gradually increasing, getting 500 errors more frequently. Disabling Wordfence has solved all these issues. When we investigate the database, we notice its keeping track of the new cache files being created (and probably scanned / checked), which is growing exponentially. Preferably, Wordfence should not be adding extra load at this point.

PHP execution time is set to 60 seconds and a memory limit of 1024MB.

Before we try to make a switch to a different plugin to see if those handle memory issues better, we figured we would first ask here. The site is also behind a cloudflare, so basically we mostly only want malware protection, likely could do without the firewall if its causing this much extra load.

Any idea’s or suggestions to make Wordfence less demanding even if it’s at the cost of live protection?

I didn’t even know this was happening for months until someone recently reported a broken link on my website, because my dozens of 301 redirects weren’t working at all.

I had a .htaccess file full of custom rules before I installed W3TC. Apparently, the plugin inserted its own rules and deleted all of mine. Completely. There was not one custom rule left in my file. (I can’t remember which version was this, but it was a while ago.)

The plugin did not warn me it would alter my .htaccess file, or suggested I back it up. I had no way of knowing it has done that. I had no reason to check the file.

Thankfully I had an old local backup that I was able to copy my rules from today, and only when I copied them before BEGIN W3TC Browser Cache did my redirects start working again. So my suggestions for improvement:

1. Warn users that the plugin will alter their .htaccess file and offer to back up the contents.
2. When adding W3TC rules, add them after everything that’s already in there, not before. Because any 301 redirects have to come before W3TC rules in order to work. Once W3TC messes with the URL structure, they will no longer match with the URL redirect rules, and the result is a 404 error.

If there’s a better place to send this suggestion let me know, but I hope you can forward this to your dev team.