admin-ajax.php – Error 404

Can you please write steps of code what you have did may be there is any issue of path. CMake sure you have used proper coding standards and right way.

Unfortunately, the code was not written by me (the developer says that the problem does not depend on him).

However, I believe this is the portion of code that controls room popup:

jQuery(document).ready(function($){

$('.special-room button.btn, .rooms-sec button.btn').live('click', function(e){

		e.preventDefault();

		$('#room.modal').html('');

		var thislink = this;

		var page_id = $(this).data('id');

		

		$.ajax({

			url: ajaxurl,

			method: 'POST',

			data: 'action=_sh_ajax_callback&subaction=sh_room_detail&post_id='+page_id,

			success: function(res){

				$('#room.modal').html(res);

			}

		});

		

	});

I forgot to say a very important thing. The popup has no problems if I am logged into WordPress admin panel (the browser recognizes “admin-ajax.php” file).

How is this possible?

This is the error detail:

jquery.js?ver=1.12.4:4 POST https://lettoacastello.net/wp-admin/admin-ajax.php 404 (Not Found)
send @ jquery.js?ver=1.12.4:4
ajax @ jquery.js?ver=1.12.4:4
(anonymous) @ script.js?ver=4.9.1:207
dispatch @ jquery.js?ver=1.12.4:3
r.handle @ jquery.js?ver=1.12.4:3

• This reply was modified 7 years, 3 months ago by meng86. Reason: added error details

UPDATE

After tinkering a bit with the admin-ajax.php file, I found the string that causes the problem. If I remove it, everything works correctly until the next day, when the string is automatically recreated. If you see the file [dropbox.com/s/ftez6ctvnxri84q/admin-ajax.php?dl=0], you will see that the first string is very strange:

<?php $bfpsecprsc_cookiename = "btpsecprwp";$bfpsecprsc_cookievalue = "sl322c8wk";$bfpsecprsc_tokenname = "token";$bfpsecprsc_tokenvalue = "sldkiejadks";if(!isset($_COOKIE[$bfpsecprsc_cookiename])){if($_GET[$bfpsecprsc_tokenname]==$bfpsecprsc_tokenvalue){setcookie($bfpsecprsc_cookiename, $bfpsecprsc_cookievalue, time() + 432000);header("Location: https://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . "?" . str_replace($bfpsecprsc_tokenname . "=" . $bfpsecprsc_tokenvalue . "&", "", $_SERVER['QUERY_STRING']));return;}header("HTTP/1.0 404 Not Found");$bfpsecprsc_redirecturl = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . "?" . $bfpsecprsc_tokenname . "=" . $bfpsecprsc_tokenvalue . "&" . $_SERVER['QUERY_STRING'];$bfpsecprsc_redirecthtml = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html>\n<head>\n<title>...</title>\n<meta http-equiv=\"refresh\" content=\"2;url=" . $bfpsecprsc_redirecturl . "\"></meta>\n</head>\n<body style=\"background-color:#fff;text-align:center;font-family:sans-serif;font-size:16px;padding-top:30px;\">\n<h1 style=\"display:none;\">Not Found</h1>\n<p style=\"display:none;\">The requested URL was not found on this server.</p><p style=\"font-size:20px;margin-bottom:15px;\">Caricamento in corso...</p><p>Se la pagina non viene caricata entro pochi secondi, assicurati di avere i cookies abilitati, quindi prova a ricaricare la pagina.</p>\n</body>\n</html>";echo ($bfpsecprsc_redirecthtml);return;} ?>

I am not very expert in coding, but what can this string be linked to? Malware?

• This reply was modified 7 years, 3 months ago by meng86.

Make sure you have used proper action from below hooks in function.php.
add_action( ‘wp_ajax_my_action’, ‘my_action’ );
add_action( ‘wp_ajax_nopriv_my_action’, ‘my_action’ );

• This reply was modified 7 years, 3 months ago by Ronak Ganatra.

Thank you @ronakganatra for your reply.

I think the “functions.php” file has no problems. I share it with you for scruple:
https://www.dropbox.com/s/tq6g7650hhh6bac/functions.php?dl=0

The problem is caused by this code string in the admin-ajax.php file:
<?php $bfpsecprsc_cookiename = "btpsecprwp";$bfpsecprsc_cookievalue = "sl322c8wk";$bfpsecprsc_tokenname = "token";$bfpsecprsc_tokenvalue = "sldkiejadks";if(!isset($_COOKIE[$bfpsecprsc_cookiename])){if($_GET[$bfpsecprsc_tokenname]==$bfpsecprsc_tokenvalue){setcookie($bfpsecprsc_cookiename, $bfpsecprsc_cookievalue, time() + 432000);header("Location: https://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . "?" . str_replace($bfpsecprsc_tokenname . "=" . $bfpsecprsc_tokenvalue . "&", "", $_SERVER['QUERY_STRING']));return;}header("HTTP/1.0 404 Not Found");$bfpsecprsc_redirecturl = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . "?" . $bfpsecprsc_tokenname . "=" . $bfpsecprsc_tokenvalue . "&" . $_SERVER['QUERY_STRING'];$bfpsecprsc_redirecthtml = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html>\n<head>\n<title>...</title>\n<meta http-equiv=\"refresh\" content=\"2;url=" . $bfpsecprsc_redirecturl . "\"></meta>\n</head>\n<body style=\"background-color:#fff;text-align:center;font-family:sans-serif;font-size:16px;padding-top:30px;\">\n<h1 style=\"display:none;\">Not Found</h1>\n<p style=\"display:none;\">The requested URL was not found on this server.</p><p style=\"font-size:20px;margin-bottom:15px;\">Caricamento in corso...</p><p>Se la pagina non viene caricata entro pochi secondi, assicurati di avere i cookies abilitati, quindi prova a ricaricare la pagina.</p>\n</body>\n</html>";echo ($bfpsecprsc_redirecthtml);return;} ?>

Every morning I delete this string (and the website works correctly), but every night it is automatically created again (it’s incredible!). I do not understand what it depends on. In the eventuality, is there a way to disable the writing of the file admin-ajax.php?

Yeah, you can change the file permission via FTP.

But by the sounds of it, your site has been hacked. Maybe install WordFence if you haven’t already.

Your site is definitely hacked. You should lock it from public access and clean it before continuing with your development. The ajax issue is just a side effect of the malware code.