• Resolved bidak

    (@bidak)


    I have implemented a question and answer forum for programming questions using WordPress.
    Wordfence plugin is installed on my WordPress system.
    Content of posts have programming code with syntax highlighter.
    ?Data are inserted as AJAX request.
    The following error occurs when I use html syntax in posts:

    A potentially unsafe operation has been detected in your request to this site
    Your access to this service has been limited. (HTTP response code 403)

    If you think you have been blocked in error, contact the owner of this site for assistance.

    Block Technical Data
    Block Reason: A potentially unsafe operation has been detected in your request to this site

    The code I want to insert is:

    function redirect($url)
    {
        @header('location: ' . $url);
        exit('<meta http-equiv="Refresh" content="0;url='. $url .'">');
    }

    Will this problem be solved if the post is not inserted as ajax?
    What’s the solution?

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @bidak,

    Do you see a, “I am certain this is a false-positive” checkbox with an “Allowlist this action” button shown on the Wordfence blocking page in question? If so, does this cause a permanent fix or does it get flagged again next time around?

    Have you also tried running the operation with Learning Mode enabled? From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now perform the actions again that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.

    Let me know how that goes,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Wordfence: A potentially unsafe operation has been detected (response code 403)’ is closed to new replies.