[Resolved] I am not able to edit, disable, or delete Toolset custom code

[Author]

Posts

[Mateus Getulio]

Hello Andrew,

Can you please ask them to also whitelist the url path /wp-admin/admin-ajax.php?

Then I'll take another look at the issue with the search and pagination.

Since my IP hasn't been whitelisted yet, right now I remain blocked and seeing 403 forbidden errors in the console log, I'd like to debug it when the errors are no longer happening in order for me to be able to narrow the debug steps.

Thanks a lot.
Mateus

[andrewD-10]

Hi Mateus,

From Godaddy, "If allowing the URL will be necessary here, then something like this ('-ajax.php') may need to be whitelisted instead of the absolute path."

I went ahead and added -ajax.php on the allow list to any URL that matches.

Please see my screenshot.

If this does not work, I will ask them again to allow the entire url /wp-admin/admin-ajax.php

Please let me know if this worked!

[andrewD-10]

I can also set the -ajax.php to allow if it "Matches, Begins With, Ends With, Exactly" as options too. I currently have Ends with allowed.

[If the URL ends with -ajax.php, then allow.]

[Mateus Getulio]

Hello Andrew,

This is a quick follow up to let you know that the whitelisting worked and I'm not longer experiecing the blocks.

I'm debugging the issue with the search and pagination updates and I'll let you know as soon as I have news.

Thank you for your patience while I investigate it.

[andrewD-10]

Thank you Mateus, Good to hear!
Really appreciate your help on this issue.

[Mateus Getulio]

All right,

I debugged this folder and it also seems to be some sort of Firewall/Hosting block.

I realize that if I remove the CSS section of the search and pagination I'm able to save the view just fine, however, if the CSS section has only this line, the error already starts:

.filter-container .backcolor{background:none;border-radius:8px;padding:20px;box-shadow:0 2px 4px rgba(0,0,0,0.1);background:#fafafa;width:100%;display:inline-block;max-width: 1060px;}

I tried creating a new view with pagination, set it up as simple as possible with a basic loop and added the code above to the CSS section of the pagination and I can no longer save this view. If I remove 'rgba(0,0,0,0.1)' I can save it again.

I migrated your site to a staging server elsewhere, you can access it here: hidden link

It is a bit slow but in this different environment with no Firewall I can save the view just fine regardless of the pagination content.

I also created a staging version using WP Staging plugin on your own site, it is available here: hidden link, we can delete it after our tests are over. In this other staging version in your own server, I switched to a default theme, disabled all non Toolset plugins and updated WordPress, the error still occurs.

All those tests make me believe that the issue is either server, hosting or Firewall related and that there might still be some block in place.

Do you have a test version of your site in a different server or locally that you can test to confirm it is working?

Can you please follow up with the hosting support once more, ask them to look in the Firewall logs for blocked ajax attempts that might have occurred despite you whitelisting your IP and the URL pattern?

Server error logs would be useful as well, if they could provide us with that. They can narrow the logs from today.

Thank you, please let us know.

[andrewD-10]

Hi Mateus,

Good find with this.

Unfortunately, I do not have another server or location running my website so I cannot confirm if I see the same thing. However, I do believe you are correct if you are testing on a separate server and having no issues. It would definitely seem that my firewall may be blocking further ajax calls.

Is there a specific ajax call that toolset makes when updating the Search and Pagination in a view? If so, can you send it to me and I can see how I may allow the URL pass through the firewall?

I have reached out to Godaddy about this and sent them your entire response. I will let you know when they get back to me with a Log of blocked Ajax tasks.

For the server errors, I am running Cpanel. Here is a video on the server errors. Video: hidden link

Errors:
[Wed Aug 28 12:38:43.913010 2024] [autoindex:error] [pid 6874:tid 7040] [client 185.93.228.10:12250] AH01276: Cannot serve directory /home/w2nnms2ait2i/public_html/wp-admin/css/: No matching DirectoryIndex (index.html.var,index.htm,index.html,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.php,index.phtml,index.shtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html,welcome.html) found, and server-generated directory index forbidden by Options directive, referer: binance.com
[Wed Aug 28 10:46:55.545090 2024] [autoindex:error] [pid 6876:tid 7454] [client 185.93.229.10:27878] AH01276: Cannot serve directory /home/w2nnms2ait2i/public_html/wp-admin/css/: No matching DirectoryIndex (index.html.var,index.htm,index.html,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.php,index.phtml,index.shtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html,welcome.html) found, and server-generated directory index forbidden by Options directive, referer: binance.com
[Wed Aug 28 03:27:39.752693 2024] [autoindex:error] [pid 2362652:tid 2362883] [client 185.93.228.10:14350] AH01276: Cannot serve directory /home/w2nnms2ait2i/public_html/wp-admin/css/: No matching DirectoryIndex (index.html.var,index.htm,index.html,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.php,index.phtml,index.shtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html,welcome.html) found, and server-generated directory index forbidden by Options directive, referer: binance.com
[Tue Aug 27 01:14:25.497403 2024] [autoindex:error] [pid 1988457:tid 1988589] [client 66.248.200.10:5060] AH01276: Cannot serve directory /home/w2nnms2ait2i/public_html/wp-admin/css/: No matching DirectoryIndex (index.html.var,index.htm,index.html,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.php,index.phtml,index.shtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html,welcome.html) found, and server-generated directory index forbidden by Options directive, referer: binance.com

[Mateus Getulio]

Hello Andrew,

It looks like the logs point some issues with serving directory indices, they don’t seem directly related to the issues we’re troubleshooting.

Regarding the specific AJAX URL that Toolset uses, the primary endpoint you need to ensure is whitelisted is /wp-admin/admin-ajax.php. This is the general WordPress AJAX handler used by Toolset and many other plugins to process requests. In theory, this has been already set up. We'll have more insight after seeing the block report.

To confirm if the firewall is indeed causing this issue, we could temporarily disable the firewall by pointing your site directly to the hosting IP. This will allow us to see if the View saves properly without the firewall in place. If the issue is resolved, we’ll know it’s related to the firewall, and the hosting support can assist you with configuring it correctly. Once we complete our tests, we can re-enable the firewall for security.

Best regards,
Mateus

[andrewD-10]

Hi Mateus,

I reached out to Godaddy, below is their reply.

It looks like if we can get them your IP address, where the issue is located, and maybe a video on how this is recreated. I believe this will help them test on their end and see where and why the firewall is blocking.

"Hi there,

Thank you for your reply.

Looking through the firewall access logs, we can see several blocks occurring. To ensure we are looking into a legitimate request and not a malicious request or attack, can you please provide the following information regarding the issue you've referenced, so we may investigate this issue further?

--Screenshot of any error/warning message that you might be seeing, you can upload an image to hidden link and then paste the shareable link in the ticket
--Exact links on which this error was experienced
--Current IP when getting the issue, you can check that here: hidden link
--Exact steps to replicate the issue on our end

This will help us to investigate it further at our end to give you a reliable solution for the same.

I'll set this ticket as waiting so we may review it once we hear back from you.

Kind regards,
Nasim"

[Mateus Getulio]

Here is the information requested:

IP: 179.0.72.164

I also added the screenshots in links since you're probably going to forward it to them:

If there's CSS in the fields, more specifically this part: 'rgba(0,0,0,0.1)', there's an error in the console browser: hidden link
If there's no CSS or we remove the occurrences of rgba(0,0,0,0.1), we can save it and there's no error: hidden link

Although it could be a good idea to rule out the WAF block by simply disabling it for a few hours then testing to see if the search and pagination section gets saved.

Thank you.

[andrewD-10]

Thank you Mateus, I will get back with Godaddy and see what their reply is. Hopefully we can disable the firewall or see what else the firewall is blocking.

[andrewD-10]

Hi Mateus,

Thank you for your patients with this support ticket. I really appreciate your hard work as I would not be able to do this on my own!

Here is Godaddy's response below. It looks like they saw that another URL path was being blocked, so they whitelisted it as well. When you have a moment will you see if this working on your end? I will check on my end as well.

"Hello,

Thank you for contacting support.

I have reviewed your case and checked the firewall access logs for today. For the IP, 179.0.72.164, I am unable to find blocks associated with this IP address. However, further review shows that there was a block happening on '/wp-json/wp/v2/users/me' path. Please refer to the information below:

hidden link

The WordPress REST API provides an interface for applications to interact with your WordPress site by sending and receiving data as JSON (JavaScript Object Notation) objects. It is the foundation of the WordPress Block Editor, and can likewise enable your theme, plugin or custom application to present new, powerful interfaces for managing and publishing your site content.

You can read more about it here:

https://developer.wordpress.org/rest-api/

For this, I have added the aforementioned URL to the firewall allowlist here:

hidden link

Can you please clear the cache on your browser and try again? Here is a link with detailed instructions for various and browsers:

Firefox - hidden link
Chrome - hidden link
Edge - hidden link
Opera - hidden link
Safari - hidden link

If issues persist, and to ensure we are looking into a legitimate request and not a malicious request or attack, can you provide the following information regarding the issue you've referenced so we may investigate this further?

- Exact steps to replicate the block/error on our end (If credentials are required to replicate the block/issue, please ensure to provide us with temporary credentials to fully replicate the block/issue).
- An IP address that encountered the block/error message: hidden link (After visiting this URL, please copy/paste the new URL that is generated in the address bar within your ticket reply.)
- URL receiving the block/error message.
- Block/error code listed within the block/error message.
- A screenshot of the block/error. You can upload a screenshot to snipboard.io or prnt.sc and paste the link it generates right into the ticket reply.

You can securely provide the credentials by checking the "I need to provide new connection details" box when you reply. Rest assured that your credentials will remain safe and confidential.

With this information, we can investigate the issue further. If you are unable to provide all the information requested above, providing us with exact steps to replicate the issue on our end should allow us to investigate this issue further.

Due to the nature of this case, we'll mark this ticket as 'Waiting' as we look forward to your response.

Please let us know if you have any additional questions or concerns. We are here to help.

Thank you,
Jerico | Website Security - Analyst"

[andrewD-10]

Hi Mateus,

I have access to a real time firewall report. Here is a video I did as I went through changing the search and pagination. It seems that all my requests were not blocked.

Video: hidden link

However, I am still having issues on my end as it will not save the view after editing the search and pagination.

Is there a special way in which the toolset saves a view vs how toolset saves the search and pagination? If there is a difference it would help to see what isn't working.

[Mateus Getulio]

Hi Andrew,

I took another look into it and I was able to bypass the Firewall and checked that the issue still happens without the interference of it.

I'm getting back to my debugging.

Eventually I may have to escalate this case to our 2nd tier support for further investigation.

I'll keep you posted.

Thank you for your patience and cooperation on this.

[Mateus Getulio]

Hi Andrew,

I have escalated this ticket to our 2nd tier of support where our 2nd tier specialists will take a deeper look at this issue and will try to find a solution.

I will get back to you as soon as I get an answer from them.

Best regards,
Mateus