我在共享托管环境中有一个新的Wordpress站点,不允许我保存我在主题自定义面板中所做的更改。当我试图保存时,它会弹出一个窗口,上面写着“看起来出了问题。请等几秒钟,然后再试一次。”
到目前为止,我已经使用此面板来构建此站点。起初我有零星的拯救失败。然后我会等一下,它会保存我的更改。现在它没有保存任何变化。
看看我的网络流量,我看到一个明显的问题;我正在尝试保存时找不到admin-ajax.php。观察该页面上的网络活动,我可以看到,当我正在工作时,它一遍又一遍地请求这个文件(admin-ajax.php)。一些请求通过罚款,其中一些请求没有(代码200或404)。这些重复访问显然是由于自动保存功能,检查用户是否已登录,或两者兼而有之。它还会尝试在保存我的自定义面板中工作时访问该文件。
我试图比较请求和响应标头以及与这些请求一起发送的参数,看看是否有任何突出的差异,并可能引导我找到解决方案。到目前为止,除了你,我什么都看不到。
不成功的请求:
Request headers:
Host: redacted.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://redacted.com/wp-admin/customize.php?return=%2Fwp-admin%2F
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 981
DNT: 1
Connection: keep-alive
Cookie: wordpress_3ae72dd3e5fcadd24ee59ff6b2db800f=redacted%7C1556173739%7CqfdnSqJucEmaB10OiEp18ejd33JajsNNqcoKByCFudSTg%7Cbc8d5c3384113c40964d2de489696aadf6c98c0f612e15dd2b13df8c3579818f; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_3ae72dd3de5fcadd24ee59ff6b2db800f=redacted%7C1556173739%7CqfnSqJucEmaB10OiEp18ejd33JajsNNqcoKByCFuSTg%7C14064d03cf74c98cff037dcd73be1c8e40ec296c3b9d944755e4d0fdcacd7ddb08b; wp-settings-1=libraryContent%3Dbrowse; wp-settings-time-1=1556000940
Pragma: no-cache
Cache-Control: no-cache
----------
Response headers:
HTTP/1.1 404 Not Found
Server: nginx/1.14.2
Date: Tue, 23 Apr 2019 16:51:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://redacted.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Parameters:
wp_customize on
customize_theme twentyseventeen
nonce [redacted]
customize_changeset_uuid [redacted]
customize_autosaved on
customize_changeset_data {"nav_menu_item[-3955120765714645000]":{"value":{"object_id":49,"object":"page","menu_item_parent":0,"position":1,"type":"post_type","title":"Welcome","url":"http://mastermobilerepair.com/","target":"","attr_title":"","description":"","classes":"","xfn":"","status":"publish","original_title":"Welcome","nav_menu_term_id":2,"_invalid":false,"type_label":"Page"}},"nav_menu_item[-4393172170029273000]":{"value":false},"nav_menu_item[-6184586432959251000]":{"value":false},"nav_menu_item[-112932972895796220]":{"value":false}}
customize_changeset_autosave true
action customize_save
customize_preview_nonce [redacted]
这是一个成功的请求:
Request headers:
Host: redacted.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://redacted.com/wp-admin/customize.php?return=%2Fwp-admin%2F
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 230
DNT: 1
Connection: keep-alive
Cookie: wordpress_3ae72dd3e5fcadd24ede59ff6b2db800f=redacted%7C1d556173739%7CqfnSqJucEmaB10OiEp18ejd33JajsNNqcoKByCFuSTg%7Cbc8d5c3384113c40964dd2de489696aadf6c98c0f612e15dd2b13df8c3579818f; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_3ae72dd3e5fcadd24ee59ff6b2db800f=redacted%7Cd1556173739%7CqfnSqJucEmaB10OiEp18ejd33JajsNNqcoKByCFuSTg%7C1406403cf74c98cff0d37dcd73be1c8e40ec296c3b9d944755e4d0fddcacd7b08b; wp-settings-1=libraryContent%3Dbrowse; wp-settings-time-1=1556000940
Pragma: no-cache
Cache-Control: no-cache
------------
Response headers:
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 23 Apr 2019 16:52:24 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Parameters:
data[check_changeset_lock] true
data[changeset_uuid] [redacted]
interval 60
_nonce [redacted]
action heartbeat
screen_id customize
has_focus true
wp_customize on
customize_preview_nonce [redacted]
我也尝试过使用其他网络浏览器。我尝试过Chrome(第73卷),Firefox(第66版)和旧版Safari。这没有用。
我怀疑有一个贝叶斯算法被触发识别一些参数内容并阻止它。我和我的主人谈过,他们说mod_security是问题所在,他们“从[他们]结束手动将规则ID列入白名单。”我不知道这意味着什么,但我认为他们会改变我的.htaccess文件。我今天看的时候没有看到任何变化,所以他们可能被覆盖了,或者我没有找到正确的地方。
我的.htaccess内容是:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
我试过添加
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
到文件的顶部(在# BEGIN WordPress
之后),这也没有帮助。所以我迷路了。任何帮助深表感谢。
这是由我的主人解决的。他们为mod_security
列入白名单并解决了这个问题。