This documentation is only valid for older versions of Wordfence. If you are using Wordfence 7 or later, please visit our new documentation.

Web Application Firewall - Blocked Ajax Requests

From Wordfence Documentation
Jump to: navigation, search

The Wordfence Firewall can block background requests that use AJAX, showing a message that says "Background Request Blocked". This can prevent certain types of attacks, but some plugins and themes may cause this message as well, even when their requests are safe. It is most likely to occur when adding custom HTML or javascript code in fields that are separate from the WordPress core.

As the admin of the site, you can choose to whitelist these blocked requests by clicking the Whitelist button, if you were simply working on the site when they occur. The message is only shown for logged-in admins of the site, so regular visitors, subscribers, authors, editors, or other types of users on your site will not see them.

If you see this message when clicking a link that was sent to you by another person, or a link from another site that leads to your site, it may not be safe to whitelist. You can contact us about blocked requests if you are not sure whether they are dangerous or not. Be sure to include a description of what you were working on at the time.