Cloudflare blocking rest API calls from WordPress’ Gutenberg editor.

Brett Elliff Uncategorized

Recently WordPress has updated their WYSIWYG editor to Gutenberg which is absolutely fantastic!  The only issue thus far is that when editing or updating a post within WordPress you see is the following.

This prevents the auto save and publish functions from working.  WordPress and Cloudflare are working on the issue and have a workaround in place.   The fix involves disabling two rules in the WordPress rules set in the Web Application Firewall settings in your Cloudflare account.

  1. Once you are logged in click on the domain that you need to edit.
  2. Click on Firewall from the top menu.
  3. Scroll down to the section titled IP Firewall Button.
    1. Click the button to the left titled Web Application Firewall.
  4. Look for the section titled Package: Cloudflare Rule Set.
    1. Click Rule Details.
  5. Scroll down to the section titled Cloudflare WordPress and click the link.
  6. Click on page 4 from the pagination at the bottom of the section.
  7. Look for the rules WP0025A and WP0025A.
  8. On the far right side of the section under the Mode heading you will see a drop down list.
  9. Choose disable for both rules.
  10. You should see a green par across the bottom of the screen indicating that the settings are saved.
  11. Click the Close button.
  12. Go back to your WordPress Admin area and try to edit a post.

Unfortunately this workaround has never worked for me even after Gutenberg was updated and Cloudflare pushed out patches on their end.  As a last resort I had to whitelist my IP from the Firewall Events section of the Firewall page.

Now I am once again able to edit posts and whatnot in WordPress!