- You’re adding raw JavaScript or PHP code to your site using the WordPress admin or any web editor (excluding Plesk)
- You might be editing the head, header, or footer section in Customizer or your theme's custom code area (example: Thesis theme)
- You get a 403 error, especially if you’re adding a link to a font or other resource
- You get a JavaScript error indicating you're unable to add the code
- WordPress Block editor shows the error: Updating failed. The response is not a valid JSON response.
This problem is frequently caused by our web application firewall protecting your site.
Problem Resolution
These kind of issues are caused by our web application firewall attempting to protect your site from malicious code being injected into the website. The firewall thinks the code you're trying to save is malicious. There are three ways to resolves this:- In Plesk you can temporarily disable the web application firewall, save your changes in WordPress, then re-enable the firewall.
- Rather than pasting in raw HTML or JavaScript code, you might consider finding a plugin that creates the JavaScript for you. For example, rather than using raw HTML for a mailing list capture, often the mailing list provider has a WordPress plugin that handles the code for you.
- Or if you intend to paste a lot of raw HTML or JavaScript code into the site, please see our comprehensive guide to troubleshooting website 403 errors.
