Admin Ajax Blocked

If you receive the following message, it is likely that your store will not function properly:

Your site appears to be blocking the WordPress ajax interface. This may causes issues with your store.

The admin-ajax.php file is used by Easy Digital Downloads, and many other plugins, to perform common actions in your store, such as applying a discount code, validating the checkout, completing a purchase. It is a very important file. If it is inaccessible, it is very likely that your store will not behave as expected.

Use the suggestions below to help track down the problem and get it resolved.

Plugin Conflicts

Some plugins are known to intentionally block access to admin-ajax.php. The following types of plugin are often responsible:

  • Security plugins. These plugins often have a setting that disables admin-ajax.php, or a similar setting for blocking access to admin files.
  • Plugins that disable /wp-admin/ access for non-administrators.
  • Minification plugins. These plugins boast performance improvements by shrinking the size of javascript (and other) files. This process often times breaks the javascript in Easy Digital Downloads that is responsible for communicating with admin-ajax.php
  • Caching plugins. Occasionally caching plugins can cause problems with admin-ajax.php by either breaking the javascript that creates the ajax requests or by simply making admin-ajax.php inaccessible

If ajax is not working on your site and you have any plugin that matches the descriptions above, try deactivating the plugins and then testing to see if admin-ajax.php becomes accessible again. If it does, then you may still be able to use the plugin, you will just need to find the problematic setting in the plugin and disable it.

Host Firewalls

Occasionally, hosting companies will setup a firewall on your site that is intended to protect your site but that also has the adverse affect of blocking access to admin-ajax.php. If you are having trouble with ajax, check if your host has a firewall and disable if it so. If ajax begins working after disabling the firewall, you have found the culprit. If ajax is still inaccessible after disabling the firewall, you can usually safely re-enable it.

Rules in Your .htaccess File

The .htaccess file used on apache servers can sometimes include special rules that are designed to protect your site from attacks. Occasionally these rules are applied a little too generally and unintentionally disable access to admin-ajax.php. If your ajax is not working, check to see what rules your .htaccess file contain. If there are any rules beyond those shown below, remove them and see if ajax begins working again.

Your .htaccessfile will usually contain rules that look like this (these are perfectly safe and normal):

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule># END WordPress

Cross Domain Issues

admin-ajax.php must be run on the same domain from which it's called. Example: if your site is http://www.example.com and you try to call http://example.com/wp-admin/admin-ajax.php it won't work. Note the www in the first url, and no www in the second url.

This also applies to an SSL mismatch. https://www.example.com/wp-admin/admin-ajax.php cannot call http://www.example.com/wp-admin/admin-ajax.php. Note the https in the first URL, and no https in the second.