Wordfence Firewall blocked a background request to WordPress for the URL XXXXXX - when updating or saving
When updating an item in WordPress, you receive the following error:
Background Request Blocked. Wordfence Firewall blocked a background request to WordPress for the URL XXXXXXXXX. If this occurred as a result of an intentional action, you may consider whitelisting the request to allow it in the future.
You see the option for Whitelist this action or Dismiss.
Review the URL that is displayed for the content in the message:
- If you see your site address and /wp-admin/ in it and you are intentionally trying to save the content, then click OK to Whitelist this action.
- If the address looks different and/or you are not saving content and/or you have any other doubts about that message, click Dismiss.
Wordfence generates warnings like, “Background Request Blocked”, due to their main goal which is to "limited your access to your site". Also Wordfence is just attempting to do its job by blocking suspicious actions. Even though most people are fine with an occasional security warning, if you don’t take action you may find the warnings appearing regularly.
There are easy solutions to try before deactivating Wordfence.
1. Whitelist your IP address.
Get your IP address at http://whatismyip.host/my-ip-address-details
2. “But my IP changes frequently!”
If the “Whitelist IP addresses that bypass all rules” setting is not really an option for you or your designers, then try setting the Wordfence -> Firewall Options, setting to “Learning Mode” as shown in the picture below.