Hi everybody,
the text has gotten a little longer, so thank you in advance for staying with me and taking your time!
I am experiencing a problem of piling up 403 errors when in the WordPress backend, specifically the WooCommerce admin (where it hinders me to e.g., make changes to some payment settings), or also when editing a post (Gutenberg). The problem seems to be related to rest_cookie_invalid_nonce
.
Here are example logs from the console
api-fetch.js?ver=064121ed1abb9ed32a10:678
GET http://domain-one.test/wp-json/wc-admin/options?options=woocommerce_admin_transient_notices_queue%2Cwoocommerce_admin_install_timestamp&_locale=user 403 (Forbidden)
---
api-fetch.js?ver=064121ed1abb9ed32a10:678
GET http://domain-one.test/wp-json/wp/v2/templates/twentytwentyfour//single?context=edit&_locale=user 403
“WP Multisite” vs multiple “sites”
I have tried all kinds of solutions and approaches, but to no avail, which led me to wonder, if I even understood “Multisite” vs “sites” (as per Trellis Docs) correctly.
So first off, let me please ask, if my understanding in this regard is correct, or if my approach cannot work in the first place:
Instead of installing a “WP Multisite” (i.e., one WordPress install with multiple websites), I configured my project with multiple “sites” (each having their own WordPress/Bedrock install), leaving me with a structure that looks like this:
site_domain-one (Bedrock)
| composer.json
| config
| | application.php
| | environments
| | | development.php
| | | ...
| web
| | app
| | | plugins
| | | themes
| | | ...
| | wp
| | | ...
| .env
| composer.json
| ...
site_domain-two (Bedrock)
| composer.json
| ...
site (more sites ...)
| ...
trellis
| group_vars
| hosts
| ...
…and group_vars/development/wordpress_sites.yml
like this:
# Created by trellis-cli v1.11.1
# Documentation: https://roots.io/trellis/docs/wordpress-sites/
wordpress_sites:
domain-one.com:
site_hosts:
- canonical: domain-one.test
redirects:
- www.domain-one.test
local_path: ../site_domain-one
admin_email: mymail@mail.com
multisite:
enabled: false
ssl:
enabled: false
provider: self-signed
cache:
enabled: false
domain-two.com:
site_hosts:
- canonical: domain-two.test
redirects:
- www.domain-two.test
local_path: ../site_domain-two
admin_email: mymail@mail.com
multisite:
enabled: false
ssl:
enabled: false
provider: self-signed
cache:
enabled: false
more-domains.com:
...
Again, in my understanding, I don’t have a “WP Multisite”, but multiple “sites”, with each “site” having a separate WordPress/Bedrock installation.
Question 1→ Is my understanding correct? Is it possible to setup the Roots stack like this, or is my approach wrong, and the only way to go about it is a “WP Multisite”?
Similar topics
There are very similar topics surrounding the error rest_cookie_invalid_nonce
. Again, they are mostly referring to “Multisite” though, which leaves me to wonder, if they are even applicable in my case (or if I have to switch to a multisite regardless?)(see explanation above).
Especially this topic (Rest_cookie_invalid_nonce error) is very similar. I have reached out to its author, but haven’t received a reply yet. In the aforementioned topic, three other threads are also mentioned (again, all referring to Multisite):
They very much describe (parts) of my problem, but miss solutions (I could get to work).
Error
As mentioned above, the console log(s) look like:
api-fetch.js?ver=064121ed1abb9ed32a10:678
GET http://domain-one.test/wp-json/wc-admin/options?options=woocommerce_admin_transient_notices_queue%2Cwoocommerce_admin_install_timestamp&_locale=user 403 (Forbidden)
with a preview / response of:
{code: "rest_cookie_invalid_nonce", message: "Cookie check failed", data: {status: 403}}
code: "rest_cookie_invalid_nonce"
data: {status: 403}
status: 403
message: "Cookie check failed"
My setup
- Trellis, Bedrock, Sage
- multiple “sites” (not WP Multisite)
- Since the error already appears in local development (only WordPress and WooCommerce installed, with Twenty Twenty-Four theme), and judging from the similar topics, it seems to be Bedrock (or Trellis) related
- To the best of my memory, I have not altered the Bedrock setup (but regularly installed it via Trellis-CLI)
- The issue persists after clearing browser cache and re-provisioning via
trellis provision development
- this answer (below) suggests the following, but since its an install with only WordPress, WooCommerce, and Twenty Twenty-Four theme), I did not know, which further plugins/blocks to disable:
Question 2 → Is of course, how to solve the problem / where to look / where it likely lies / etc.?
Thank you very much for reading. Please let me know, if you need further information. I hope that someone can help (guide) me to the right solution, and that this thread then helps others to find a solution, too
Very much looking forward to your replies!
P.S.: In the meantime, I have done a new fresh trellis install, with two “sites” (both only WordPress, WooCommerce, Twenty Twenty-Four) and the issue persists (in development). Pretty sure, that means that something in my config is wrong (?), but I can’t figure out what