How to Easily Fix the nonce_failure Error in WordPress

While working on your WordPress website, you may sometimes encounter an unexpected “nonce_failure” error message. This error could occur while working in the theme editor or while performing a routine function like deleting a post or comment, etc.

Fortunately, this is one of the common WordPress errors that can be easily fixed. In this post, I will first explain what is WordPress Nonce, why the nonce failure occurs, and how you can fix it quickly.

Let’s go.

Contents show

What is WordPress Nonce?

Simply put, “Nonce” means a number used once. It is a security token used by WordPress to prevent hackers from taking over your site through remote access.

In reality, Nonces are made up of letters and numbers and are appended to URLs like this:

https://exampledomain.com/wp-admin/post.php?post=564&action=trash&_wpnonce=z893fc4092

Nonces are generated automatically by WordPress when you perform certain actions in the WordPress backend like deleting a comment or trashing a post.

Although I mentioned the literal meaning of nonce as a number that is to be used only once. But the fact is that nonces are used multiple times within a time frame of 24 hours. That is, nonces have a maximum life span of one day after which they expire and are regenerated.

The time span of nonces can be controlled via the wp-config.php file.

Nonces play a very important authentication role on your WordPress website. If nonces were not used, a hacker could control your website by making your browser send a remote authentication request to WordPress which would be considered valid by it.

Why does the nonce_failure error occur and how to fix it?

The primary reason for the nonce_failure is an authentication error because WordPress failed to authenticate the nonce token. Therefore it displays the nonce_failure message to prevent any remote attack on your website.

Clear your cache

The first thing to do is to clear your site cache since the cache could be sending an expired nonce to WordPress resulting in the nonce_failure error.

Once the cache is cleared, repeat the action (like trashing a post or deleting a comment) that had resulted in the nounce_error. Most probably, the error should be resolved. But if it recurs, then try out the next fix.

Disable the plugins

A plugin could also cause the nounce_failure WordPress error. So, disable all the plugins and reactivate them one by one, each time repeating the action that resulted in the error.

If the error occurs upon activation of a particular plugin, you should update the plugin (if updates are available) or replace it with another plugin. You can also inform the plugin developer about the bug that you discovered.

Set custom cache rules in Cloudflare

If your site is using the Cloudflare service, then setting custom page rules could help. Under the Rules menu in Cloudflare, go to Page Rules.

Then set Cache Level to Bypass for the following two URLs:

www.yourdomain.com/wp-admin

www.yourdomain.com/wp-login.php

Follow the image below for further clarity.

Cloudflare nonce_failure page rule WordPress

Summary

You’ve gone through 3 solutions for the WordPress nonce_failure error. Hopefully, one of these worked for you. If you still experience the error, you can order our affordable WordPress troubleshooting service to fix the error for you.

I look forward to your feedback in the comments below.

Finding this solution required considerable effort and time. Consider rewarding me with a coffee!

Donate $2

3 thoughts on “How to Easily Fix the nonce_failure Error in WordPress”

Pierce R. Butler

July 12, 2022 at 9:39 am

Why would I get a “Nonce verification failed.” message when merely trying to leave a comment on a site to which I have no other connection?

I did have a WP account long ago, but others ran the site in question, without needing my help, and I suspect my registration has long expired (I first tried that comment with another email address, then the one that has apparently expired (used with this question); both failed with the same message).
Ian

October 21, 2022 at 7:39 am

I have been struggling with adding a PayPal checkout system on my WP site. I finally got it working and then got the nonce nonsense.

I use Cloudflare for security and speed plus the super cache plugin. Cloudflare is good but you need to be a 10-year experienced photocopier operator to understand all the bells and whistles.

Adding the 2 rules you mentioned above solved the problem with absolute ease. Hours of frustration taken care of in seconds.

If we ever meet I owe you a beer.

Thank you
- Trishan Mehta
  
  October 21, 2022 at 8:41 pm
  
  Hi Ian,
  
  Thanks for your valuable feedback. I am glad that my tutorial helped resolve your nonce_failure error.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.