Wordpress admin does not show thumbnails at all

dejavuguides 2019-03-20 12:45:26 UTC #24

Hi @marcos,
I ran the following command and received the following output:

> curl -L -I -H "Access-Control-Request-Method: GET" -H "Origin: https://www.dejavuguides.com" https://www.dejavuguides.com/wp-admin

## Output:
curl -L -I -H "Access-Control-Request-Method: GET" -H "Origin: https://www.dejavug
uides.com" https://www.dejavuguides.com/wp-admin
HTTP/1.1 301 Moved Permanently
Date: Wed, 20 Mar 2019 12:40:38 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Set-Cookie: __cfduid=da919cab305f9e397dd92adfa3e039aee1553085638; expires=Thu, 19-Mar-20 12:40:38 GMT; path=/; doma
in=.www.dejavuguides.com; HttpOnly
X-Frame-Options: SAMEORIGIN
Location: http://www.dejavuguides.com/wp-admin/
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4ba7c1769882c9af-SEA

HTTP/1.1 302 Found
Date: Wed, 20 Mar 2019 12:40:39 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: __cfduid=d396111e87712192b8827d0e2fb03fb1e1553085638; expires=Thu, 19-Mar-20 12:40:38 GMT; path=/; doma
in=.www.dejavuguides.com; HttpOnly
X-Powered-By: PHP/7.2.13
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: tKNewWyZIPfFxMrL=V7w%5DyrGRe6joMfxA; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
Set-Cookie: SVbTqINZjp=Aj1P7a0%5BLM; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
Set-Cookie: MlxZK-sT=4_h1TOic; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
Set-Cookie: nIGQazDpVtxKkHlc=Ou.iso%40U012wq78a; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
X-Frame-Options: SAMEORIGIN
Location: https://www.dejavuguides.com/wp-admin/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept
Server: cloudflare
CF-RAY: 4ba7c176d80ac98b-SEA

HTTP/1.1 302 Found
Date: Wed, 20 Mar 2019 12:40:40 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: __cfduid=da65a4515a33b0b0c3a1129464740ac5a1553085639; expires=Thu, 19-Mar-20 12:40:39 GMT; path=/; doma
in=.www.dejavuguides.com; HttpOnly
X-Powered-By: PHP/7.2.13
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: tKNewWyZIPfFxMrL=V7w%5DyrGRe6joMfxA; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
Set-Cookie: SVbTqINZjp=Aj1P7a0%5BLM; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
Set-Cookie: MlxZK-sT=4_h1TOic; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
Set-Cookie: nIGQazDpVtxKkHlc=Ou.iso%40U012wq78a; expires=Thu, 21-Mar-2019 12:40:39 GMT; Max-Age=86400; path=/
X-Frame-Options: SAMEORIGIN
Location: https://www.dejavuguides.com/wp-login.php?redirect_to=https%3A%2F%2Fwww.dejavuguides.com%2Fwp-admin%2F&re
auth=1
_Access-Control-Allow-Origin: *_
_Access-Control-Allow-Methods: GET, OPTIONS, POST_
_Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept_
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4ba7c1813ef9c9af-SEA

Set-Cookie: SVbTqINZjp=Aj1P7a0%5BLM; expires=Thu, 21-Mar-2019 12:40:40 GMT; Max-Age=86400; path=/
Set-Cookie: MlxZK-sT=4_h1TOic; expires=Thu, 21-Mar-2019 12:40:40 GMT; Max-Age=86400; path=/
Set-Cookie: nIGQazDpVtxKkHlc=Ou.iso%40U012wq78a; expires=Thu, 21-Mar-2019 12:40:40 GMT; Max-Age=86400; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
Set-Cookie: cerber_nexus_id=0; expires=Wed, 20-Mar-2019 12:40:40 GMT; Max-Age=0; path=/
Set-Cookie: wordpress_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=/w
p-admin
Set-Cookie: wordpress_sec_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/wp-admin
Set-Cookie: wordpress_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=/w
p-content/plugins
Set-Cookie: wordpress_sec_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/wp-content/plugins
Set-Cookie: wordpress_logged_in_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=
0; path=/
Set-Cookie: wordpress_logged_in_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=
0; path=/
Set-Cookie: wp-settings-0=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=/
Set-Cookie: wp-settings-time-0=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=/
Set-Cookie: wordpress_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=/
Set-Cookie: wordpress_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=/
Set-Cookie: wordpress_sec_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/
Set-Cookie: wordpress_sec_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/
Set-Cookie: wordpressuser_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/
Set-Cookie: wordpresspass_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/
Set-Cookie: wordpressuser_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/
Set-Cookie: wordpresspass_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; pat
h=/
Set-Cookie: wp-postpass_18b1edbddf04bc5fff0f1b4f063df97d=+; expires=Tue, 20-Mar-2018 12:40:40 GMT; Max-Age=0; path=
/
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4ba7c1825962c9af-SEA

dejavuguides 2019-03-20 12:50:36 UTC #25

Please let me know if I ran that command earlier correctly, as I did run it with the domain name though I can test with and without the https or http if that is helpful?

Here's a screenshot of what I see in the Network tab of the Inspect element in Chrome.

Bitnami number - f66b40ff-e9d3-a8c5-a6d3-d22d2ef2785e

marcos 2019-03-20 16:11:49 UTC #26

Hi @dejavuguides, the command you executed was the correct one and it seems to be properly configured.

However, in the Network tab, could you click any of the failing images and show us the result? It might be more visible if the browser console is in landscape. You must select one of the images that are not visible.

Also, please check the Console tab in your browser console, in case there is any warnings related to CORS.

dejavuguides 2019-03-20 16:28:36 UTC #27

Hi @marcos, okay thank you for the further guidance.

I just checked the Network tab and it looks to be the most informative.

I received 304 errors and disabled the possible plugsin causing it. That is:
1. WP cerber plugin
2. After disabling the WP Cerber plugin, I received an WooCommerce plugin error.

304 errors on these links:
https://www.dejavuguides.com/wp-content/plugins/wp-cerber/assets/admin.js?ver=8.1
https://www.dejavuguides.com/wp-content/plugins/woocommerce/assets/css/menu.css?ver=3.5.6

rafaelrios 2019-03-22 09:49:37 UTC #28

hi @dejavuguides,
Http 304 code is not an error. It indicate what have the browser cached for this item is the up to date one.

Those icons in wordpress are glyphs of a font and the font is loaded in the load-styles.php.

Could you check that you are loading the font ? To do this, you can use the inspect element tool, and then click where the icon should be. You will see the style applied to that html item.

dejavuguides 2019-03-28 21:09:52 UTC #29

Okay, @rafaelrios. I have just taken a look with Inspect element on and the inspecting pointer.

This is what I get.

This is the link that I see here when I copy the link that is in question:
https://www.dejavuguides.com/****/load-styles.php?c=0&dir=ltr&load%5B%5D=dashicons,admin-bar,common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,wp-pointer,widgets&load%5B%5D=,site-icon,l10n,buttons,wp-auth-check&ver=5.1.1

Separately, as I don't think it's related to the new test you have asked to test with. I see this in the error messages now which I didn't see last time.

This is after declicking the styles in the "Styles" box, with Inspect Element pointer in use.

Bitnami number: ce88dd07-2ba2-d577-3f39-dc84ccfdf23c

rafaelrios 2019-04-01 16:05:59 UTC #30

Hi,
Could you check that the font used is the one I highlighted in this screenshot?
I suspect you have a plugin that is messing with the styles of the icons, your url for load-styles is the same that mine for a testing machin. Could you try to disable them one by one and checking the admin page?

dejavuguides 2019-04-03 21:50:22 UTC #31

Good question.

Here is the icon styles here.

I have also disabled almost all my plugins, except the GoogleXML Sitemaps. So I have been running it quite light and just keeping one to maintain SEO.

That is, I have disabled.
AliDropship Woo Plugin, Broken Link Checker, Rediction, Search & Replace, WooCommerce, WooCommerce Stripe Gateway, WP 404 Auto Redirect to Similar Post, WP Cerber Security, Yoast SEO Premium

rafaelrios 2019-04-08 06:55:01 UTC #32

Hi @dejavuguides,
It seems I had a problem uploading the screenshot in my previous reply.

As you can see here, the font used is dashicons, in your screenshot it seems your are not using that one.

Maybe you need not only to disable them but to uninstall them. Another approach can be deploying a new WP and install and enabled them one by one, until we find which one is the one that is producing this effect.

dejavuguides 2019-04-09 01:40:03 UTC #33

I suspect it is a Cloudflare CDN thing. As it only happens when traffic passes through Cloudflare.

I have set up a new instance here though I'm working through some SSL failures which is odd. I'll try set up some extra instances and see if the issue comes up. https://community.bitnami.com/t/letsencrypt-ssl-failure-on-gcp-cannot-negotiate-alpn-protocol/65755/2

Using Cloudflare CDN, Google Cloud Platform for hosting Wordpress.

rafaelrios 2019-04-09 06:58:13 UTC #34

Please don't hesitate to post your findings when you set up the new instance.
Take into mind to do it step by step and bottom up, so you can check in which step the issue starts to appear, It could be anything, from a bug in a plugin to a misconfigured parameter or ssl certificate or ...

dejavuguides 2019-04-11 13:12:14 UTC #35

Thanks @rafaelrios. I have some good news. I managed to get the Let's Encrypt SSL working on my new instance.

So I have managed to test this further without having it break. It looks like there is only an issue with the thumbnails in the new instance when I have Cloudflare orange clouded (which means doing more then plain DNS work), so it seems that when traffic goes through Cloudflare it breaks. I have tried setting up bypass rules for Performance and Security features on Cloudflare in the past to no avail.

Here are a few screenshots to allow you to see the difference.

**Scenario 1 - www.dejavuguides.com with the thumbnails issue at the moment (Bitnami Wordpress). Cloudflare is orange clouded.

Scenario 2 - blog.dejavuguides.com is the new instance with no issues (Bitnami Wordpress with NGNIX + SSL). Cloudflare is grey clouded (I circled in red so you can see where that is).

Scenario 3 - blog.dejavuguides.com is the new instance with the issue as well (Bitnami Wordpress with NGNIX + SSL). Cloudflare is orange clouded.

I did not grey cloud Scenario 1 earlier as it broke my SSL which I was getting from Cloudflare's Free Universal SSL certificate program. Cloudflare also uses Let's Encrypt for these free SSL certificates.

Note I also used slightly different versions of Bitnami. The one here where we are having issues is plain "Bitnami Wordpress", new instance is "Bitnami Wordpress with NGNIX + SSL". Though this does not look likely to be the issue here.

rafaelrios 2019-04-12 13:51:50 UTC #36

Hi @dejavuguides,
For this case there is not difference in using "Bitnami Wordpress" or "Bitnami Wordpress with NGINX + SSL".
I think this could be related a browser "problem", I mean, having mixed traffic with different SSL certificates and domains.

dejavuguides 2019-04-20 07:52:45 UTC #37

Okay, I just created a new Google Cloud instance of "WordPress with NGINX and SSL Certified by Bitnami".

I tested it again, it seems to be when I pass the website traffic through the CDN (Content Delivery Network) Cloudflare that the thumbnail issue comes up.

That is:
1. Created GCP instance using the "WordPress with NGINX and SSL Certified by Bitnami" type.

2. Logged into Cloudflare and set IP address to GCP instance

3. Log into Wordpress WP admin instance
Then I see the thumbnails issue

4. When I turn Cloudflare off (setting it to only act as DNS), then the errors go away.

I find it weird I haven't seen anyone else online facing this same issue (since there are millions of Cloudflare users). Do you know if there is something I may have set wrong or need to set in my configuration?

rafaelrios 2019-04-22 07:28:04 UTC #38

Hi @dejavuguides,
Yes, this is a weird issue.
I have asked my team and we have not faced this kind of issue before.
Perhaps is related to SSL, Did you notice if this only happen with SSL enabled ?

dejavuguides 2019-04-27 15:49:43 UTC #39

Hi @rafaelrios, apologies for the delayed response. Right now I only see this when Cloudflare is enabled for it's security and performance features. I have tried manually bypassing the settings in the Cloudflare backend, however, once the option for "orange cloud" is selected, this issue pops up.

This is regardless of whether I use SSL or not.

I have tested this:
1. This primary instance we have been working on, with no SSLs set up on the hosting side.
2. A new instance where I have set up Let's Encrypt SSL certificates on the hosting side.
3. Brand new instance with no SSLs set up on the hosting side.

In all the three scenarios, as soon as Cloudflare is enabled orange (SSL or not), it breaks the thumbnails. This only happens on the dejavuguides.com/wp-admin link and not for the direct Google Cloud Hosting server IP address, e.g. 44.zzz.zzz.zzz/wp-admin.

jsalmeron 2019-05-01 08:23:42 UTC #40

Hi,

With this information, could you report to Cloudflare for advice? Maybe they have some hints about the issue. If you do it, please share the response here.

Best regards,

Javier J. Salmerón

Was my answer helpful? Click on

dejavuguides 2019-05-01 09:18:51 UTC #41

Sure, I'll circle back and see if anyone there is able to help me. Will let you know if we work out something.

rafaelrios 2019-05-01 09:20:21 UTC #42

Hi,
Thanks @dejavuguides,

Best regards,
Rafael Rios Saavedra

system 2019-05-15 09:20:38 UTC #43

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Bitnami provides free all-in-one installers, virtual machines and cloud images for popular open source applications. Get them now!