|

Known Issues

Hosting

SureFeedback makes use of the  WordPress REST API, a core WordPress feature added in WordPress 4.7. In order for SureFeedback to function correctly, you must use a hosting company that supports WordPress and the rest API. If you’re using a dedicated WordPress host, or a VPS this is almost never an issue. In fact, most web hosting companies support the WordPress REST API if they advertise WordPress compatibility. 

However, if you’re setting up a custom server from scratch (on digitalocean for instance) you’ll  need to make sure your server allows for all the WordPress REST API requests, including PUT, PATCH and DELETE on the wp-json endpoints. 

Currently known incompatible hosts (do not support PUT, PATCH or DELETE Requests):

  • Home.pl

Gridpane Compatibility

By default, Gridpane does not allow PUT/PATCH/DELETE requests. You’ll need to request these be enabled by contacting Gridpane support.

Plugin Compatibility

Here’s a list of known plugin compatibility issues:

  • Roots Soil Plugin. You can use the soil plugin, but the following features won’t work with SureFeedback
    • Root Relative URLs. Prevents SureFeedback’s cross-domain website functionality. Absolute urls are needed to reference your main site domain
    • jQuery CDN. This module changes the order of jquery loading by dequeuing jquery included with WordPress. jQuery needs to load in the head of the SureFeedback pages since those pages are run by javascript.  Using a jQuery cdn isn’t best practice anyway.
  • Really Simple SSL must be set to not enable javascript redirects or SureFeedback won’t load on non-ssl sites. 
  • All 404 Redirect to Homepage – this plugin doesn’t allow our script loader template to get set, it instead redirects the script to the homepage. The plugin does not provide us with a hook to disable this for our post types, unfortunately.
  • iThemes Security
    • Restricted API access won’t allow SureFeedback roles to access the API. This needs to be set to Default Access.
    • Recaptcha must not be enabled as this checks recaptcha on all logins, including SureFeedback’s custom login route.
  • WP Cerber Security – You’ll need to make sure you’re not disabling the REST API on the “Hardening” tab. 
  • WordFence – You need to uncheck “Prevent discovery of usernames through ‘/?author=N’ scans. This doesn’t allow our REST API to send authoring information with comments. 
  • WebARX – Default security headers won’t let you load the website iframe on another website. You’ll need to disable this on  Firewall > .htaccess Features > Add security headers, you have to uncheck “Add security headers”. If you still want to secure iframes, we recommend using adding a Content-Security-Policy header to your .htaccess ( Header set ContentSecurityPolicy “frame-ancestors my-trusty-site.com”)
  • Disable Comments Plugin – This plugin disables all comments on your site, so SureFeedback comments can’t and won’t save!
  • WP Secure Hide WordPress Plugin – This plugin changes the REST API endpoint functionality so SureFeedback can’t function properly.
  • Participants Database Plugin – This plugin breaks nonces used by SureFeedback’s REST API for some reason. We are still investigating this issue.
  • GoDaddy’s WAF – Additional headers must remain unchecked under the security tab or cross domain communication won’t be allowed to happen.
  • HummingBird Plugin – Hummingbirds asset optimization does not pick up our scripts, so they are not outputted on the site with Hummingbird enabled. Unfortunately, Hummingbird does not have a way to conditionally disable this feature on our post types, so it’s not compatible with this plugin. 
  • Asset CleanUp: Page Speed Booster – “Retrieval Way” under Asset Cleanup > Settings must be set to wp_remote_post instead of direct. This is because our websites and website page post types redirect to actual post types, so this will throw an error for this plugin’s requests.
  • RunCloud Severs – You need to disable “clickjacking protection” or you won’t be able to add external websites. Under Web Application > (Your App Name) then click on the “Settings” tab. Then turn off “Clickjacking Protection”. 
  • WP Activity Log – This plugin prevents SureFeedback from adding a new website/mockup and throws PHP fatal error. As SureFeedback uses a custom structure for post permalinks for websites and mockups post types. We add an access_token  as a custom field in the post metadata which is used in these posts permalinks. When SureFeedback tries to modify the default post permalink structure for SureFeedback post types, In turn, the WP Activity Log plugin tries to log this thing which ultimately leads to an error making SureFeedback unusable. To fix this, you need to exclude the custom field “access_token” of SureFeedback posts in the WP Activity Log plugin settings.To exclude this Navigate to WP Dashboard -> WP Activity Log -> Settings -> Exclude Objects tab -> Exclude custom post fields -> Added “access_token” and click Add button -> Click Save Changes.

Theme Compatibility

Woffice Theme

There is a known Vue library conflict with the Woffice theme. The Woffice theme does not scope Vue but exposes it globally, which conflicts with our plugin’s properly scoped Vue instance. Unless the Woffice theme scopes their Vue instance, it will try to take over SureFeedback’s Vue instance. The only way around this is to dequeue the global woffice.js package on this specific page, which you can do via a child theme:

function ph_hide_woffice() { 	
	if ( is_singular( 'ph-website' ) || is_singular( 'ph-mockup' ) { 		<br>		wp_dequeue_script( 'woffice-theme-script' ); 	<br>	} 	 <br>} <br>add_action( 'wp_enqueue_scripts', 'ph_hide_woffice', 30 );

Unfortunately, there’s nothing else we can do on our end to prevent their Vue instance from hijacking our components on the page.

Avada Theme 

The CSS Compiling method setting in this theme needs to be set to “File” or css will get injected into our script loader.

Other Themes

SureFeedback works with 99% of themes! However, sometimes themes try to be a little too clever and use hooks to wrap their own header and footer content instead of simply calling get_header();

In this case, you’ll likely need to remove this content wrapping on SureFeedback pages, or you’ll see your site header and footer on mockup pages for instance. You can do that by removing the wrapper action for custom post types. This is different for each theme, but generally looks like this:

function ph_remove_theme_template_redirect($single_template) {
	global $post;

	if ($post->post_type == 'ph-project') {
		remove_filter( 'template_include', array( 'Theme_Wrapping_Class', 'wrap' ), 99 );
	}
	return $single_template;
}
add_filter( 'single_template', 'ph_remove_theme_template_redirect' );
Was this doc helpful?
What went wrong?

We don't respond to the article feedback, we use it to improve our support content.

Need help? Contact Support
On this page
Scroll to Top