Upon saving the page, I get a ‘Saving Error’ pop-up

LiveCanvas is basically a HTML editor under the hood –  running in your browser, and enriched with some “point-and-click” interface to help build HTML scaffolds.

LiveCanvas is using WordPress as a backend – to save the full HTML data of your page – and it does it into the standard post_content field.

On some WordPress installs, due to strict security settings of the environment, LiveCanvas can have problems while saving the HTML.

In these cases, upon clicking the saving button in the editor, you will see a ‘Saving Error’ pop-up.

Depending on the actual content of the page, you could see more or less this message. Embedding some image URLs, or JS code is a typical trigger.

This issue has been traced many times at:

  • Security [at application level] plugins like WordFence
  • Security [at server level] settings / tools  like Imunify 360

What’s happening behind the scenes?

Basically when you hit the save button, all the page’s <main> HTML is sent via $_POST to your WordPress backend.

This can trigger some false positives in security software.

What to do?

Try tweaking settings / disabling your security plugins, or in case of server level tools / settings, contact your host and ask them to tweak settings / disable the offending tool.

How to fix issues with  WordFence

Some users are reporting problems with this famous security plugin, but it’s easy to get around it.

If you do see that turning off WordFence fixes your saving problem with LiveCanvas, just look at the live traffic and when the request from LiveCanvas comes through, add it to a whitelist: