Introduction
Seeing a `400 (Bad Request)` error tied to `admin-ajax.php` in WordPress? You’re not alone. This AJAX endpoint is the engine behind many features in plugins like Elementor, WooCommerce, and contact forms. When it breaks, so do popups, form submissions, filters, and more.
This guide will walk you through troubleshooting and resolving the dreaded `admin-ajax.php 400 error` with real-world examples, tips, and best practices for WordPress users, web designers, and small business owners.
What Is admin-ajax.php and Why It Matters
`admin-ajax.php` is a built-in WordPress file used to handle AJAX requests — allowing parts of your site to update without refreshing the page. Elementor uses it for:
– Saving page edits
– Loading widgets
– Submitting forms
– Filtering content dynamically
So, when this file returns a 400 error, things start falling apart — fast.
What Causes the 400 (Bad Request) Error in admin-ajax.php?
A 400 error means the server can’t understand the request. Here are common reasons:
– Plugin conflicts, especially with security or optimization plugins
– Caching issues that serve outdated or incomplete requests
– Malformed headers or cookies, often due to browser extensions
– Expired nonce or session tokens used by WordPress security
– Incorrect server configuration (e.g., mod_security, .htaccess rules)
How to Fix admin-ajax.php 400 Bad Request in WordPress
Step 1: Test in Incognito or Clear Cookies
Some 400 errors happen due to corrupted cookies or sessions.
– Try the same action (e.g., saving with Elementor) in Incognito Mode
– If it works, clear browser cookies or disable extensions
Step 2: Disable Conflicting Plugins
Temporarily disable these types of plugins:
– Security (e.g., Wordfence, iThemes Security)
– Caching (e.g., WP Rocket, LiteSpeed Cache)
– CDN services (Cloudflare with aggressive settings)
Tip: Deactivate one plugin at a time and test. Start with optimization plugins.
Step 3: Check for Nonce or Token Issues
Some AJAX requests fail if a nonce (security token) is invalid or expired.
– Try refreshing the page before triggering the action again
– Update or regenerate nonce via JavaScript if you’re writing custom code
– Check your browser’s console → Network tab → the actual AJAX payload
Step 4: Inspect .htaccess and Server Rules
Some server-side rules may be blocking the AJAX URL:
– Backup your .htaccess and restore default WordPress rules
– If on Apache, disable mod_security temporarily
– If using NGINX, ensure proper location directives are in place
Step 5: Adjust Plugin Settings (e.g., Elementor, LiteSpeed, etc.)
In Elementor:
– Go to Elementor → Settings → Advanced
– Toggle Switch Editor Loader Method to Enable
In caching plugins:
– Exclude admin-ajax.php from caching
– Turn off HTML minification and JS combination temporarily
Real-World Example: Elementor Form Not Submitting
A client’s Elementor form wasn’t submitting. The console showed:
POST https://example.com/wp-admin/admin-ajax.php 400 (Bad Request)
Troubleshooting Path:
– Cleared browser cache – no change
– Disabled WP Rocket – form worked
– Added admin-ajax.php to WP Rocket’s excluded URLs list — permanent fix!
FAQ: Common Questions About admin-ajax.php Errors
Is admin-ajax.php safe to use?
Yes, it’s part of WordPress core. But poorly coded plugins can misuse it.
Can I disable admin-ajax.php?
No — it’s essential for features like autosave, forms, and dynamic content.
Why does the error only happen on mobile or one browser?
Likely due to caching, session, or cookie-specific issues.
Conclusion: Keep Your AJAX Smooth and Secure
The admin-ajax.php 400 (Bad Request) error can be frustrating, but it’s usually fixable with a little detective work. Start with browser and plugin checks, then move to server-level tweaks. If you’re building dynamic sites with Elementor, resolving this error fast keeps your UX — and conversions — intact.
Need help debugging AJAX errors or optimizing your Elementor setup? I specialize in WordPress troubleshooting, performance fixes, and responsive Elementor designs.
👉 Let’s connect — your site deserves better.