How To Fix “Are You Sure You Want to Do This” Error in WordPress

Are you sure want to do this WordPress Error

“Are you sure want to do this” WordPress Error

From time to time, you may encounter various errors in WordPress such as – WordPress HTTP Image Upload Error503 Service Unavailable ErrorParse Error: Syntax Error Unexpected, “This Account Has Been Suspended”, WordPress Not Sending Email, Sorry, This File Type Is Not Permitted For Security Reasons or Error Establishing a Database Connection in WordPress. These common errors are useful because they tell you exactly what the problem is.

On the other hand, there are unnecessary mistakes such as “Are you sure you want to do this” and “WordPress keeps logging out” errors. The most frustrating thing about this particular error is that it mean you made a small mistake or, worse, that your WordPress site has been hacked or infected with a malware. Yes, you are right, WordPress security has a lot to do with this error.

Usually such errors pop up when you are trying to complete an action specific to WordPress Permissions and WordPress cannot verify that access for you. Here the WordPress nounces comes into play, they are used to validate your actions as an owner of your account and check if you have required privileges and roles assigned.

If WordPress isn’t able to verify the security tokens, the error displays. In case your site is subject to a XSS attack, DDOS attack or Brute force attack on WordPress, such error can pop up anytime. It could also occur if your theme is infect with malware or any other kind of WordPress vulnerabilities that might be present in your site.

These require a thorough scan and perform WordPress malware removal or cleanup. You can use our WordPress scanner to scan your site for any malware of vulnerabilities that might be present.

Wordpress Website DDOS attack Hacking

For other causes of the error, you can try the troubleshooting steps and fixes below.

Too many factors can lead to such kind of errors. That’s why WordPress is unable to provide information to point you in the right direction to fix it.

In this article, we will show you how to fix “Are you sure you want to do this WordPress Error” as well as WordPress keeps logging out problem also known as WordPress session timeout issue.

What is “Are you sure you want to do this WordPress Error”?

“Are you sure you want to do this?” is an error that usually appears when nonce verification fails, and the main elements most likely to cause this error are plugins and themes not using this feature properly.

Nonces are unique keys that add a layer of security to protect WordPress URLs, forms, and Ajax calls from abuse. They make sure that the script comes from your website and not from an external source like a hacker trying to access your website.

In practical terms, you will see that error on several occasions, either by uploading a new theme, trying to install a plugin, making changes to theme settings and plugins or even uploading images and saving changes to an entry.

When you see this error you will also see a link that says “Please try again”, but by clicking on the link for a hundred times, you will always see the same error unless you do something to solve it.

“Are you sure you want to do this?” error can happen while you’re trying to accomplish a wide variety of tasks such as:

  • Publishing post or page
  • Inserting an image into a post or page
  • Customizing WP theme
  • Creating tags or categories
  • Uploading a theme or plugin
  • Updating WordPress core or plugins and themes
  • …any other administrator tasks

Common Reasons

Here are some of the most common reasons when this error can occur.

  • You selected an incorrect file when trying to upload a theme or plugin
  • An improperly coded theme or plugin
  • You reached your PHP memory limit
  • A security issue

Before exploring troubleshooting steps and fixes, it’s important to explore the possibility that there’ isn’t any security issue since this would be a serious problem that would require special attention in order to protect your site.

How to fix Are you sure you want to do this error in WordPress?

Most often, this error is caused by a plugin or theme installed on your site. To search for the plugin or theme causing the problem, you must disable all your plugins.

There are several other possible culprits and solutions.

Check the plugins

Even deactivating a plugin can cause this problem, so if you really want to know if the culprit is a plugin, you should actually delete it physically.

Now, if you do not want to delete the plugin, access your physical WordPress installation via FTP or cPanel (or the file manager of your hosting) and completely rename the plugins folder, which you already know is in /wp-content/plugins/. You can change it to /wp-content/pluginsOFF/ for example.

Once this is done, WordPress deactivates all the plugins, and if you access the plugins screen of your WordPress you will see a warning that there is no such folder because it is true, it does not exist, at least not with the name it should.

Now, with all the really inactive plugins, it’s when you should try to do the same thing you did when you saw the ” Are you sure you want to do this?”

If the error does not appear, then you already know that one of the plugins was responsible, so it’s time to discover the culprit.

Rename the plugins folder to its original name and start activating one by one, and after activating each test to see if the error occurs. When you leave, you already know that the culprit is the one you just activated.

Check the themes

If you have not found the error by testing plugins, then the next possible culprit may be the active issue.

First of all, make a backup copy of your active theme on your computer and make sure you have installed the last default WordPress theme.

Then physically delete the active theme by FTP or cPanel, deleting the theme folder. What WordPress will do will be to return to the default WordPress theme, which you must have installed.

Now, again, try to reproduce the action that showed the error. If you don’t see it anymore, it’s that the culprit was the subject and you have to download a clean copy or, in the worst case, use another one that doesn’t get you in trouble.

Note: sometimes you may be lucky that it is a very silly mistake, but also typical of some themes, whose folder includes spaces in its name. In this case, rename the theme folder from, for example, /wp-content/themes/my theme folder/  to /wp-content/themes/my-theme-folder/.

Edit the PHP.INI file

If all of the above fails, we fear that now we have to go to heavy artillery and modify the php.ini file, which contains the main PHP configurations of your web hosting.

The main problem is that php.ini is not a WordPress installation file so it can be located in a folder that your hosting provider does not access.

If you do not see it, you will have to talk to your provider, and they will tell you how you can access it, or that they are the ones who make the changes for you.

In any case, what should be done would be to modify the following values:


  1. post_max_size=20M
  2. upload_max_filesize=16M
  3. max_execution_time = 100

To something superior, like:


  1. post_max_size=100M
  2. upload_max_filesize=128M
  3. max_execution_time = 300

Once the changes have been made, you will have to restart the Apache server, or if you are in a shared hosting contact your hosting provider to do so.

Check the security

Click on Update old security keys under the Issues section, then review how often you would like a reminder to update your security keys. This step is optional, but it’s also helpful because it increases your site’s security.

You can choose from the following times:

  • 30 days
  • 60 days
  • 90 days
  • 6 months
  • 1 year

Once you have made your selection in the drop down box, go ahead and click the Regenerate Security Keys button to update your site’s security tokens automatically.


Disable all your plugins

If the previous solution did not work, you can try to disable all your plugins. Incompatibility can be the cause of the failure.

If you have access to the administration of your site, first disable the plugin, especially the most suspicious ones (those that you have just installed, configured, or updated).

Go to plugin> Installed plugins.

Disable all your plugins


Disable a plugin

Then reactivate them one by one and see what happens. If the error reappears as soon as you have reactivated a specific extension, you have found the culprit.

If your dashboard is inaccessible, use your FTP and rename the plugins folder (call it for example plugins_test ). The latter is in the wp-content folder.

The path is: wp-content> plugins

disable wordpress plugins

The plugins folder on an FTP

But be careful, do not stop there. Once the folder is renamed, try to display your site again.

As the plugins folder has changed names, WordPress will automatically disable all plugins.

Then rename it correctly and return to the Administration Extensions page.

how to disable wordpress plugins

Everything will be disabled, and you will even have notifications that will mention it to you.

You can now reactivate your extensions one by one to find the problematic one.

Change your theme

It still does not work? Try to replace your theme with the Twenty Seventeen theme, present by default on each new installation (with the next version of WP, the 5.0., A new default theme will appear: Twenty Nineteen).

On your Dashboard, go to Appearance> Themes. Install and activate the theme.

Change your theme

Twenty Nineteen WordPress Theme

If you cannot find it because you deleted it, click Add Theme.

Add a WordPress theme

You should find it at the top of the next page, on the themes tab highlighted.

Replace the wp-admin and wp-includes folders

Is the error still and always there?

If you answered “yes” , some of the core WordPress files may have been corrupted.

Try to replace the wp-admin and wp-includes folders. For this, download the latest version of WordPress and unzip the archive.

On your FTP, rename folders wp-admin and wp-includes in wp-admin_old/wp-includes_old (it’s faster than deleting them), and send the new.

Uninstall WordPress

Then you need to download a new copy of WordPress on your computer. You can download it from the website as a zip file.

Go ahead and extract the zip file to your computer and download the files from the ‘wordpress’ folder to your web server via FTP.

Once you have downloaded all the files, rename the wp-config-sample.php file to wp-config.php.

Now, you need to edit the new wp-config file to enter your WordPress database and your table information. You can view the old wp-config.php file that you downloaded previously to enter all the information.

You must add all sections except ” Authentication Unique Keys and Salts “. Delete all lines beginning with define in this section.


* Authentication Unique Keys and Salts.


* Change these to different unique phrases!

* You can generate these using the {@link secret-key service}

* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.


* @since 2.6.0


define('AUTH_KEY',         '`+7nTNb<AwtbLA$L-Q7amn;~|wH)ljXv2~TpbP?mLA+M`8H|n1`/Lz-GmAQL{4fB');

define('SECURE_AUTH_KEY',  '/gkAjhhJe`iwO)V-p=J<cN_ +6D{YhrM|=E#C7gD}]c2w~OJ} y}eY^,HWn&-j:a'); define('LOGGED_IN_KEY', 'PtDl2V|01oIXDpq^K,IH-8|rhT +T(ZMpuLq>UD?|W)b3gMfG~g[zr8N6}m%MZ|L');

define('NONCE_KEY',        ']Zj5i*hHlsUWKg2|>YF,X+xpd-_`I[nFmA6ZLw~;EW7g0.s5EaZCAJ=j]./5z^X~');

define('AUTH_SALT',        'e*l:hUsddFIxm1E7y-n#<a0|u- #+SsS@-#$vNz}EY4rY~-x|0_6=Q!TR=MMxUL?'); define('SECURE_AUTH_SALT', 'n]^c9nY>_}3,4)J]S sM6-MI3aB#Qk<Re^j#Lu_|x^*BhO.54aZQTtzJeCo5DWAg'); define('LOGGED_IN_SALT', 'Ba3kd1&J$~~`(|uJ0:v;w+DJ3xW}.B#R9J*r|.+V}*sTuK &8db-Mn+[boHW3{[/'); define('NONCE_SALT', 'nBv-U1qfkCZxS|13%hYdHz*s1^){.KSZWm1A^${`r!d5;EqrH:>1Xx`pwt6?**i}');

Now, save and upload your wp-config.php file to your website.

That’s it, you have updated your WordPress installation successfully. You can now continue and try to reproduce the error on your website.

Wordpress keeps logging out problem

WordPress Keeps logging out Issue [FIX]

Have you ever found yourself in the position where WordPress prevents you from logging in, following an unplanned disconnection? Probably yes, like the number of other WordPress users.

Recently, one of the readers of the site has encountered this problem of repetitive disconnection. He followed all generally recommended troubleshooting tips, such as:

  • Disable the plugin
  • Empty the cache
  • Clear browser cookies
  • Even restore WordPress from backups.

None of these solutions worked, and each new attempt ends in a disconnection.

If you too are facing this problem of wordpress keeps you logging out, here is a solution that should help you put it away from bad memories. We will be sharing with you how to fix a WordPress keeps logging out problem.

Why does WordPress insist on logging out?

In order to understand why WordPress keeps logging out  also known as WordPress session timeout issue. you need to understand how the WordPress login process works.

WordPress sets a cookie in your browser to authenticate a login session. This cookie is created with the WordPress URL stored in the Settings section of your site. If you want to access your WordPress site from a URL that does not match the one saved in your Admin console settings, WordPress will not be able to authenticate your session.

WordPress insist on logging out

As you can see in the screenshot above, the WordPress URL and the site address are two different URLs (one is www, the other is not).

Repair the untimely log out

A simple solution to this connection problem is to make sure that you have the same URL in your website address and in the WordPress web address, in the settings of your admin console. This means that you must choose a URL with www or without www and indicate it in both fields.

  • Log in to your WordPress dashboard, go to Settings
  • Correct WordPress URL settings

If you cannot access the administration area, you can update these fields by editing the wp-config.php file.

Log in to your site using an FTP program or file manager from your webhost, locate the wp-config.php file in the root directory of your site, and download this file to your desktop. That being done, open it with a text editor such as notepad. Add above the last line of the file.

require_once (ABSPATH. 'wp-settings.php');

the code below is everything!

define ( 'WP_HOME', 'http: //');

define ( 'WP_SITEURL', 'http: //');

If you prefer to use the www in the URL, use the following code

define ( 'WP_HOME', 'http: //');

define ( 'WP_SITEURL', 'http: //');

Do not forget to replace by the name of your domain.

Other Tips To Fix This Issue.

If you have ever seen this error, how have you solved it? Did any of these tricks serve you or have you used another one?

In most cases, this error occurs when we try to upload a theme, a plugin, or a media (photo, video, and more) to our WordPress. We will solve it in two steps: first, we will identify the problem and then we will put a solution.

Step 1: We identify the problem with phpinfo ()

What we will do is create a php file at the root of our theme so that it shows us the information about the php settings of the web. It’s as simple as creating an info.php file for example, and writing these lines inside:

<? php

phpinfo ();


Now if we save it and go to we will get all the information about php. What interests us are two configurations specifically: post_max_size and upload_max_size.

We can search for them with the command Ctrl + F in the browser. What we will surely discover is that the current value (the first column) is less than the weight of the file we wanted to upload and that is why it gives us an error. Let’s see how to fix it.

Step 2: We modify the htaccess

Now we will go to the root of our web page and modify the .htaccess file. The procedure is as simple as adding these two lines to the end of the document:

php_value upload_max_filesize 20M

php_value post_max_size 20M

In this way, we will assign an upload limit of 20MB, which for most cases, is more than enough for any media we want to upload.

Now we can retest, and the file that we couldn’t upload before should be uploaded without a problem.

Warning: Sometimes, this method will not work since some hosting providers do not allow you to control certain php values ​​from .htaccess. In this case, you should simply ask your hosting to increase these two values.

Why this solution works?

Technically speaking, www is a subdomain in itself. This means that URLs with www and without www actually represent two different domains. By updating the URLs with the same address, you solve the problem.

In addition, it is important to note that the incorrect settings in the Site Web Address and WordPress Web Address fields may also cause redirection problems in WordPress.

Get Expert Help!!

Let us have a look and help you resolve this error. And if you run into any troubles along the way, you can contact our expert support team for any kind of WordPress-related issue. Get premium 24/7 support

We hope this article has helped you fix “Are You Sure You Want to Do This” error in WordPress. You can also check out our comprehensive WordPress Security Guides on our WordPress security Blog.

Check Out Our In-depth Guides


24/7 WP Security & Malware Removal
Is your site hacked or infected with malware? Let us get it fixed for you
Secure My Website(s)