WordPress constant NONCE_KEY is too short

Description: Customers get a nonce-related error message when a form is displayed.

What happened?

Customers open a page with a payment form, and the following error message is displayed:

WordPress Constant NONCE_KEY is too short

Why is it happening?

WP Full Pay performs some cryptographic operations to secure your payments. For encrypting and decrypting data, it uses a unique key called the “nonce key” which is a long, random string in the Wordpress configuration file of your website.

You’ve received this error because the nonce key is not long enough to encrypt/decrypt data securely.

What is the solution?

Add some random characters (alphanumericals & symbols) to make the nonce key at least 32 characters long.

You can find the NONCE_KEY constant in the “./wp-config.php” file of your Wordpress installation:

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define( 'AUTH_KEY',         '5(nEp@otj:jRq*LhEG+}!CosydPE<^~)}G<F3#_$Wv**kc*g7q)rQlRoOGWe Sp0' );
define( 'SECURE_AUTH_KEY',  '#9`X_/l@#n*!vJJe1)[]:@$e$=.j_k2Bb$h@|b/o/4eQw3epP{EdQ`QhGCLc.Vb7' );
define( 'LOGGED_IN_KEY',    'vR(CTTU_H}d{>[xx*53]MtQXQ[ro6N$1@p-vJtV7Hk]<L;dN_Dh*hmG<kGT$-E_v' );
define( 'NONCE_KEY',        '^ - O%5<L^7|6napj%J;$$vv]eQ?y%*RG+RD?qM?* -<{*l/,9$aC(8}7}$:ZB=%' ); <= Modify this
define( 'AUTH_SALT',        'Z%|0-7o8$qAE;C;3*Guuus?-8o441wOn~b[!8J[nUBB-I%j?u>B)Aawsk$d>s do' );
define( 'SECURE_AUTH_SALT', '$|# #/|eP7.=?1q5Q6Od8D:1*29MZ`OzHc%Fm^auiVtbaQ;//dVFkZp wb>)o,!{' );
define( 'LOGGED_IN_SALT',   'WL|R/>jhp[g.=S<W-XLf)jAr|1:[tk ,Bb_C6H@AISr#+bff;![$C6OH<Q#`p:er' );
define( 'NONCE_SALT',       'sPi;!EA8_krL_xz.=nqC0WiP!r[9H#WU.Hw8bn0bF.n}}VfL&0@AH@P%z}yB%) J' );

Important notes:

  • Make sure that the string of random characters between the two single quotes is at least 32 characters long.
  • You can edit the “./wp-config.php” by using one of the following methods:
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us