How to Fix "Updating Failed / The Response Is Not a Valid JSON Response" in WordPress

This error means the WordPress editor asked your site's REST API to save your post, but it got back something other than the clean data it expected — usually an error page or a redirect. Fix it by matching your two site URLs, resetting permalinks, and unblocking the REST API. Most people solve it in a few minutes.

Key takeaways

  • The message points to the REST API, not a broken editor — your post is usually fine.
  • The most common cause is a mismatch between WordPress Address and Site Address, especially http vs https.
  • Reset your permalinks and visit yoursite.com/wp-json/ to see whether the API returns real data or an error.
  • Security plugins, firewalls, and server rules like ModSecurity can block the API — that last one is your host's side.
  • Always back up before changing URLs, because a bad protocol change can lock you out of the dashboard.

The problem: your post won't save

You write a post or page, click Update or Publish, and a red bar appears: "Updating failed. The response is not a valid JSON response." Sometimes it reads "Publishing failed." instead. The block editor seems stuck, and you worry your work is lost.

Take a breath — this is almost always fixable, and your content is normally saved as a draft even when the message appears. This guide is for anyone using the WordPress block editor (Gutenberg) who hits this wall while saving. It sits under our Server Errors guide, so if you land here with a different error, start there.

How to tell what's causing it

Do one quick test first. Open a new browser tab and go to yoursite.com/wp-json/ (swap in your real domain). If you see a wall of structured text starting with {"name":, the REST API is working and the cause is more specific — likely a URL, SSL, or plugin issue. If instead you see a 404 page, a redirect loop, a login page, or a server error, you've found the lead: something is blocking the API.

Next, check Settings → General and note whether WordPress Address (URL) and Site Address (URL) match and both use the same protocol. A single http where the other says https is the classic trigger.

Is it your site or your host? If the fix is a URL field, a permalink reset, a plugin, or a mixed-content link, it's on your side and you can fix it from the dashboard. If /wp-json/ is blocked by a server rule such as ModSecurity, a firewall, or a CDN you don't control, that's on your host's side — you'll need to ask them to allow REST API requests.

What's actually happening

The block editor doesn't reload the whole page when you save. Instead, it quietly sends your content to the site behind the scenes and waits for a short, machine-readable reply. Two terms explain the error.

REST API is the doorway WordPress uses to send and receive data without a full page reload. When you click Update, the editor knocks on that door at an address like /wp-json/wp/v2/posts and hands over your changes.

JSON (JavaScript Object Notation) is the simple, structured text format the API is supposed to reply in — the "valid JSON response" the message asks for. When the editor gets JSON, it knows the save worked.

The error appears when the reply is not JSON. Instead of clean data, the editor receives an HTML error page, a redirect to another URL, a login screen, or a blank response. It can't read that, so it reports the only thing it knows for sure: the response is not valid JSON.

Your options at a glance

Work from the most common, lowest-risk cause down to the host-level ones. The table maps each cause to the fix and who owns it.

Likely causeFixWhose side
Mismatched or wrong site URLs (http/https)Match both URLs in Settings → GeneralYou
Broken permalinks or .htaccessReset permalinks; check rulesYou
SSL or mixed-content issuesFix the certificate and http resourcesYou
Security plugin or firewall blocking the APIDeactivate and retest one at a timeYou
ModSecurity or a server rule blocking /wp-json/Ask your host to allow REST requestsHost
A CDN interfering with API callsBypass or configure the CDN for /wp-json/You / host

How to fix it, step by step

  1. Back up your site first. Before changing any setting, make a full backup so you can undo a mistake. Our website backups guide shows how.
  2. Check your site URLs. Go to Settings → General and confirm WordPress Address (URL) and Site Address (URL) are correct, match each other, and use the same protocol — use https if you have an SSL certificate.
  3. Reset your permalinks. Go to Settings → Permalinks and click Save Changes without altering anything. This rewrites the rules WordPress uses to route requests, including API requests.
  4. Test the REST API directly. Visit yoursite.com/wp-json/ in a new tab. It should return structured JSON, not an error page. If it errors, that response tells you what is blocking the API and is your strongest lead.
  5. Switch to the Classic Editor to confirm. Temporarily install and activate the Classic Editor plugin and try saving. If saving now works, the problem is confirmed as REST-related rather than a broken post.
  6. Check SSL and mixed content. Make sure your SSL certificate is valid, then fix any mixed contenthttp resources such as images or scripts loading on an https page — which can break secure API calls.
  7. Deactivate security and firewall plugins. Turn off security or firewall plugins that can block the REST API, then retest. If it works, reactivate them one at a time to find the culprit and adjust its settings.
  8. Inspect your .htaccess file. Look for custom rules that block or redirect /wp-json/. If you're unsure, our 403 and 404 fix guide covers reading these rules safely.
  9. Ask your host about server rules. If the API is still blocked, ask whether ModSecurity or another server rule is stopping REST API requests to /wp-json/. Only the host can adjust those.

Common mistakes to avoid

Warning: Setting the two URLs in Settings → General to different or wrong values can lock you out of the dashboard entirely. Back up first, and know how to reverse it — you can restore the correct URLs by editing wp-config.php or the wp_options table in your database if you get locked out.

The other frequent mistake is assuming the editor itself is broken and reinstalling WordPress. The editor is fine; the message is really about the REST API and, often, SSL. Chasing the wrong culprit wastes time. Also avoid deleting your .htaccess file outright — reset permalinks to regenerate it cleanly instead.

How to prevent it in future

Keep your two site URLs and your SSL setup consistent — always https once you have a certificate, with no stray http links in your content or theme. When you move a site or switch to SSL, update both URL fields together and search for old http references.

Be careful with the lockdown settings in security plugins and firewalls. Options that "disable the REST API" or restrict it to logged-in users can break the editor. Test saving a post right after you change those settings, so you catch a problem while you still remember what changed. For deeper server-side tuning, see our PHP settings guide.

Frequently asked questions

What does "not a valid JSON response" mean?

It means the block editor asked the WordPress REST API to save your post and expected a tidy, structured reply in JSON format. Instead it received something else — an HTML error page, a redirect, or a blank response — which it can't read, so it reports the response as invalid.

Why does it happen only when saving?

Saving is when the editor talks to the REST API in the background. Reading or writing content in the editor doesn't need that round trip, so everything looks normal until you click Update or Publish and the blocked or broken API call fails.

How do I test my REST API?

Visit yoursite.com/wp-json/ in a browser. A working API returns structured JSON text beginning with {"name":. If you get a 404, a login page, a redirect, or a server error instead, the API is blocked or misrouted, and that is your main lead.

Can a security plugin cause this?

Yes. Many security and firewall plugins can disable or restrict the REST API as a hardening measure, which stops the editor from saving. Deactivate them, retest, then reactivate one at a time and adjust the setting that blocks REST requests.

Is it my host or my site?

It's usually your site — a URL mismatch, permalink issue, SSL problem, or a plugin you can change yourself. It's your host when a server rule like ModSecurity, a server-level firewall, or a CDN they manage blocks /wp-json/. If /wp-json/ errors even with plugins off, ask your host.

Will I lose my post content?

Usually not. WordPress typically keeps your latest text as a draft or autosave even when the save message fails. Copy your content to a safe place before troubleshooting anyway, so you're covered no matter what.

Summary

"The response is not a valid JSON response" is a REST API message, not a broken editor. Match your two site URLs, reset permalinks, test yoursite.com/wp-json/, fix SSL and mixed content, and rule out security plugins — then ask your host if a server rule blocks the API. Back up before you touch any URL. If you're now dealing with a different error code, head back to our Server Errors guide to find the right fix.

References

  • WordPress Developer Resources — REST API Handbook (developer.wordpress.org)
  • WordPress Support — Settings → General (WordPress Address and Site Address)
  • WordPress Support — Using Permalinks and the .htaccess file
  • MDN Web Docs — Working with JSON
Bitrich777 Hosting Team
About the author

The editorial team behind the Bitrich777 Hosting Help Center — practical, tested guides on web hosting, WordPress, servers, DNS, SSL, email, security and migration. Every walkthrough is reproduced on a live host before it is published.

Spotted an error? Tell us