Really helpful “Reboot Now”, thanks alot.
Your first issue about the nonce value, I’ve never had it on any normal/shallow integration since I started specifying the all the keys in my config file. Yes it’s double handling but it’s made a huge difference.
the bb-config file asks for this info:
define( 'BB_AUTH_KEY', 'put your unique phrase here' );
define( 'BB_SECURE_AUTH_KEY', 'put your unique phrase here' );
define( 'BB_LOGGED_IN_KEY', 'put your unique phrase here' );
define( 'BB_NONCE_KEY', 'put your unique phrase here' );
The bb-config file tells you to get it form this location: https://api.wordpress.org/secret-key/1.1/bbpress/ . But really what you should have in the bbPress config file should be from the wordpress salt generator https://api.wordpress.org/secret-key/1.1/salt/
I make sure I have an exact copy of my WordPress keys and a copy of my wordpress keys with “BB_” infront of them – and bam, that little issue went teh way of the dodo.
define('AUTH_KEY', '1');
define('SECURE_AUTH_KEY', '2');
define('LOGGED_IN_KEY', '3');
define('NONCE_KEY', '4');
define('AUTH_SALT', '5');
define('SECURE_AUTH_SALT', '6');
define('LOGGED_IN_SALT', '7');
define('NONCE_SALT', '8');
define('BB_AUTH_KEY', '1');
define('BB_SECURE_AUTH_KEY', '2');
define('BB_LOGGED_IN_KEY', '3');
define('BB_NONCE_KEY', '4');
define('BB_AUTH_SALT', '5');
define('BB_SECURE_AUTH_SALT', '6');
define('BB_LOGGED_IN_SALT', '7');
define('BB_NONCE_SALT', '8');
FYI incase anyone new to bbPress is reading this: If I do a clean bbPress install I strongly strongly advise using https://api.wordpress.org/secret-key/1.1/salt/bbpress/ instead which returns 8 lines (we get salts too) which WordPress has needed for 2 years.