The Gutenberg editor saves posts via the REST API. When saving fails, the editor shows a generic “Updating failed” banner that gives no clue about the actual cause. Here are the four most common reasons — and how to fix each one.
Problem: The Gutenberg editor shows an "Updating Failed" or "Publishing Failed" error when saving a post — the spinner appears but the request fails without a clear error message.
Solution: Open the browser console and inspect the REST API response. The most common causes are a broken .htaccess returning 404 for REST routes, a security plugin blocking REST API access, or a PHP fatal error in a block's save function — flush rewrite rules after fixing the root cause.
Fix 1 — Missing or malformed .htaccess (REST API returns 404)
Open the browser console and check the Network tab. If you see POST /wp-json/wp/v2/posts/123 → 404, your .htaccess is missing or incorrect. The default WordPress .htaccess is:
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPressRegenerate it: go to Settings → Permalinks and click Save Changes, or run wp rewrite flush.
Fix 2 — Browser cache
A stale service worker or cached admin JS can break the editor. Hard-reload the page (Cmd+Shift+R on macOS, Ctrl+Shift+R on Windows/Linux) or clear the browser cache entirely.
Fix 3 — Mixed content (HTTP assets on an HTTPS site)
If the Network tab shows a blocked mixed-content request, fix the HTTP asset URLs (see the related article on mixed content). The REST API save request itself may be redirected from HTTP to HTTPS, which converts the POST to a GET and causes a 404.
Fix 4 — A security plugin blocking anonymous REST API access
Some security plugins (Shield Security, Wordfence, etc.) have an option to block unauthenticated REST API requests. Gutenberg's save request is authenticated, but some firewall rules still catch it. Check the Network tab for a 401 response body like:
{"code":"shield_block_anon_restapi","message":"Anonymous access to the WordPress Rest API has been restricted."}Go to the security plugin settings and whitelist authenticated REST API requests, or disable the "Block Anonymous REST API" option.
Fix 5 — A caching plugin caching REST API responses
If your caching plugin caches /wp-json/ routes, Gutenberg receives a stale cached response instead of the save confirmation. Configure the caching plugin to exclude /wp-json/ from its cache rules.
NOTE: The quickest way to isolate the problem is to disable all plugins except Gutenberg/the block editor, switch to a default theme (Twenty Twenty), and try saving. If saving works, re-enable plugins one at a time until the problem returns — that plugin is the culprit.