Home › Forums › BulletProof Security Pro › Your website needs to be publicly accessible to use Jetpack: site_inaccessible
- This topic has 9 replies, 4 voices, and was last updated 9 years, 4 months ago by James.
-
AuthorPosts
-
AITpro AdminKeymaster
UPDATE: New Jetpack specific XML-RPC DDoS Protection Bonus Custom htaccess code has been created here: http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/
Your website needs to be publicly accessible to use Jetpack: site_inaccessible
Error Details: The Jetpack server was unable to communicate with your site [HTTP 403].
Ask your web host if they allow connections from WordPress.com.
If you need further assistance, contact Jetpack Support: http://jetpack.me/support/[older Jetpack code deleted – see the link above for new Jetpack code]
AITpro AdminKeymaster[Topic Manually moved to this relevant Topic – bp merge error/topic not available]
Hi.
I was using most of the custom codes for better security. So, my xmlrpc.php was also 403.
But, due to some reasons, I have disabled all plugins and re-activated. But, after re-activation, jetpack plugin is not working. Because, I’m unable to connect to the jetpack server.
Your website needs to be publicly accessible to use Jetpack: site_inaccessible Error Details: The Jetpack server was unable to communicate with your site [HTTP 403]. Ask your web host if they allow connections from WordPress.com. If you need further assistance, contact Jetpack Support: http://jetpack.me/support/
Now, I have activated the default .htaccess for admin and root folders. (I have checked the .htaccess file from FTP, it is default. I even tried to to delete and checked, no use. But, still the xmlrpc.php is 403!
Note: Now all plugins are disabled including bulletproof,except jetpack. Still unable to connect and that xmlrpc.php is showing the 403
Site: http://www.tidblog.com/
Please help
Thanks.AITpro AdminKeymasterUse FTP or your web host control panel file manager and delete both the root and wp-admin htaccess files and test if Jetpack can connect to your website. If Jetpack can connect then check BPS Custom Code and remove any XML-RPC Bonus Custom Code or use the newer XML-RPC code above.
Akhil K AParticipantHi.
The above code doesn’t works for me!
Checkout these logs:[403 GET / HEAD Request: October 10, 2014 - 8:14 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.155.11.18 Host Name: wordpress.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 66.155.11.18 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:16 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.99.54.86 Host Name: static-86.54.99.14-tataidc.co.in SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.99.54.86 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 [403 GET / HEAD Request: October 10, 2014 - 8:04 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 209.15.21.129 Host Name: 209.15.21.129 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.129 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:32 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.155.11.24 Host Name: wordpress.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 66.155.11.24 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:36 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 209.15.21.100 Host Name: 209.15.21.100 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.100 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:40 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 209.15.21.83 Host Name: 209.15.21.83 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.83 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:40 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 209.15.21.133 Host Name: 209.15.21.133 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:42 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 209.15.21.131 Host Name: 209.15.21.131 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.131 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com [403 GET / HEAD Request: October 10, 2014 - 8:45 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 209.15.21.100 Host Name: 209.15.21.100 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.100 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com
I think, they are using different set of IP addresses! I have deleted the root .htaccess file and tried again. But not worked. (After deleting the .htaccess file, I have checked the xmlrpc.php, still it is 403!!!!!!!!
Please help.
Thanks.AITpro AdminKeymasterYes, it looks like Automattic has other IP addresses that they use.
http://whois.domaintools.com/209.15.21.83
http://whois.domaintools.com/66.155.11.18Note: IP address: 14.99.54.86 is a hacker or spammer – Do NOT whitelist that IP address.
Note: BGP Toolkit by Hurricane Electric (various useful Tools): http://bgp.he.net/[older Jetpack code deleted – see the link above at the beginning of this forum topic for new Jetpack code]
George MohanParticipantHow to add Jetpack in whitelist
[403 GET / HEAD Request: July 12, 2015 - 11:30 PM] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 192.0.84.33 Host Name: 192.0.84.33 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: jetmon/1.0 (Jetpack Site Uptime Monitor by WordPress.com)
AITpro AdminKeymasterThe Jetpack Uptime Monitor makes a HEAD Request so you need to whitelist it. The solution is here: http://forum.ait-pro.com/forums/topic/jetpack-site-uptime-monitor-403-error/#post-15400
JamesParticipantHi guys,
I’m having problems getting Jetpack to connect to WordPress and it seems this is because the above code is blocking the connection. Seems that Jetpack might be using some additional IP addresses now. Can you please update the above code accordingly? Here is the relevant bit from my log files:
[403 GET / HEAD Request: September 13, 2015 7:48 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 108.162.221.32 Host Name: 108.162.221.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.15.21.127 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?for=jetpack QUERY_STRING: HTTP_USER_AGENT: Jetpack by WordPress.com
Thanks, James
———————————-
Edit: No wait, this appears to be a Cloudflare related problem. Any suggestions please?
http://whois.domaintools.com/108.162.221.32AITpro AdminKeymasterYep, it looks like this is a known issue with CloudFlare. See this link for the solution: https://wordpress.org/support/topic/jetpack-not-connecting-when-cloudflare-is-activated?replies=9#post-7083462 Also CloudFlare’s Rocket Loader is not compatible with JetPack: https://jetpack.me/support/getting-started-with-jetpack/known-issues/
JamesParticipantHi Admin,
Thanks, but I think it is actually a problem with the above code blocking Jetpack when it is passing through Cloudflare. Putting Cloudflare in to ‘development mode’ (in effect pausing it) didn’t seem to work for me. I tried various things but in the end found that adding Cloudflare’s IPs (or at least the range that the blocked request was coming from) to the code meant everything worked fine. So here is my updated code:
<FilesMatch "^(xmlrpc\.php|wp-trackback\.php)"> Order Deny,Allow # Whitelist Jetpack/ Automattic CIDR IP Address Blocks Allow from 192.0.64.0/18 Allow from 209.15.0.0/16 Allow from 66.155.0.0/17 # Whitelist Cloudflare IPs Allow from 108.162.192.0/18 Deny from all </FilesMatch>
A full list of Cloudflare’s IP address in the correct CIDR format for adding to teh code can be found here: https://www.cloudflare.com/ips
All of the Jetpack requests for me site were coming from the one IP address (108.162.221.32) so I only added this range. Obviously other requests may come from other IPs and so the code above may need extra or different ‘allow from’ lines.
Cheers, James
-
AuthorPosts
- You must be logged in to reply to this topic.