Wpcom Connection Test

Resolved tarotemporium
(@tarotemporium)

3 years, 10 months ago

I am receive the Site Health error “Wpcom Connection Test”:

“A healthy connection ensures Jetpack essential services are provided to your WordPress site, such as Stats and Site Security.

Error Tarot Emporium is not connected.: 200

We recommend reconnecting Jetpack.”

I reconnect Jetpack but receive same error in Site Health shortly after reconnecting.

I troubleshoot and found the xmlrpc.php is present and no mention of this PHP file in .htaccess.

When I look up https://(my website.com.au)/xmlrpc.php, the following error happens: This site can’t be reached “ERR_HTTP2_PROTOCOL_ERROR”

Please advise.

The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Support Animesh Gaurav (a11n)
(@bizanimesh)

3 years, 10 months ago

Hi there,

Jetpack relies on the xmlrpc.php file to connect with our systems. Right now, it looks like something is blocking that connection, causing Jetpack to disconnect.

I’d suggest contacting your hosting provider and have them search into security logs for any blocked requests from our servers. Our requests look like the following:

– File: http://your-site.com/xmlrpc.php
– User-agent header: Jetpack by WordPress.com
– IPs: https://jetpack.com/support/how-to-allowlist-jetpack-ip

Please ask them to allowlist the IP addresses listed above.
Thread Starter tarotemporium
(@tarotemporium)

3 years, 10 months ago
Hello, my hosting company and I have tried all the above. I was able to clear this error but also make my site less secure, so please help.

I have enabled XMLRPC access, whitelisted those IP addresses and added code to htaccess:
```
<Files xmlrpc.php>
Order allow,deny
Allow from 192.0.64.1/192.0.127.254
Deny from all
Satisfy All
ErrorDocument 403 http://127.0.0.1/
</Files>
```
Didn’t work so we tried:
```
<files xmlrpc.php>
Order allow,deny
Deny from all
Allow from 122.248.245.244/32
Allow from 54.217.201.243/32
Allow from 54.232.116.4/32
Allow from 192.0.80.0/20
Allow from 192.0.96.0/20
Allow from 192.0.112.0/20
Allow from 195.234.108.0/22
Allow from 192.0.64.0/18
</files>
```
*However, that code doesn’t work – so we blocked it out leaving my page vulnerable.

The error went away after enabling XMLRPC but is there a code you can provide that will work for added security?
Plugin Support Animesh Gaurav (a11n)
(@bizanimesh)

3 years, 10 months ago
Hi there,

XML-RPC file is required for Jetpack to build the connection to your site.

Also, I want to let you know that along with Jetpack, the WordPress mobile apps, and some other plugins and services use this file to communicate with your site. So, blocking XML-RPC is not a great solution for fighting security risks.

But if you still have a concern about security due to XML-RPC, on your side of things, you can use plugins like this one to disable access to one of the methods used by hackers:
- https://wordpress.org/plugins/disable-xml-rpc-pingback
You can also use web application firewalls like Sucuri or Cloudflare to block hackers before they even reach your site.

Finally, Jetpack itself includes a feature that will help against Brute Force attacks.
Plugin Support Animesh Gaurav (a11n)
(@bizanimesh)

3 years, 10 months ago

Hi there,

It has been more than one week since we have heard from you, so I’m marking this topic as resolved. But If you have any further questions or need some more help, you’re welcome to reply here or open another thread.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Wpcom Connection Test’ is closed to new replies.

Tags