I am using Word press that Hosted on Blue Host
after activate Jetpack and when click on "connect to wordpress.com" button, i see this error:
site_inaccessible
The Jetpack server was unable to communicate with your site [HTTP 404]. Ask your web host if they allow connections from WordPress.com. If you need further assistance, contact Jetpack Support: http://jetpack.me/support/
I had this issue because I have installed iThemes Security plug-in. To solve the problem :
Disable it.
Connect JetPack
Enable it and look what exactly in the config is making the problem.
Probably other security plug-ins/firewalls will have the same effect.
The jetpack plugin error in wordpress is due to the ModSecurity is enabled in the cpanel and xmrpc rule is not added in the .htaccess file.
First diable the mod securty for the domain from cpanel.
Log into cPanel
Under Security choose ModSecurity
Under Configure Individual Domains, Switch affected On or Off (For all domains, ModSecurity is On by default)
Add xmlrpc.php requests rule in .htaccess
<Files "xmlrpc.php">
Order Allow,Deny
Allow from all
</Files>
And check xmlrpc is working or not
http://example.com/xmlrpc.php
i deactivating all plugins and uninstall jetpack , after reinstall jetpack its work successfuly. thanks for all
In your case, a security plugin or your host may be blocking access to this file. As long as this is the case, you won't be able to use Jetpack, or any other app or plugin using the XML-RPC file.
### yourblog/wordpress/xmlrpc.php
Could you try to deactivate all security plugins, and if that doesn't help to contact your hosting provider and ask them if they block access top the URL above?
Thanks,
Rahul
I have tried all types of work around and none has solved, even this above. At least with me.
What I found was, comparing with other running websites I have this one, which is a new installation had a strange folder within the same folder installation.
A folder called ".didb", I never heard of it and there was several text files within. Searched online to see if was something important to have on server, nothing clear found.
So guess what I did. Deleted the sweet folder and boom. Is working perfectly well now.
Sorry, I don't have the names of the files and folders within, and to be honest, I don't want to know, all I want to know if is the website is working with the files I want which is WordPress only.
So, you may have a similar situation, take a look under your high level folder via FTP or whichever other way you may want to and that could save the day. ;-)
Related
I have a website that is running on an AWS server using the Bitnami Nginx and WordPress image.
https://www.athleticclubhk.com/
Recently it got all our ads on Google stopped due to malicious content. Oddly this time, its trickier then your standard malware of infected files. When visiting the site incognito, the first and only the first link click gets redirected using the following code:
window.location.replace("https://cartoonmines.com/scount");window.location.href = "https://cartoonmines.com/scount";
This is being injected on any link, however, upon investigating the loaded code on inspect its not injecting it into the page.
I've tried to hunt down the theme, plugins, core files and found nothing!
I replaced and reinstalled WordPress core files, deactivated all plugins and even swapped the theme - the problem is still there. I can't find any hidden .htaccess file in the entire root directory.
I even used GREP to try to look for anything fishy (any clues here that someone can help with?) nothing so far.
The site is still impacted with this so you can easily load the link ~ i do use malwarebytes to keep myself protected, incase you are opening this directly.
Can anyone help?
The redirection code is implanted to /wp-includes/js/wp-emoji-release.min.js.
How to confirm:
watch the cookies when clicking internal page, a new cookie is being set for tracking first clicks, named ht_rr
save complete webpage locally and try to load it, and check in Chrome dev tools, you'll see that in Console tab it complains about this Javascript file attempting to set the aforementioned cookie
While a temporary resolution of deleting the file will fix things for some time...
There's no excuse for not setting up a proper server stack. Bitnami or other "great stacks" won't cut it security-wise. They exist for "fast", but no "quality" setup, and of course, it's never going to be secure.
The file got created somehow / had write privileges. This indicates a problem with the setup most of the time. Unless you're using some nulled plugins or plugins from bad sources.
Once again, since the website was essentially "pwned", deleting the Javascript file does not mean complete disinfection. To preserve things in a secure state, I would recommend setting things on a clean server environment with strict PHP-FPM permissions aka "lockdown" chmod, and look for write errors to look for infected PHP files.
Check out some guides on the matter of secure NGINX/PHP-FPM setup:
NGINX and PHP-FPM. What my permissions should be?
Best practice secure NGINX configuration for WordPress
NGINX Security Headers, the right way
Just had the same problem and it was Zend Font Plugin, the same that some people mentioned before.
Installed Wordfence and this came out. Deleted the plugin and now the site is working perfectly.
Disable plugins and check again.
Change the database username and password.
Ask the hosting manager to check the host.
So, I've read a few articles/blogs on this issue, but here's mine:
When I activate "Force SSL" in Woocommerce settings, I get a 404 on any pages that have HTTPS.
I have a dedicated SSL certificate on my domain, and that is no problem. It is not caused by plugins, I have tested that.
I've heard that you need to modify the "default-ssl" file on your server. You apparently need to modify your htaccess file to match the settings of your "default-ssl" file. If this is not accessible on a shared hosting server, then this is not a viable solution for anyone who doesn't have a VPS or access to root level SSH.
I've also been told that you need to reset your WP permalink settings to default. This is bad for SEO and quite frankly, an "I failed" non-solution.
If there is a way to get around this problem that can be fixed by having access only to cPanel and FTP, then answer this question. If it is definitely not possible via these means, please tell me why.
I'm not sure whether this is something that is going to benefit others, but if you're on shared hosting, testing on a subdomain is a bad idea. Rather test on "www.yourdomain.com/testing/", as opposed to "testing.yourdomain.com". Don't ask me why, the nerdy reasons I will leave to the back-end guys who answer my questions with grammatically unintelligible questions and down-votes.
You can have custom domains on your Woocommerce site after all. Don't test on a subdomain.
I want to disable comments site-wide on a Wordpress site, but I keep getting this one annoying problem.
I've looked around and all of the results are for older versions of Wordpress. I have a fresh install of Wordpress 4.0 onto a namecheap hosting server.
When I try to disable comments in Settings > Discussion by unchecking the box and clicking on the submit button below, I get redirected to a page that says:
You don't have permission to access /wp/wp-admin/options.php on this
server.
Additionally, a 404 Not Found error was encountered while trying to
use an ErrorDocument to handle the request.
One suggestion from a few threads from 5-7 years ago was to modify the .htaccess and permissions. I tried, it still is returning the same error. Those suggestions were for older, less secure versions of Wordpress, so I'm thinking there should be a different workaround for 4.0. I also for some reason don't have SSH access to the server, probably because of some stupid namecheap / cpanel restriction.
I went ahead and contacted namecheap directly and they corrected it quickly - I don't think there's anything you can do. Specifically, they said:
We have whitelisted Mod Security rule which has been triggered. Please try preform necessary actions one more time.
Hope that helps.
Check your Privileges of wordpress database users.
Check also file & folder permission.
( a folder permission 755 and file permission 644 )
So, I've got a Magento installation with Wordpress integration. I've got an install where I need to have SSL to cover payments, and unfortunately the Wordpress folder isn't secure and serving images through http. In order to get the green lock, I need to secure the entire wordpress folder.
I know in the backend of Magento, you can specify which folders belong to skin, media and js to secure, but how (if it is in the same parent directory) would I secure the wordpress folder?
yes you can secure your wordpress setup with extra wordpress plugin
use this link this is very good plugin to use with wordpress to get SSL certficate to all pages as well as in admin area.
Also there is one another alternative solution to make some change in code to use this useful link
http://yoast.com/wordpress-ssl-setup/
Pls not that i am not associate with any of the above link.A purpose to share this link to solve your problem.
hope this will sure help you.
Try to add that in your httpd-ssl.conf (one of your Apache config files)
The WP back end of a site I'm working on (It's a multisite) takes about 25 seconds to load.
Everything was working fine until yesterday and the front end still works perfectly well. All other sites on the same server run just as well, so it MUST be a WP back end issue.
I don't remember exactly what change it was that made it so slow. I remember updating WP recently (to version 3.4.2), adding some plugins on one of the sites and changing the max upload file size.
I tried to disable all the plugins, changing the themes back to default, changing the max file size back, and adding define('WP_MEMORY_LIMIT', '1024M'); (and other values) to WP-config but none of it helped.
Also tried to 'Update network', but I got an error - couldn't connect to host.
Any ideas?
I got in touch with our network admin and we resolved the issue.
I will copy his answer here. Hope it helps someone.
Does Wordpress use 'self-referential URLs' ? What I mean by this is...
is wordpress trying to access it's own templates/css using fully
qualified domain names in the URL (e.g. http://example.co.uk/someurl )
Because we use Network Address Translation (NAT) on our firewalls to
hide the real IP address of the server, it has the side effect that if
the server tries to access it's own URLs, it will try to send the
traffic to the external interface on our firewall, which is where the
DNS resolves to.
The fix for this is very simple - we just add the site url into the
/etc/hosts file so that the server knows to use it's own IP address
instead of the address on the firewall.
So he added our address to the hosts file and now it works perfectly.
Awesome.
I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout.
If you're still unable to identify the cause I'd recommend a catch-all solution of installing xdebug and profiling the page with webgrind, xcachegrind, etc
Had the same problem for a week and now the problem of very slow WP-admin was solved!
Before, I cannot access my sites if I use incognito or I am not logged in as WP user, but all times in the wp-admin, it takes me 40 seconds- minute or even never.
Solution that worked:
I accessed the files in the file manager using the CPanel, and I saw so many unused and unnecessary folders and themes and that's the reason that causes the very slow access to admin.
It was because during the days of being a newbie, I stuffed a lot of files in the Public Http and that made it congested.
I logged in to another CPanel account that I bought personally before, and compared the folders of the "proper" versus the "congested" and compress, backed-up and deleted all the unnecessary.
My host: Hostgator, responded well also.
Hope this would help others.
I also had a very slow Dashboad in wordpress. Reading the James C´s answer, I realized that my site is located in a corporate intranet behind a firewall to access internet.
James C answered:
"I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout."
My solution was avoid all the internet conections: (1) disable all the wordpress updates using the wordpress plugin "Disable all wordpress updates". (2) activate de wordpress pluging "Disable google fonts"
After these two plugin activations, the Dashboard works to a suitable speed.