allow jetpack to access site

[premiumwd]

Hi,

I need jetpack to access site. Hidemywp blocks all requests. So I tried the following solutions.

in htaccess I added.
RewriteRule ^xmlrpc\.php$ “http\:\/\/0\.0\.0\.0\/” [R=301,L]

and
<FilesMatch “^(xmlrpc\.php|wp-trackback\.php)”>
Order Deny,Allow
Deny from all
Allow from wordpress.com
</FilesMatch>

But no luck, here is an example of request I got in email. Any ideas?

IP: 173.245.48.207 (192.0.118.142)
User ID:
Date: 2016-01-16T18:12:31+00:00
Total Impact: 44
Affected tags: xss csrf id rfe lfi

Affected parameters: REQUEST.<?xml_version=%26quot%3B1.0%26quot%3B%3F%26gt%3B%0A%26lt%3BmethodCall%26gt%3B%0A%26lt%3BmethodName%26gt%3Bsystem.multicall%26lt%3B%2FmethodName%26gt%3B%0A%26lt%3Bparams%26gt%3B%0A%26lt%3Bparam%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstruct%26gt%3B%0A++%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3BmethodName%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Bjetpack.jsonAPI%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%0A++%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3Bparams%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3BGET%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Bhttps%3A%2F%2Fpublic-api.wordpress.com%2Frest%2Fv1%2Fsites%2F103641641%2Fsettings%3Fhttp_envelope%3D1%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3B%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bint%26gt%3B103641641%26lt%3B%2Fint%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3B%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Binternal%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3B15%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%0A%26lt%3B%2Fstruct%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fparam%26gt%3B%0A%26lt%3B%2Fparams%26gt%3B%26lt%3B%2FmethodCall%26gt%3B, POST.<?xml_version=%26quot%3B1.0%26quot%3B%3F%26gt%3B%0A%26lt%3BmethodCall%26gt%3B%0A%26lt%3BmethodName%26gt%3Bsystem.multicall%26lt%3B%2FmethodName%26gt%3B%0A%26lt%3Bparams%26gt%3B%0A%26lt%3Bparam%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstruct%26gt%3B%0A++%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3BmethodName%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Bjetpack.jsonAPI%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%0A++%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3Bparams%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3BGET%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Bhttps%3A%2F%2Fpublic-api.wordpress.com%2Frest%2Fv1%2Fsites%2F103641641%2Fsettings%3Fhttp_envelope%3D1%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3B%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bint%26gt%3B103641641%26lt%3B%2Fint%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3B%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Binternal%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A++%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3B15%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%0A%26lt%3B%2Fstruct%26gt%3B%26lt%3B%2Fvalue%26gt%3B%0A%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fparam%26gt%3B%0A%26lt%3B%2Fparams%26gt%3B%26lt%3B%2FmethodCall%26gt%3B,

Request URI: /xmlrpc.php?for=jetpack&token=7oOD%26Ap2B%21CA0%23FyLm7yU2R%23ZXIZizeS%3A1%3A15&timestamp=1452967950&nonce=gB2tdXb7yS&body-hash=bUuNWVVzchIVfhEJukZBF7ugCMw%3D&signature=%2FKW%2FwKczscO9hMWMLJpg73b4kAo%3D
Origin:

[Suman M.]

Hi, can you please try disabling “IDS” option under IDS Firewall tab? If this resolves the jetpack issue then please enable IDS and then goto menu – Dashboard >> Intrusions; hover over the request names (mentioned in your comment above) that is related to jetpack and click on “Exclude” link.

[premiumwd]

None of it works. The issue is that i wanted to allow jetpack from making requests to my site. You know when you install jetpack you can go to wordpress.com and access all the info for that site? Thats my issue, it wont allow it to connect.

[Suman M.]

Hi, please let us know your website’s wp-admin login details (as private reply), so that we can have a look at the issue. Also let us know the steps to re-generate the issue that you are having.

[Author]

Posts