Fixing Jetpack on my WordPress site

In March 2011 Automattic replaced their WP Stats plugin by a new one, called Jetpack. I initially couldn’t get that plug-in working. It kept throwing up an error message ‘site_inaccessible – Error Details: The Jetpack server was unable to communicate with your site [HTTP 412].’

The support team of Automattic couldn’t figure out what was going wrong but fortunately my hosting company ICDsoft could. Apparently they block certain access attempts for WordPress sites. They sent me the following explanation and solution less than 20 minutes after I reported the problem:

We have a special set of rules on the server that are employed to prevent most popular hacking attempts. The xmlrpc.php module of WordPress very often is a target of hack attacks, that’s why we have a rule that disables the access to it. Please add the following code to the .htaccess file in the WordPress directory of the account:

<IfModule mod_security.c>
SecFilterRemove 114
</IfModule>

After making this modification, Jetpack worked just fine.

I had to reapply this fix in December 2011 after updating the theme of the site. For some reason the .htaccess file had been reset during that update.

9 August 2013

9 responses to “Fixing Jetpack on my WordPress site”

  1. Kevin P. says:

    Thanks very much for this post. And thanks to zelik for posting the updated directive!

  2. SO helpful. Thank you to to those that replied with the updated fix too! 🙂

  3. SAS says:

    Thank you for this…works perfectly!

  4. zelik says:

    Hmm, comment had tags stripped. It should be:

    <IfModule security2_module>
    SecRuleRemoveById 114
    </IfModule>

  5. zelik says:

    Actually, the correct way is to add this to your .htaccess

    SecRuleRemoveById 114

    Hope this helps everyone!

  6. evtini-igri says:

    In older server configurations with Apache 1.3, adding this code to .htaccess would have fixed the issue. However, they run Apache 2.4 now, and the code that needs to be inserted is a bit different:

    SecRuleRemoveById 114

    These lines disable only the mod_security2 rule which filters requests to xmlrpc.php. This way, access to xmlrpc.php will be allowed, and Jetpack will be able to connect to the WordPress installation.

    I did not figure that out by myself – all credit goes to ICDSoft support – they are really fast and precise!

  7. Yoram says:

    Thanks for sharing. I also use ICDSoft and their support is awsome.

  8. Josh Reisner says:

    Thanks for this! I love ICDSoft too.

  9. Ted Rouse says:

    This for this tip, I had been beating my head against Jetpack on ICDsoft servers for a little while now.

    I love ICDsoft for being able to answer questions like like this in 20 minutes.


Advertising