Solve Jetpack site inaccessible error [XML-RPC.php and HTTP 403]

Recently i was receiving a site_inaccessible 403 Forbidden Error for XMLRPC.php file everytime i tried to connecting my blog to the wordpress.org. I tried many solutions i found in many forums and blogs, but with no success. If you have the same problem, here is a simple and safe solution.

XML-RPC is a remote procedure call protocol, so that you can do all kind of stuff like create or edit a post remotely. This method is used also by Jetpack to provide you their services. Without this, Jetpack can’t communicate with your site and their servers.

But there is a problem with all this, security. There are a number of ways an attacker can take advantage of the XML-RPC interface, including, but not limited to DDOS attacks, and bruteforce attacks. And for this reason, many webhosts kept disabled the access to XML-RPC.php file. But if you want to enable Jetpack into your blog, then you have to allow access only from Jetpack.

In order to do this, you have to edit your “.htaccess” file. I tried many varations of the code below, but sometimes my admin panel was become very slow or inaccessible, so this is a working solution. In the beggining of the file, add the below code:

<Files xmlrpc.php>
Order Deny,Allow
Deny from all
Allow from 192.0.64.0/18
Satisfy All
</Files>

So now, we deny everyone from accessing the file “xmlrpc.php” except from the IP subnet 192.0.64.0/18, which is the IP address of “AUTOMATTIC”. By doing this, you will solve any communication errors you may have. However, if you find some problems with Publicize service, or you will keep receiving the error message, ever if you already connected to Jetpack, you should add some other IPs to htaccess. Read this post here.

Problem solved.

One thought on “Solve Jetpack site inaccessible error [XML-RPC.php and HTTP 403]

Leave a Reply