It could be, yes. That IP belongs to Automattic, and can be used by Jetpack or any other Automattic service like WordPress.com, or VaultPress.
Are you running into issues, or is there anything I can help you with?
No, seems to have resolved itself..perhaps, the security plugin figured it out?
Was that IP reported by a security plugin you use on your site?
Yes. I am seeing it again. My security admin says it is probably spam, that has been blocked. The website is in good order and jetpack / WP are functioning as expected.
I am inclined not to whitelist the IP until I know it is absolutely safe.
I am seeing it again. My security admin says it is probably spam, that has been blocked.
Is that IP part an email you receive, or a warning in your WordPress dashboard? Is this handled by a specific security plugin or service I could try on my end?
Jetpack will ping your site regularly for different reasons: it can be to get info about a post when you edit it, or to sync your site settings with WordPress.com, or to check if you site is up if you use Jetpack Monitor. None of these actions are spam, though; they’re just there because Jetpack does its job. Blocking that IP, on the other hand, might cause issues on the long term by blocking Jetpack from communicating with your site.
I was sent a link to look at this forum thread, but without any information for what I am supposed to be looking at. It is not exactly clear what the issue/problem is. So what needs to happen first is the BPS Security Log entry for what is being blocked needs to be posted so I can see what is being blocked.
Previous 403 error that I posted to your forum AITpro and a newer 405 error. Thanks for looking into this!
‘[403 GET|HEAD Request: December 5, 2015 – 10:05 pm]
Event Code: BFHS – Blocked/Forbidden Hacker or Spammer
Solution: N/A – Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 192.0.102.40
Host Name: 192.0.102.40
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /
QUERY_STRING:
HTTP_USER_AGENT: jetmon/1.0 (Jetpack Site Uptime Monitor by WordPress.com)’
‘[405 HEAD Request: December 7, 2015 – 2:20 pm]
Event Code: BFHS-HEAD – HEAD Request Blocked
Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: 192.0.102.40
Host Name: 192.0.102.40
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: HEAD
HTTP_REFERER:
REQUEST_URI: /
QUERY_STRING:
HTTP_USER_AGENT: jetmon/1.0 (Jetpack Site Uptime Monitor by WordPress.com)’
Perfect! Thanks. Prior to BPS Pro 11.5 and BPS .53.1 (pending), Security Log entries for blocked HEAD Requests were logged as: 403 GET|HEAD Request:. To make things easier/simpler to troubleshoot – BPS Pro 11.5+ and BPS .53.1+ now log blocked HEAD Requests as: 405 HEAD Request:.
What is being blocked is the HEAD Request made by the Jetpack Uptime Monitor user agent/bot.
The solution is here: http://forum.ait-pro.com/forums/topic/jetpack-site-uptime-monitor-403-error/#post-15400
Note: Since you have BPS Pro 11.5+ installed then use the BPS Pro 11.5+ & BPS free .53.1+ whitelisting code/method.
This helps, thank you!
HTTP_USER_AGENT: jetmon/1.0 (Jetpack Site Uptime Monitor by WordPress.com)'
As you can see, what’s being blocked here is Jetpack Monitor, our Monitoring service:
http://jetpack.me/support/monitor
It pings your site every 5 minutes to see if it’s up, so that might have triggered a flag by BulletProof Security.
@aitpro Is there a way you could avoid false positives by whitelisting requests from that user agent, maybe?
Edit: Looks like you were faster than me, I replied without seeing your last post. 🙂 I see you already have a solution. Perfect, thank you 🙂
@jeremy – Yeah we are working on automating this so that it is seamless for users. As you already know backend automation is a time consuming thing. It is in the works though. 😉
The solution appears to have worked. It has been about 20 minutes since it was applied, thanks! Of course, will update if that changes.
@jeremy – This fix is now automated in BPS 2.0 using Setup Wizard AutoFix, which will be released today. Took a long time to get to this, but the interim manual solution worked ok until we could get around to this.
