Hi @eelcodegraaff,
You may need to speak with your host if xmlrpc.php has been blocked/removed by your host by design. Comment and registration spam through XML-RPC is common, so security preferences provided by your host could be a factor here.
As far as Wordfence is concerned, unchecking the “Disable XML-RPC authentication” checkbox in Wordfence > Login Security > Settings should allow authentication attempts through that file.
Also ensure you don’t see the following in your .htaccess file, which would block access to this file altogether:
# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>
Thanks,
Peter.
Thanks for your reaction, i will check the things you suggested. When the optimised firewall is on, the xmlrpc authentication fails, when off it works, with your suggestion i could harden the site better, thanks. And yes indeed, my hosting provider has a firewall that also blocks this function, it will only be opened for my own ip.
Hi again @eelcodegraaff, thanks for getting back to me.
It might be worth enabling Learning Mode when you wish to use XML-RPC for this purpose as an action may be getting caught by Wordfence as a false-positive. The https://www.wordfence.com/help/firewall/learning-mode/ page will assist you in the first part and also includes a method for allowing blocked action(s) from your Live Traffic page manually.
However, if you don’t see a Wordfence-branded blocking page or a specific blocked action (when you attempt to submit the post) in your Live Traffic, there’s still a chance the issue could still be linked to host restrictions even if your IP has seemingly been allowed.
Thanks again,
Peter.
Hi thanks Peter,
I did a bit examination more in detail but the issue is hard to grab.
As solution to get xmlrpc working i disabled the advanced protection and at that moment the posts with livewriter work again. Based on your suggestions i digged into some settings and checked Wordfence > Login Security > Settings the block login setting was not eabled. I also checked the .htaccess file and it did not contain any blocks on the xmplrpc.php file.
After this i re-enabled the advanced protection and did some testing, and i was able to post with Learning mode on in the logging i did not see any strange blocks. The firewall does make notes regarding a 404 on the wlwmanifest.xml file. Seems it is not longer there and/or is blocked. No clue what to do with that one.
The main issue is.. i can’t find why posting works, and after a while when i change settings in the WordFence settings the posting by xmlrpc is blocked again. I can’t find it in the logging.. If i look now i see the access to the xmlrpc.php is allowed. On one hand i am a bit further on the another hand, i have no clear view how to fix this in a solid and permanent way. In fact what i need is a specific firewall rule to allow an ipnr/publisher name combination to access the xmlrpc file for all those actions that are needed to make a blog post externally. This in relation with my ISP that also allows the traffic from my home ip should make me able to do blogposts during trips by vpn without access issues.
Any clues and suggestions? I dont want to post loginfo in detail in this forum since it is all privacy and security related data.
Regards
Eelco
