4.91 The loopback request to your site failed

Are all those sites on the same host? Does your host allow loopback connections?

Please install the health check plugin and report back its findings: https://www.ads-software.com/plugins/health-check/

All sites on same host across lots of different servers. Unknown whether loopback connections allowed, host not responded to this question.

PHP Version ? 7.0.25 - For performance and security reasons, we strongly recommend running PHP version 7.2 or higher.  
MariaDB Server version  ? 10.1.27-MariaDB  
JSON Extension ? Your PHP install supports JSON.  
MySQL utf8mb4 support ? Your MariaDB version supports utf8mb4  
Communication with www.ads-software.com ? www.ads-software.com is reachable from your server.  
HTTPS status ? You are not using HTTPS to access this website.  
Secure communication ? Your WordPress install can communicate securely with other services.  
Scheduled events ? A scheduled event (wp_version_check) has failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.  
Background updates ? No version control systems were detected.
? Your installation of WordPress doesn't require FTP credentials to perform updates.
? All of your WordPress files are writable.
 
Loopback request ? The loopback request to your site failed, this may prevent WP_Cron from working, along with theme and plugin editors.<br>Error encountered: (0) cURL error 56: Failure when receiving data from the peer 

### WordPress ###

Version: 4.9.1
Language: en_US
Permalink structure: 
Is this site using HTTPS?: No
Can anyone register on this site?: No
Default comment status: open
Is this a multisite?: No
User Count: 1
Communication with www.ads-software.com: www.ads-software.com is reachable
Create loopback requests: The loopback request to your site failed, this may prevent WP_Cron from working, along with theme and plugin editors.<br>Error encountered: (0) cURL error 56: Failure when receiving data from the peer

### Active theme ###

Name: Twenty Seventeen1
Version: 1.4
Author: the WordPress team
Author website: https://www.ads-software.com/
Parent theme: Not a child theme
Supported theme features: automatic-feed-links, title-tag, post-thumbnails, menus, html5, post-formats, custom-logo, customize-selective-refresh-widgets, editor-style, starter-content, custom-header, widgets

### Active Plugins (1) ###

Health Check: version 0.8.0 by The www.ads-software.com community

### Media handling ###

Active editor: WP_Image_Editor_GD
Imagick Module Number: Imagick not available
ImageMagick Version: Imagick not available
GD Version: 2.1.1
Ghostscript Version: 8.70

### Server ###

Server architecture: Linux 2.6.32-696.18.7.el6.x86_64 x86_64
PHP Version: 7.0.25 (Supports 64bit values)
PHP SAPI: cgi-fcgi
PHP max input variables: 1000
PHP time limit: 30
PHP memory limit: 256M
Max input time: 60
Upload max filesize: 64M
PHP post max size: 8M
cURL Version: 7.19.7 NSS/3.27.1
SUHOSIN installed: No
Is the Imagick library available: No

### Database ###

Extension: mysqli
Server version: 5.5.5-10.1.27-MariaDB
Client version: mysqlnd 5.0.12-dev - 20150407 - $Id: b5c5906d452ec590732a93b051f3827e02749b83 $
Database prefix: wp_

### WordPress constants ###

ABSPATH: /home/sites/edithellenfoundation.org/public_html/test/
WP_HOME: Undefined
WP_SITEURL: Undefined
WP_DEBUG: Disabled
WP_MAX_MEMORY_LIMIT: 256M
WP_DEBUG_DISPLAY: Enabled
WP_DEBUG_LOG: Disabled
SCRIPT_DEBUG: Disabled
WP_CACHE: Disabled
CONCATENATE_SCRIPTS: Undefined
COMPRESS_SCRIPTS: Undefined
COMPRESS_CSS: Undefined
WP_LOCAL_DEV: Undefined

### Filesystem permissions ###

The main WordPress directory: Writable
The wp-content directory: Writable
The uploads directory: Writable
The plugins directory: Writable
The themes directory: Writable

PHP Version 7.0.25

• This reply was modified 6 years, 10 months ago by Steven Stern (sterndata).
• This reply was modified 6 years, 10 months ago by Steven Stern (sterndata).

I don’t see any red flags, so it’s probably something in the hosting configuration.

Thanks for your reply.

Heart Internet (UK) have responded and stated they do not allow loopback connections.

I have hundreds of sites hosted with them and most all now on 4.9 of WordPress which is a nightmare if simple edits can not be carried out to php files.

Any solutions to this as don’t really want to have to change host or drop WordPress.

Well, I don’t know what to tell you then. WP wants loopback or stuff will not work properly. https://www.ads-software.com/hosting/ lists some recommended hosts.

You might ask your host why they block it.

It use to work prior to version 4.9.

Heart Internet UK do not allow loopback requests as it is a security risk to their network.

Therefore what other options are there apart from dropping WP and moving to another platform or moving to a less secure host.

I will consider replacing

wp-admin/theme-editor.php
wp-admin/includes/file.php

with version 4.8.4 as a temporary fix until a proper solution is found.

The new editor reads the site after writing to make sure that the code you wrote didn’t break the site. If it did, it will revert the change.

In general, I discourage the use of those editors anyway. Download files, save copies, make changes, upload. Use version control.

You may want to follow this ticket: https://core.trac.www.ads-software.com/ticket/42773

It use to work prior to version 4.9.

Yes, it did. This no longer works in 4.9 and up, and it likely will not be “fixed” because it was an intentional design feature.

When you make a change through the built in file-editors, you have the potential of breaking the site entirely, thus disabling the editors, and thus disabling your ability to fix the issue you just introduced. This has actually been extremely easy to do, a simple typo in the active theme’s functions.php file will do the trick very effectively.

In WordPress 4.9, new file editors were introduced. These provide various features like syntax highlighting and so forth, but the main one was this introduction of the “check” for potentially bad code.

When you submit the changes for a file to the editor, then the WordPress code rewrites the file with the new code and saves it. That used to be all it did. Now, before it finishes, WordPress attempts to load up both the home page of the site, as well as the file editor screen itself. It does this entirely internally, in order to look for any errors. If it finds that the change has caused an error and broken the site, then it reverts the broken change and tells you about it, instead of simply leaving the site in a now broken state.

To make this request to look at the page’s content, it has to have loopback. It has to make a web request back to itself to get the new contents of the page. It has to do this before the process ends, in order to know whether the change broke the site or not. So, the WordPress process, running on the server, makes an HTTP call back to the site, as a client or a web browser would do. Since the client and server are on the same machine, then yep, this is a loopback call. It cannot be avoided.

If you cannot do loopback requests, so that it can perform sanity checking on entered code, then the file editors are not safe to use for anybody, especially untrained users who may not know PHP very well. My recommendation in that case is to use a more direct file editor, such as one provided by your web host, or something similar using SFTP to access the files on the site.

By and large, WordPress is a CMS meant for users. Having a feature where users could easily, and accidentally, break their site without leaving them any ways to repair it makes little sense. The file editors are largely a relic, and having this sort of sanity checking is essential to keeping them in the WordPress software in the first place. Any changes along these lines are most likely going to be to remove those editors from WordPress entirely. The safety checks are not going away, but the editors themselves might be pulled out in the future. That’s just the bottom line with this feature.

So yes, either get a new web host that supports loopback connections working properly, or find an alternate solution for file editing on your servers. WordPress is simply not going to accommodate you anymore with a feature that makes it easy to break sites.

I appreciate the thought behind this and it has certianly happened to me plenty of times (break the theme so even the editor wouldn’t load). but THAT’S when I go in via FTP to revert or make necessary fixes.

meanwhile, it would be most convenient if I could use the WP editor “at my own risk”.

also, many of my sites are sometimes managed by multiple “developers” (in fact, clients who are just brave enough to fiddle with template code in the WP editor) but don’t know about version control or external editors. they simply rely on that WP editor to be able to make changes.

I understand that one option is to simply do away with the editor. perhaps that wouldn’t be so painful if it was never there in the first place. but perhaps WP wouldn’t be where it is now!

perhaps one possible solution would be to make that ‘loopback’ an option rather a requirement. along with a warning (ex: “if you disable this feature you’ll need FTP access to fix any issues that might break the editor”).

Adding a checkbox to allow you to “break-your-site” simply isn’t going to sell. The safety check existing at all is largely a nod to those who want to remove the editor completely.

Like I said, any changes to this in the future are most likely to be to remove the file editors, not to make them less safe, in any way. If you want a file editor in the WordPress interface, make a plugin. But be warned, if you make a popular one, that just adds more wood to the fire of getting rid of the feature in the WordPress core.

Not judging, just saying. We used to have an editor that would allow you to edit the WordPress core files itself. That’s been gone for a long while.

“Adding a checkbox to allow you to “break-your-site” simply isn’t going to sell.”

Well you’d better start selling it. Your users hate the new editor and want the ability to go back to the old one. And don’t even think about removing editors entirely. The backlash you would face would be catastrophic.

Running Health Check on one of my sites also produces the error cited here, “The loopback request to your site failed, this may prevent WP_Cron from working, along with theme and plugin editors.” This seems to be making another plugin get stuck, because it depends on WP Cron.

The host tells me “DreamHost doesn’t block any sort of loopbacks on the server. I would recommend contacting the developers of that plugin, as we are not familiar with how this plugin is checking for loopbacks or what it is doing exactly.”

What can I do about this?

@jimgasperini, if you need support then per the forum welcome please create your own new forum post. Thanks.

Well you’d better start selling it. Your users hate the new editor and want the ability to go back to the old one. And don’t even think about removing editors entirely. The backlash you would face would be catastrophic.

No, @cmilliken, you are the one who has to start selling it. Because here is the bottom line: If you don’t like the new editor, then that’s real tough. I suggest you start moving away from WordPress entirely if it’s that big a deal to you.

Because the winds have shifted, and those editors will be going away entirely. You can think it will be catastrophic, but it is going to happen within the next, oh, 4 years or so. The era of editing live PHP on the webpage itself is at an end. Time to face the fact of it and get used to it. WordPress 6.0 will not have the file editors in it, I feel.

Samuel, I have to say for an admin who is representing a company or brand, you are shockingly rude. Regardless of how rude the original post you were responding to was, you really should try and maintain a decorum of professional politeness at all times. Seriously, if your voice is supposed to be the voice of WordPress, I am seriously worried. Perhaps you didn’t mean for that post to sound so rude, but the only way it came across to me was pure arrogance. Maybe you should start listening to your users. Don’t forget without users, you don’t have anyone to sell your service to. Got to be honest, not a fan of this new checker and there are a lot of people who feel the same. I appreciate the steps you are taking to protect your users, and that is admirable, but I think you need to find a balance here and understand the needs of the more advanced users. There are plenty of alternatives to WP out there these days. I think you need to go back to basics and understand your user. Otherwise, before you know it, your users will have gone elsewhere and don’t forget who pays your wages. I don’t think it’s rocket science. I think you could provide a different set of editing tools for advanced users and then if they break their site with them, that’s their fault. At least listen to us and take our concerns seriously. You might not like it, but the customer is always right.