einstem

Can anyone confirm if these are old mailchimp database entries I can remove?

Thanks.

Michael

Anyone know if I can remove the transient “GAD” entries in my database if I no longer use this plugin?

OK.. Thanks for the info.
So, sounds like I can trim these tables if I want.

But, do I understand that these tables are used so that any ‘subsequent’ attempt to login from these IPs will be automatically denied?

So, is the “lockdowns” a list of IP addresses that will be permanently denied?

And how about “login-fails”? Is that also a list of IPs that will be permanently denied?

Just trying to understand how these tables support the plugin and what happens if I end up “trimming” them.

Thanks.

Michael

Hey there. Thanks for the response, but I haven’t been able to get this to work.

I am not sure what “mixed case parameters” are.

All I am doing is copying the “script” code that Google Adsense generates for me and putting it into the ‘text’ tab of my shortcode.

The code starts with: “<script…..” a
nd then ends with “</script>”
with a whole bunch of code stuff in between.

I need to do some more testing on my site, but I was able to get it to work using an Adsense Plugin that creates shortcodes:

https://www.ads-software.com/plugins/wordpress-plugin-for-simple-google-adsense-insertion/

If I put my script code in the above plugin, it creates a shortcode that works fine on my posts page.

But I was hoping to use the Shortcoder plugin so I could use the same plugin for all my shortcodes.

No idea why shortcoder isn’t working with my adsense still..

michael

Thanks.

I ended-up finding a plugin that works like a text widget but supports shortcodes:

https://www.ads-software.com/plugins/shortcode-widget/

Amazing that wordpress text widget doesn’t do this by default, and I wanted to avoid modifying my theme code if I could help it, so this little plugin worked great.

Thanks.

Michael

Perfect. Thanks so much!

I don’t use mobile apps and don’t even know what Pressgram or IFTTT are, so presume I don’t need to worry about those, so sounds like I am fine with the “add filter” option, which keeps my site a bit safer from attacks.

Michael

OK.. Thanks. I deleted the folder and dropped the table.

However, I also did notice that there is a bunch of “EWWW” entries in my “Options” table. Do I need to do anything about those?
What are they for?

Michael

All,

I have been having problems getting Jetpack Related posts to work with my hosting provider and my site, so I want to try to make sure I understand this whole issue.

I use: Related Posts, WordPress Stats, Subscriptions, Comments, Publicize

If I have this code in my wp-config.php file to protect my site against XMLRPC DOS attacks:

add_filter(‘xmlrpc_enabled’,’__return_false’;

Will this allow my Jetpack features listed above to still work?
Will this disable any other Jetpack features I should be aware of?

Thanks.

Michael

Jeremy,

Thanks. Glad it is working now.

I just activated the “Stats” module and that error message went away.

That error message is a bit deceiving because it looks like you have a configuration error, but you just don’t have the “stats” module activated.

You should look at changing that somehow.

But thanks for all the help. I’m happy to be using the Jetpack modules correctly on my site.

Thanks so much.

Michael

Unfortunately, this still isn’t working.
I had my hosting provider (A2 Hosting) disable their XML-RPC lock-out protocol, but when I go into Jetpack Debug, I see the following information below.

Any ideas?

Michael

—-

It looks like your site can not communicate properly with Jetpack.
SELF:
Array
(
[headers] => Array
(
[server] => nginx
[date] => Sat, 24 Jan 2015 14:29:25 GMT
[content-type] => text/plain;charset=utf-8
[connection] => close
[x-pingback] => https://jetpack.wordpress.com/xmlrpc.php
[expires] => Wed, 11 Jan 1984 05:00:00 GMT
[cache-control] => no-cache, must-revalidate, max-age=60
[pragma] => no-cache
[x-hacker] => Jetpack Test
)

[body] => {“error”:”Could not fetch your site data”,”error_description”:”We were unable to fetch the data from your Jetpack-powered site, the communication channel seems to be broken.”}
[response] => Array
(
[code] => 400
[message] => Bad Request
)

[cookies] => Array
(
)

[filename] =>
)

Unfortunately, this still isn’t working.
I had my hosting provider (A2 Hosting) disable their XML-RPC lock-out protocol, but when I go into Jetpack Debug, I see the following information below.

Any ideas?

Michael

—-

It looks like your site can not communicate properly with Jetpack.
SELF:
Array
(
[headers] => Array
(
[server] => nginx
[date] => Sat, 24 Jan 2015 14:29:25 GMT
[content-type] => text/plain;charset=utf-8
[connection] => close
[x-pingback] => https://jetpack.wordpress.com/xmlrpc.php
[expires] => Wed, 11 Jan 1984 05:00:00 GMT
[cache-control] => no-cache, must-revalidate, max-age=60
[pragma] => no-cache
[x-hacker] => Jetpack Test
)

[body] => {“error”:”Could not fetch your site data”,”error_description”:”We were unable to fetch the data from your Jetpack-powered site, the communication channel seems to be broken.”}
[response] => Array
(
[code] => 400
[message] => Bad Request
)

[cookies] => Array
(
)

[filename] =>
)

Jeremy,

Ok thanks for the response. Sounds like I need to disable this security on A2 hosting.

I just checked, and I already have “Login Lockdown” plugin on my site, and I looked and it states it also protects against XMLRPC hacks, so I think I am probably ok with that one and may not need the extra “Disable XML-RPC Pingback” plugin, although I will look at it.

A2 hosting also has a suggestion to also use a plugin called “Rename WP-Login.php” to change the URL to your WordPress login that sounds like it may help as well.

Thanks for all the help.

Regards,

Michael

Jeremy,

Thanks for the additional information.
I will talk to my hosting provider about disabling this feature and implementing those two plugins instead (I already have “Limit Login Attempts” plugin on my site, so it would just be the additional XML-RPC plugin).

However, I also want to see if there is a way to ‘white list’ the wordpress.com IP address from getting blocked.

Is there a specific IP address you use for all of these communications I could provide to them and see if they could do this?

Thanks.

Michael

Jeremy,
Thank you so much for the fast response.
I contacted my hosting provider, A2 Hosting, and this is their reply:
—————————-
Hello,

To help increase server security and stability, a client IP address can be banned temporarily to prevent abuse. This can occur for any of the following reasons:

-Failing to successfully log in to WordPress (the wp-login.php page) ten or more times in 5-minute period. This action results in a 30-minute ban.
-Submitting more than one HTTP POST request in a 60-second period to the WordPress xmlrpc.php file. This action results in a 2-hour ban.

Do you know which feature in Jetpack may have caused the issue, or what you or the site were doing prior the IP being blocked?

We can disable the security feature for your domain but this will remove a layer of security that is used to protect that file and your login page from abuse.

If you have any further questions, please feel free to contact us again.

Thank you for choosing A2 Hosting,
-David P
——–

On my site, I use only the following Jetpack Plugins:
“Related Posts”
“Publicize”
“Jetpack Comments’
“Subscriptions”

Is “Related Posts” the only one that uses XMLRPC?

Could it be exceeding the “more then one posts in 60 second” limit that
A2 hosting has?

I am not crazy about disabling their security feature entirely since it protects my site from hack attacks.

Any other ideas here?

A2 Hosting is a pretty big and reputable hosting firm, so I would think that perhaps you could work with them to “whitelist” your IP address with them for XMLPRC perhaps?

Thanks.

Michael

OK.. Looks like WP Super Cache was definitely part of the issue.
I messed around with the settings, but ended-up just giving up for now and turning it off. I don’t know what is going on with WP Super Cache, but it looks like that between Cloudflare (which I use), Jetpack Related Posts, and WP Super Cache things were conflicting somehow.

So, the related posts are now showing-up on my site.

However, what is strange is that I went to the “Jetpack Debug Center” to try to find problems, and that says:

“There seems to be a problem with your site’s ability to communicate with Jetpack!”

But when I check the “XMLRPC.PHP” page, it says:
“XML-RPC server accepts POST requests only.”
So that looks like that is ok.

But when I click on the orange box to see the full error message, this is what the screen shows below.

So, now I am not sure if it is really working properly or not.

Can you look through the code below and give me some ideas as to what to look for?

Thanks.

Michael

——————————————-

It looks like your site can not communicate properly with Jetpack.
SELF:
Array
(
[headers] => Array
(
[server] => nginx
[date] => Wed, 21 Jan 2015 22:50:18 GMT
[content-type] => text/plain;charset=utf-8
[connection] => close
[x-pingback] => https://jetpack.wordpress.com/xmlrpc.php
[expires] => Wed, 11 Jan 1984 05:00:00 GMT
[cache-control] => no-cache, must-revalidate, max-age=60
[pragma] => no-cache
[x-hacker] => Jetpack Test
)

[body] => {“error”:”Communication error”,”error_description”:”We were unable to make an XML-RPC request to your website. Please make sure that XML-RPC is turned on and that Jetpack is installed, activated and connected with your WordPress.com account.”}
[response] => Array
(
[code] => 400
[message] => Bad Request
)

[cookies] => Array
(
)

[filename] =>
)