Replies: 0
My host’s firewall is blocking connection to Jetpack. Previously it would only deny access to xmlrpc.php with the following error:
Error Details: The Jetpack server was unable to communicate with your site http://www.abiliopereirareis.pt [IXR -32300: transport error: http_request_failed Empty reply from server]"
They say xmlrpc is blocked for security reasons.
Now the firewall leaves me completely blocked from accessing my website for 5 minutes, whenever I try to connect Jetpack to wordpress.com.
My host has logged the error and tells me it’s an AJAX cURL request which could be a security breach. They gave me 2 options:
1. I remove Jetpack
2. They disable this safety measure on the firewall which could be used by a hacker to invade my website.
But I do want to use Jetpack.
What should I do? Is it as dangerous as they say? I have used Jetpack on 2 other hosts and everything worked well.
Here’s the log they sent me:
http_status 302
http_method GET
meta_logdata Matched Data: cURL found within REQUEST_FILENAME: /wp-admin/
host www.abiliopereirareis.pt
meta_id 211000
timezone 60
ip 94.**.***.201
justification Match of "contains /ajax.php/imp/sendmessage" against "REQUEST_FILENAME" required.
id 321596
meta_severity CRITICAL
action_desc Access denied with code 403 (phase 2).
path /wp-admin/
meta_line 14
http_version HTTP/1.1
meta_msg COMODO WAF: System Command Injection||www.abiliopereirareis.pt|F
meta_rev 2
Thanks in advance for the help.