Error xmlrpc.php in firewall.php

  • Resolved sergialarconrecio

    (@sergialarconrecio)


    6 years, 7 months ago

    I found an error in the plugin that causes the xmlrpc.php file of 401 Unauthorized and does not connect vien to jetpack.

    The error is in public_html / wp-content / plugins / ninjafirewall / lib / firewall.php and removed the code that the file xmlrpc.php then works and gives the phrase that the file has to give as explained by wordpress since it is the jetpack credoir “XML-RPC server accepts POST requests only.”

    code removed from firewall.php is:

    if ( strpos($_SERVER['SCRIPT_NAME'], 'wp-login.php' ) !== FALSE ) {
	nfw_bfd(1);
} elseif ( strpos($_SERVER['SCRIPT_NAME'], 'xmlrpc.php' ) !== FALSE ) {
	// Only POST requests are allowed:
	if ( isset( $_SERVER['REQUEST_METHOD'] ) && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
		// ret_code, ret_message etc aren't defined because
		// we didn't load the firewall configuration yet:
		$nfw_['nfw_options']['ret_code'] = '401';
		nfw_log('XMLRPC API: unauthorized REQUEST_METHOD', "REQUEST_METHOD: {$_SERVER['REQUEST_METHOD']}", 2, 0);
		header('HTTP/1.0 401 Unauthorized');
		exit('401 Unauthorized');
	}
	nfw_bfd(2);
}

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter sergialarconrecio

    (@sergialarconrecio)

    Please, I hope that the next update this parameter will be eliminated if it will not work well either when activating the deactivation of the WordPress XML-RPC API in Firewall Policies.

    Plugin Author nintechnet

    (@nintechnet)

    Can you show me the line in the firewall log that shows why JetPack was blocked?

    The code you disabled is the brute-force protection. When using Jetpack, disable the “Apply the protection to the xmlrpc.php script as well.” in the “Login Protection” page and it should work.

    Thread Starter sergialarconrecio

    (@sergialarconrecio)

    The option that you tell me to turn off does not work either, because without being automatically activated xmlrpc.php puts it in 401 Unauthorized, it is that it is installing the plugin and activating it and blocking it without even having configured the “Login Protection” section. That is why I had than removing the code that I mentioned earlier

    And the line that shows the registry of the firewall that you ask me is:

    20/Aug/18 13:55:50  #8962950  HIGH         -  172.68.94.4      GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:55:52  #5151170  HIGH         -  172.68.94.4      GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:56:47  #5812888  HIGH         -  172.68.94.76     GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:56:50  #3635722  HIGH         -  172.68.94.76     GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:25  #4600903  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:26  #7050077  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:27  #7771786  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:28  #3876815  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:29  #6243467  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:30  #5544253  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:31  #4873342  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 13:59:32  #6017299  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:00:59  #7701280  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:01:00  #2148022  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:01:01  #4927085  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:01:03  #4577155  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:25:57  #1143622  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:25:58  #3440342  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:29:04  #3311450  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:29:05  #8774756  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:29:44  #8658271  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:40:11  #3405796  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:44:13  #5157241  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:44:14  #3715250  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:44:15  #5569072  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:44:16  #3963899  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:44:19  #5576730  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:47:12  #8796215  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:47:13  #3081414  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:47:15  #3969936  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:50:02  #4948780  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 14:50:04  #5710504  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:02:02  #8304860  HIGH         -  172.68.94.4      GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:02:03  #1747604  HIGH         -  172.68.94.4      GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:02:05  #5535340  HIGH         -  172.68.94.4      GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:06:20  #8778760  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:06:21  #4353699  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:14:20  #7182656  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:14:21  #8308489  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:14:22  #1228146  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:14:25  #5952947  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:21:54  #3812616  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:21:55  #6516535  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:22:44  #4671756  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:22:46  #6733507  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:22:47  #4428265  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:26:43  #4498171  INFO         -  172.68.94.xxx    POST /wp-login.php - Logged in user - [[email protected] (administrator)] - sainformatica.com.es
20/Aug/18 15:34:22  #3995136  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:47:35  #6646989  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 15:47:39  #2797335  HIGH         -  172.68.94.106    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
20/Aug/18 16:38:53  #1116604  HIGH         -  172.68.94.214    GET /xmlrpc.php - XMLRPC API: unauthorized REQUEST_METHOD - [REQUEST_METHOD: GET] - sainformatica.com.es
    Plugin Author nintechnet

    (@nintechnet)

    I see.
    It’s very strange that it connects to the XMLRPC using the GET method because only the POST one is allowed.
    I will check in the next release how to change this or make it optional.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Error xmlrpc.php in firewall.php’ is closed to new replies.