Jetpack and Modsecurity

Hi there,

What is your site URL? It is possible to use ModSecurity with Jetpack, but you’ll need to be particular about the rules that you use. As long as there are no blocks on the xmlrpc.php file or on the site’s API, you shouldn’t have any troubles. I want to check debug to see if that is the culprit. If so, we would recommend you contacting your host provider to see if they are blocking API calls to XMLRPC.

Let me know, thanks!

It’s definitely the culprit because it started working correctly as soon as I disabled ModSecurity. Is there anyway of sending you the URL privately as I don’t wish to advertise my unsecure website to the world.

• This reply was modified 5 years, 11 months ago by philsafc.

If you’d like to share the URL privately, please contact us via https://jetpack.com/contact-support/?rel=support

However, I don’t think that will help. With mod_security, it’s more about finding the specific rule that’s catching us. The best way to do that is to troubleshoot switching off rules in chunks. If you find a chunk that suddenly works, start checking each individual rule in that chunk for the one blocking us.

Alternatively, you can whitelist these IP addresses:

122.248.245.244
54.217.201.243
54.232.116.4

and this range: 192.0.64.0/18

Please note that we are constantly adding new hardware to our network to keep up with demand on our services. This means that these IP addresses could change (or be added to) at any time, and is why we discourage restricting XML-RPC access to specific IP addresses only.