Jetpack bug (resolve DNS)

  • blackhold

    (@blackhold)


    8 years ago

    Hi,
    We’ve found a bug in jetpack plugin.

    We’re using a wordpress with multisite. For security reasons we have wordpress behind an nginx proxy (all websites are served as https with trusted letsencrypt certificates), and wordpress is hosted with apache without https.

    First we tried to activate both configurations in wp-config.php

    define( ‘JETPACK_SIGNATURE__HTTPS_PORT’, 80 );
    #$_SERVER[‘SERVER_PORT’] = 443;

    The one worked some times was the first (we’ve read not to activate both at time). But this solution worked only some times, and we found that jetpack plugin got troubles to connecting to our blogs.

    Finally we have meet the problem:

    # curl -v “https://jetpack.wordpress.com/jetpack.testsite/1/?url=https://wp.lamardebits.org/xmlrpc.php”
    * Hostname was NOT found in DNS cache
    * Trying 192.0.78.26…
    * Connected to jetpack.wordpress.com (192.0.78.26) port 443 (#0)
    * successfully set certificate verify locations:
    * CAfile: none
    CApath: /etc/ssl/certs
    * SSLv3, TLS handshake, Client hello (1):
    * SSLv3, TLS handshake, Server hello (2):
    * SSLv3, TLS handshake, CERT (11):
    * SSLv3, TLS handshake, Server key exchange (12):
    * SSLv3, TLS handshake, Server finished (14):
    * SSLv3, TLS handshake, Client key exchange (16):
    * SSLv3, TLS change cipher, Client hello (1):
    * SSLv3, TLS handshake, Finished (20):
    * SSLv3, TLS change cipher, Client hello (1):
    * SSLv3, TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
    * Server certificate:
    * subject: OU=Domain Control Validated; CN=*.wordpress.com
    * start date: 2015-09-06 16:52:41 GMT
    * expire date: 2018-10-14 11:29:26 GMT
    * subjectAltName: jetpack.wordpress.com matched
    * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=https://certs.godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority – G2
    * SSL certificate verify ok.
    > GET /jetpack.testsite/1/?url=https://wp.lamardebits.org/xmlrpc.php HTTP/1.1
    > User-Agent: curl/7.38.0
    > Host: jetpack.wordpress.com
    > Accept: */*
    >
    < HTTP/1.1 400 Bad Request
    * Server nginx is not blacklisted
    < Server: nginx
    < Date: Sun, 13 Nov 2016 19:26:30 GMT
    < Content-Type: text/plain;charset=utf-8
    < Transfer-Encoding: chunked
    < Connection: keep-alive
    < Expires: Wed, 11 Jan 1984 05:00:00 GMT
    < Cache-Control: no-cache, must-revalidate, max-age=60
    < X-hacker: Jetpack Test
    < X-ac: 3.lhr _dca
    < Strict-Transport-Security: max-age=15552000
    <
    * Connection #0 to host jetpack.wordpress.com left intact
    {“error”:”Can not resolve your domain \”A record\””,”error_description”:”We were unable to resolve the A record for your domain. It is likely that you have recently registered your domain name. It takes several hours for new or transferred domain names to start working, so please come check back later. If you’re still having the same error after 48 hours, please contact your web hosting provider.”}

    How we resolved? so putting our subdomain as A, not as CNAME.

    So, I don’t know it’s a bug or is needed to ask for allow CNAME subdomains, for allowing domains in multisite wordpress as CNAME. I think this will be helpful to other users behind proxy and insite a multisited wordpress.

    Thanks you much

Viewing 5 replies - 16 through 20 (of 20 total)
  • Thread Starter blackhold

    (@blackhold)

    OK, is JETPACK_CLIENT__HTTPS or JETPACK_CLIENT_HTTPS ?

    And what about these other lines?

    
define( 'JETPACK_SIGNATURE__HTTPS_PORT', 80 );
#$_SERVER['SERVER_PORT'] = 443;
    Thread Starter blackhold

    (@blackhold)

    Also, now I find that for example it doesn’t loads wordpress stats. I tried with main site and with an other site inside the farm.

    And appears this message on top:

    You, lamardebits, are not connected to WordPress.com. Link to WordPress.com

    • This reply was modified 7 years, 11 months ago by blackhold.
    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic ??

    It’s JETPACK_CLIENT__HTTPS.

    And what about these other lines?

    Those are related to incoming connections to your site, so they’re not related to that issue.

    now I find that for example it doesn’t loads wordpress stats.

    That could indeed be expected, as Jetpack needs to make a request to dashboard.wordpress.com to get your latest stats.

    And appears this message on top:

    You, lamardebits, are not connected to WordPress.com. Link to WordPress.com

    That’s because the admin you’re connected with is not linked to WordPress.com. You most likely connected Jetpack when using another admin account on the site.

    Thread Starter blackhold

    (@blackhold)

    Those are related to incoming connections to your site, so they’re not related to that issue.

    OK, I understand ??

    That could indeed be expected, as Jetpack needs to make a request to dashboard.wordpress.com to get your latest stats.

    OK, so then I understand that I have to wait ?? If I go to old stats then it appears stats.

    That’s because the admin you’re connected with is not linked to WordPress.com. You most likely connected Jetpack when using another admin account on the site.

    OK, I tried with an other blog that I know the user is less experiencied as the other blog user and message doesn’t appears.

    Thanks you much ??

    I spect no more posts… I’ll tell you in a few days ??

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic ??

    then I understand that I have to wait ?? If I go to old stats then it appears stats.

    I’m afraid waiting won’t help. To solve the issue you’ll need to either allow your WordPress site to make outgoing HTTPS requests, or all Jetpack to make outgoing HTTP requests instead of using HTTPS, thanks to the constant I mentioned above.

Viewing 5 replies - 16 through 20 (of 20 total)
  • The topic ‘Jetpack bug (resolve DNS)’ is closed to new replies.

Tags