We were unable to make an XML-RPC request to your website.

alexus@mm ~ % curl -vXPOST https://youarebetter.com/xmlrpc.php
* Host youarebetter.com:443 was resolved.
* IPv6: 2606:4700:3033::6815:26e0, 2606:4700:3036::ac43:8c3a
* IPv4: 172.67.140.58, 104.21.38.224
*   Trying 172.67.140.58:443...
* Connected to youarebetter.com (172.67.140.58) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=youarebetter.com
*  start date: May 22 21:23:03 2024 GMT
*  expire date: Aug 20 21:23:02 2024 GMT
*  subjectAltName: host "youarebetter.com" matched cert's "youarebetter.com"
*  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1P5
*  SSL certificate verify ok.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://youarebetter.com/xmlrpc.php
* [HTTP/2] [1] [:method: POST]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: youarebetter.com]
* [HTTP/2] [1] [:path: /xmlrpc.php]
* [HTTP/2] [1] [user-agent: curl/8.6.0]
* [HTTP/2] [1] [accept: */*]
> POST /xmlrpc.php HTTP/2
> Host: youarebetter.com
> User-Agent: curl/8.6.0
> Accept: */*
>
< HTTP/2 200
< date: Sun, 26 May 2024 17:48:46 GMT
< content-type: text/xml; charset=UTF-8
< x-powered-by: PHP/8.3.6
< cf-cache-status: DYNAMIC
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOA8a7Bd7lqGdZKrzoufv9s4%2FqcISdSBmxYbgSPYWW67mjhzhwiebCvv%2FLbewapYoz269mBcdp%2BkOtx2C6FF4GneuxWrsWEgHy2pElz5nRNurmeH9W%2Bv%2FlB6C6Ybc0HqT8Ze"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 889f99160f558dde-MIA
< alt-svc: h3=":443"; ma=86400
<
<?xml version="1.0" encoding="UTF-8"?>
<methodResponse>
  <fault>
    <value>
      <struct>
        <member>
          <name>faultCode</name>
          <value><int>-32700</int></value>
        </member>
        <member>
          <name>faultString</name>
          <value><string>parse error. not well formed</string></value>
        </member>
      </struct>
    </value>
  </fault>
</methodResponse>
* Connection #0 to host youarebetter.com left intact
alexus@mm ~ %

Hi @a1exus

Based on the information provided, it seems like your WordPress XML-RPC endpoint is accessible but is returning a fault response. This could be due to an incorrectly formatted request or other issues with the XML-RPC service on your site.

Please check if any security plugins or Cloudflare settings might be blocking or altering XML-RPC requests. Sometimes, security measures might mistakenly identify XML-RPC as a threat and block it.

You can also consult this guide for more detailed troubleshooting steps for XML-RCP problems: XML-RPC and Jetpack.

I would specifically look at the sections on Cloudflare and on the PHP-XML extension as these seem to be relevant to the errors that you are seeing.

Thank you!

• This reply was modified 10 months ago by Bruce (a11n).

hey Bruce, i appreciate your trying to help me ??

the guide that you referring to me comes down to this tool Debug – Jetpack Tools

and while xmlrpc.php seems to be responding just fine using curl

alexus@mm ~ % curl -vIXPOST https://youarebetter.com/xmlrpc.php
* Host youarebetter.com:443 was resolved.
* IPv6: (none)
* IPv4: 104.21.38.224, 172.67.140.58
*   Trying 104.21.38.224:443...
* Connected to youarebetter.com (104.21.38.224) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=youarebetter.com
*  start date: May 22 21:23:03 2024 GMT
*  expire date: Aug 20 21:23:02 2024 GMT
*  subjectAltName: host "youarebetter.com" matched cert's "youarebetter.com"
*  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1P5
*  SSL certificate verify ok.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://youarebetter.com/xmlrpc.php
* [HTTP/2] [1] [:method: POST]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: youarebetter.com]
* [HTTP/2] [1] [:path: /xmlrpc.php]
* [HTTP/2] [1] [user-agent: curl/8.6.0]
* [HTTP/2] [1] [accept: */*]
> POST /xmlrpc.php HTTP/2
> Host: youarebetter.com
> User-Agent: curl/8.6.0
> Accept: */*
>
< HTTP/2 200
HTTP/2 200
< date: Mon, 27 May 2024 18:49:23 GMT
date: Mon, 27 May 2024 18:49:23 GMT
< content-type: text/xml; charset=UTF-8
content-type: text/xml; charset=UTF-8
< x-powered-by: PHP/8.3.6
x-powered-by: PHP/8.3.6
< cf-cache-status: DYNAMIC
cf-cache-status: DYNAMIC
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FXoDzIngRe9HogmYnIBa9spSxAD%2B7hC2qdEQeeg4B6L8EeJda4UvQw8ugv2LJS8w2pNOfhBQMo13UvRnUmdkOoYz3V6t6r6ZWx1St1zUJ%2BhPGF%2BaZfk421ewSR7YQEvLUFe"}],"group":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FXoDzIngRe9HogmYnIBa9spSxAD%2B7hC2qdEQeeg4B6L8EeJda4UvQw8ugv2LJS8w2pNOfhBQMo13UvRnUmdkOoYz3V6t6r6ZWx1St1zUJ%2BhPGF%2BaZfk421ewSR7YQEvLUFe"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
server: cloudflare
< cf-ray: 88a82f3efc3b9ae6-MIA
cf-ray: 88a82f3efc3b9ae6-MIA
< alt-svc: h3=":443"; ma=86400
alt-svc: h3=":443"; ma=86400

<
* Connection #0 to host youarebetter.com left intact
curl: (8) Weird server reply
alexus@mm ~ %

the Jetpack Debug seems to think otherwise, and because of that I’m unable to activate Jetpack plugin using my fresh vanilla wordpress installation, while cloudflare plugin is activated and php-xml is installed.

oh and Use Jetpack and Cloudflare on your WordPress?site – the very first step in this guide has been deprecated by Cloudflare.

<strong class=””>Page Rules are deprecated. You should consider alternative?Rules?options due to their enhanced configurability. Refer to?the migration guide?for details.

Page Rules migration guide · Cloudflare Rules docs

Hi @a1exus,

Thanks for sharing that. It looks that indeed the first step was deprecated, are you able to use the alternative rules instead? You can whitelist our IP ranges that can be found here.

Meanwhile, I noticed that your website loads through HTTP and HTTPS, which isn’t ideal considering you should force HTTPS into it.

To solve this issue, I would recommend that you change your site’s URL to?HTTPS?(you can do so under Settings > General in your dashboard), and then ask your host for help redirecting all traffic from HTTP to HTTPS.

Let us know how this goes along with adding rules to CF.

i’m a bit confused with new “Rules” page, as when I tried to add my rule

(starts_with(http.request.uri.path, "/wp-login.php")) or (starts_with(http.request.uri.path, "/wp-admin")) or (starts_with(http.request.uri.path, "/xmlrpc.php")) or (starts_with(http.request.uri.path, "/wp-json/")) or (starts_with(http.request.uri.path, "/jetpack/v4/")) or (starts_with(http.request.uri.path, "/wpcom/v2/"))

there is no place for me to add any of IPs, the only thing I get to choose from is:
– Automatic HTTPS Rewrites – Turn on or off the Cloudflare Automatic HTTPS Rewrites feature available in SSL/TLS > Edge Certificates tab.
– Auto Minify Deprecated – Select which file extensions to minify automatically.
– Browser Integrity Check – Turn on or off the Browser Integrity Check feature available in Security > Settings tab.
– Disable Apps – Turn off all active Cloudflare Apps.
– Disable Real User Monitoring (RUM) – Turn off collecting page load performance information from browsers used by Analytics & Logs > Web Analytics feature.
– Disable Zaraz –
– Hotlink Protection – Turn on or off the Hotlink Protection feature of the Cloudflare Scrape Shield app.
– Email Obfuscation – Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
– Fonts – Turn on or off the Cloudflare Fonts feature that rewrites Google Fonts to be delivered from a website’s own origin, eliminating the need to rely on third-party font providers.
– Opportunistic Encryption – Turn on or off the Cloudflare Opportunistic Encryption feature available in SSL/TLS > Edge Certificates tab.
– Rocket Loader – Turn on or off the Cloudflare Rocket Loader feature in the Cloudflare Speed app.
– Security Level – Configure the Security Level setting available in Security > Settings tab.
– Server Side Excludes (optional)Deprecated – Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
– SSL (optional) – Configure SSL settings available in SSL/TLS > Overview tab.

unless I’m missing something, neither seems relevant to me..

REF: https://developers.cloudflare.com/rules/configuration-rules/

yet “Cache Rules” in CloudFlare may be what I’m looking for..

REF: https://developers.cloudflare.com/cache/how-to/cache-rules/

I configure cache rule

(starts_with(http.request.uri.path, "/wp-login.php")) or (http.request.uri.path contains "/wp-admin") or (http.request.uri.path contains "/xmlrpc.php") or (http.request.uri.path contains "/wp-json/") or (http.request.uri.path contains "/jetpack/v4/") or (http.request.uri.path contains "/wpcom/v2/")

and then “Bypass cache”

oh and where did you say you saw my site is using http instead of https ?

• This reply was modified 9 months, 4 weeks ago by a1exus.
• This reply was modified 9 months, 4 weeks ago by a1exus.

i’ve tried with developer mode enabled (to bypass caching all together) yet i still get

An error occurred. Please try again.

Hi @a1exus –

I just tested the Jetpack connection to your site and it is now working:

https://jptools.wordpress.com/debug/?url=https%3A%2F%2Fyouarebetter.com%2F

Additionally, there are no issues with HTTP/HTTPS. At present, everything is redirecting to HTTPS. Can you confirm that everything is working on your end?

Please also note that beyond sharing our general documentation for configuring Jetpack and Cloudflare, we aren’t able to assist with Cloudflare configuration.

Hello @a1exus,

It’s been one week since this topic was last updated. I’m going to mark this thread as solved. If you have any further questions or need more help, you’re welcome to open another thread here. Cheers!