Jetpack 406 Error: Site Inaccessable

Avatar
  • Answered
I was doing some troubleshooting on a separate problem and deactivated all of my plugins. I got that problem sorted out and reactivated all the non-problem causing plugins. When I went to reconnect jetpack to wordpress, it gave me a 406 Site Inaccessible error.

I went through and disabled all but jetpack again, that didn't work.

So other steps I took:

I looked at my .htaccess, pretty standard W3TC stuff and nothing else.
I checked http://jetpack.me/support/debug/?url=http://mmainsider.net it says it can't make an xml-rpc request.

I checked mmainsider.net/xmlrpc.php and it seems to be working just fine, I checked the source to be sure I didn't have an extra hidden line, I don't.

I went to jetpack support, it said to ask you guys.
Avatar
JacobIMH
Hello DFordMMA, and thanks for the question. It looks like you are triggering one of our internal ModSecurity rules setup on the server to block requests that say they are from JetPack, but don't match their IP ranges. I have a guide on how to find and disable specific ModSecurity rules which you would be able to do with root access to your VPS. You could also submit a verified ticket in order for us to disable this for you. If you're going about it that way, here is the ModSecurity rule number 13511 getting triggered that you'd want to request being disabled on your VPS:

Pattern match "jetpack" at ARGS:for. [file "/usr/local/apache/conf/modsec-imh/40_wordpress.conf"] [line "26"] [id "13511"] [msg "Request for WordPress XML-RPC not from Jetpack API IP"]

I believe the issue that you're having is that because your website is using CloudFlare when a POST attempt comes from JetPack it looks like CloudFlare instead. So this rule might have to be updated to also allow CloudFlare IP ranges to make POST attempts for JetPack. Please let us know here publicly if getting this ModSecurity rule disabled on your VPS solves the problem so others will know to do the same thing if they stumble onto this question. - Jacob
Avatar
Sommers
Same problem her. The solution we found after disabling all plugins, disabling mod security rules was to temporarily suspend cloudflare then activate jetpack. After that all was right on the world again