• Resolved nbonniot2

    (@nbonniot2)


    Hello,

    I got some problems regarding xmlrpc.php access : although I enabled XMLRPC access, I still got 403 sometimes on regular access. As a second step, I authorized recently multiple account connections. So a few questions :

    • Can I whitelist IPs for total and transparent access to xmlrpc.php file ?
    • When I enable everything when it comes to XMLRPC, is it equal to total access (i.e. without plugin) ?

    Is this a bug or expected behavior ?

    Thanks for your answer,

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support Shalom Taiwo

    (@shalomt)

    Hi @nbonniot2,

    403 errors can be caused by different things. It is also not recommended to use the “Multiple Authentication”

    I’ll suggest disabling the XMLRPC Multiple Authentication then, double-check and make sure that your IP address is added to the “Authorized Host” list? This can be found at Configure ⇉ Global Settings ⇉ Authorized Host.

    Please let me know how it goes and how I can be of further assistance.

    Best regards,
    Shalom

    Thread Starter nbonniot2

    (@nbonniot2)

    Thank you @shalomt for your quick reply.

    I will give a try on this way as soon as I will get the offending IP. Just to be sure, when IP is added in this textarea it will be whitelisted for all plugin modules ?

    The checkbox above is just sugar for automatically adding administrators’IP isn’t-it ? Or did I miss the point here ?

    Plugin Support Shalom Taiwo

    (@shalomt)

    @nbonniot2

    The IPs added to the “Authorized IP” box are IPs that are whitelisted from being blocked by the iThemes Security plugin.

    The checkbox above is just sugar for automatically adding administrators’IP isn’t-it ? Or did I miss the point here ?

    Could you please elaborate on this question?

    Looking forward to your response.

    Thread Starter nbonniot2

    (@nbonniot2)

    @shalomt

    When you stated

    The IPs added to the “Authorized IP” box are IPs that are whitelisted from being blocked by the iThemes Security plugin.

    Do we agree that it applies to every module that can be concerned (bruteforce, 404 detection…) ?

    Regarding the second part, the textearea to write whitelisted IPs is surrounded by a checkbox indicated that if checked, all connected administrators will see theirs IPs automatically added to whitelist during 24h.

    I find it a bit confusing because it might lead to understand that only administrators IP are wlecomed here. My question was for clearing this off. Do you confirm ?

    Plugin Support Shalom Taiwo

    (@shalomt)

    Hi @nbonniot2

    Do we agree that it applies to every module that can be concerned (bruteforce, 404 detection…) ?

    That’s correct.

    I find it a bit confusing because it might lead to understand that only administrators IP are wlecomed here.

    Not at all. This means if any Adminitrator whose IP is not added to the textarea accesses the site, their IP will be Authorized automotically for 24hrs. However, you can still add any other IP addresses as preferred.

    Please let me know if this helps.

    Plugin Support Shalom Taiwo

    (@shalomt)

    Hi there,

    I hope the information provided helped resolve your issues. Given that we have not received a response, I will mark this post as resolved. If you still need some assistance, please feel free to open a new support topic, and we would be happy to assist.

    Thank you!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘403 on xmlrpc.php even when authorized’ is closed to new replies.