Support » Requests and Feedback » Is wordpress.org restricting visits from China region?

  • Resolved hexuxin

    (@hexuxin)


    Hi there,

    When I go to upgrade to WordPress 5.2.4, and see it’s release notes, but found the website return HTTP 429 (Too Many Requests). It’s my first time to visit today. So it’s impossible to say visiting frequently, then I found all China region is restricting as HTTP 429:

    http://www.17ce.com/site/http/20191018_55ae4a50f18911e9ab8c05c7fa0e7c63:1.html

    The people in China could be hard to download new version WordPress. I sad to see WordPress.org restricting visits from China, and wonder why. I hope it will be fixed.

    Detail information:

    $ curl -v https://wordpress.org
    *   Trying 198.143.164.252...
    * TCP_NODELAY set
    * Expire in 200 ms for 4 (transfer 0x55a96b399f50)
    * Connected to wordpress.org (198.143.164.252) port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    * successfully set certificate verify locations:
    *   CAfile: none
      CApath: /etc/ssl/certs
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    * TLSv1.3 (IN), TLS handshake, Server hello (2):
    * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
    * TLSv1.3 (IN), TLS handshake, Certificate (11):
    * TLSv1.3 (IN), TLS handshake, CERT verify (15):
    * TLSv1.3 (IN), TLS handshake, Finished (20):
    * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
    * TLSv1.3 (OUT), TLS handshake, Finished (20):
    * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
    * ALPN, server accepted to use h2
    * Server certificate:
    *  subject: OU=Domain Control Validated; CN=*.wordpress.org
    *  start date: Nov  6 17:42:01 2017 GMT
    *  expire date: Dec 15 20:11:21 2020 GMT
    *  subjectAltName: host "wordpress.org" matched cert's "wordpress.org"
    *  issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certs.godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority - G2
    *  SSL certificate verify ok.
    * Using HTTP2, server supports multi-use
    * Connection state changed (HTTP/2 confirmed)
    * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
    * Using Stream ID: 1 (easy handle 0x55a96b399f50)
    > GET / HTTP/2
    > Host: wordpress.org
    > User-Agent: curl/7.64.0
    > Accept: */*
    > 
    * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
    * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
    * old SSL session ID is stale, removing
    * Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
    < HTTP/2 429 
    < server: nginx
    < date: Fri, 18 Oct 2019 11:29:11 GMT
    < content-type: text/html
    < content-length: 162
    < 
    <html>
    <head><title>429 Too Many Requests</title></head>
    <body>
    <center><h1>429 Too Many Requests</h1></center>
    <hr><center>nginx</center>
    </body>
    </html>
    * Connection #0 to host wordpress.org left intact
    • This topic was modified 8 months, 2 weeks ago by Jan Dembowski.
    • This topic was modified 8 months, 2 weeks ago by Jan Dembowski. Reason: Moved to Everything else WordPress, this is not a Requests and Feedback topic
Viewing 14 replies - 1 through 14 (of 14 total)
  • Moderator Yui

    (@fierevere)

    ゆい

    Here are no region restrictions.
    Most likely here are too many requests from this IP address recently, therefore you’re hitting ratelimit.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    See https://www.nginx.com/blog/rate-limiting-nginx/ for more information.

    It is not that any region is blocked, as Yui says it’s a protection on the web servers. Wait and try again and you should be fine.

    Hi @yui @jdembowski

    Thanks for your reply.

    I know ngx_http_limit_req_module is useful nginx module for rate limiting, but it’s hard to believe that most of China are restricted[1]. Much looks like geographical blocking with IP Geolocation Database[2], and it returns HTTP 429 rather than HTTP 403.

    I also see that some posts in Chinese forum complain they can’t visit WordPress.org:

    https://www.v2ex.com/t/610269

    English Translation: https://translate.google.com/translate?sl=zh-CN&tl=en&u=https%3A%2F%2Fwww.v2ex.com%2Ft%2F610269
    https://www.hostloc.com/thread-597309-1-1.html

    [English Translation: https://translate.google.com/translate?sl=zh-CN&tl=en&u=https%3A%2F%2Fwww.hostloc.com%2Fthread-597309-1-1.html]

    [1] An online ping website show that its probe in many Chinese locations are restricting as “429”, see “Http状态”(HTTP status code) on the table: http://www.17ce.com/site/http/20191019_fb43e0f0f26111e9ab8c05c7fa0e7c63:1.html

    [2] ngx_http_geoip_module with MaxMind databases could do this: https://nginx.org/en/docs/http/ngx_http_geoip_module.html;
    Nginx Plus also provides a similar feature: https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-by-geoip/

    • This reply was modified 8 months, 2 weeks ago by hexuxin. Reason: correct the typo

    虽然我不是处女座,但是后台不能更新,还得手动更新,很不爽啊~~

    This problem has not been solved so far,Now most Chinese users need VPN to access wordpress.org

    Not helpful at all. It’s so frustrating for all Chinese Users.
    Recently I set up several wordpress sites on Tencent Cloud, all comes into problems of updating wordpress, as well as installing plugins.

    Please, let wordpress.org know and solve the problem.

    (@fierevere)

    May need to contact Automattic or WordPress Foundation to solve the problem

    Moderator Marius L. J.

    (@clorith)

    Hi,

    This is understandably frustrating, I’ve requested an updated status on the situation, and will get back to you once I’ve heard back, but just to quote my self, so you all have the same information as me at this time:

    There’s an ongoing issue with a lot of malicious traffic originating from the Chinese region. This is making the WordPress.org security systems limit connectivity from affected areas, and unfortunately also negatively affecting legitimate users.

    We’re actively monitoring the situation, and are looking into ways to remedy this for real users, but due to how internet traffic is routed it’s not something that is likely solved quickly.

    This problem still exists now for Chinese wordpress admin users. Currently some wordpress plugin developers have developed new plugin (based on proxy) to solve this issue temporarily. For example, [wp-china-yes](https://github.com/sunxiyuan/wp-china-yes/).

    Thank you@clorith/,Although the update problem can be solved through the plug-in, the problem of inaccessibility to wordpress.org still exists. If you cannot access wordpress.org, downloading wordpress will become a big problem. Not all Chinese users have vpn

    Hope this problem can be solved soon

    We are having the same issue here on our servers located in Shanghai and its not possible to update WordPress or any plugins since weeks. I hope there will be a solution soon!

    hexuxin

    (@hexuxin)

    Consider this problem is solved and mark as resolved.

Viewing 14 replies - 1 through 14 (of 14 total)
  • You must be logged in to reply to this topic.