Support » Plugin: iThemes Security (formerly Better WP Security) » iTheme Security Update KILLED Emails to Post, Jetpack

  • Now that we have this update in place, we can no longer add attachments to our emails for posts. We get back an error message from Jetpack stating the following:

    Some attachments were rejected from the following Post by Email:
    – Police Activity Blotter.pdf – Invalid response from the Jetpack site

    I can only get the feature to work if I disable iTheme Security completely.

    Any solution ideas?


Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author iThemes


    We’d definitely appreciate more details about this bug so we can explore further.

    Not sure what more to provide you.

    I use Jetpack’s email to post feature. As is customary, I email my post text and attachment to the specially created email address from Jetpack. Jet pack then uploads the file(s) to my media section, creates my post, and attached the download files as links within the page.

    Now, turn iTheme Security on, Post succeeds, attachment fails.

    Any update for this issue?

    I don’t work for iThemes or JetPack, but make sure you don’t have the XML-RPC option disabled. There’s a checkbox in the Settings tab. JetPack uses XML-RPC to communicate with your blog, so if that’s disabled then you’ll probably get errors with JetPack.

    In a properly set up site, should show “XML-RPC server accepts POST requests only.” and should show some XML

    In a misconfigured site, both URLs will show “XML-RPC server accepts POST requests only.”


    Just in case is useful for somebody.

    I publish by email with Jetpack, and one day start to give me error with the atached images don’t show them in the post.

    I don’t remember the day before I was touching one security plugin “Sucuri”.
    So I deactivate this plugin, and Jetpack works good again and the atached images are showed on the posts. Maybe if is not Sucuri you may touch something in a Security Plugin?

    The thing was that in the “Hardening” setting of Sucuri I hardening this option “Restrict wp-content access”. And this option create one .htacces file on the wp-content folder and inside this .htacces is this code:
    <Files *.php>
    deny from all

    I delete this .htacces (as Sucuri says if you have problem with images not displaying) in wp-content and the images are showed again.


    Careful with this option in Sucuri:

    Restrict wp-content access

    This option blocks direct PHP access to any file inside wp-content. If you experience any issue after this with a theme or plugin in your site, like for example images not displaying, remove the .htaccess file located in the content directory.

    Note: Many (insecure) themes and plugins use a PHP file in this directory to generate images like thumbnails and captcha codes, this is intentional so it is recommended to check your site once this option is enabled.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘iTheme Security Update KILLED Emails to Post, Jetpack’ is closed to new replies.