Support » Plugin: Health Check & Troubleshooting » Loopback-Request Error 401 + updates prevented by disabling wp_version_check()

  • Resolved decentris

    (@decentris)


    Hi Marius,

    I think this is an issue, which you might have heard already a view times and I also tried to follow all the tickets, which described similar, but no success, so I decided to write:

    I have this WP 4.9 issue of the plugin and theme editor not allowing to alter php-files. Due to reccommendations out of the internet I installed the Healt Check and got these 2 errors:

    “Background updates: A plugin has prevented updates by disabling wp_version_check().”

    “Loopback request: The loopback request returned an unexpected status code, 401, this may affect tools such as WP_Cron, or theme and plugin editors.”

    I activated troubleshoot-mode and tried again. Same errors.

    I deactivated trouble-shoot-mode and started testing by step-by-step deactivating all the plugins. Same again. Even when all plugins despite Healt Check were deactivated.

    Concerning the “Loopback”-Issue: I host on a VPS, which is owned by me and which I can configure via WHM/Cpanel however I like.

    But I kept searching and searching the internet for this “401 Loopback”-Error and did find things like, allow furl_open or activate the alternate_cron-feature in wp-config.php. I tried all this stuff, but no success, still the same Loopback and also the wp_version_check() – error.

    So I gave up and hope, you may be able to help me here.

    This is my configuration:

    
    WordPress
    Version	4.9.8
    Language	en_US
    Home URL	http://blackstone.sale
    Site URL	http://blackstone.sale
    Permalink structure	/%year%/%monthnum%/%day%/%postname%/
    Is this site using HTTPS?	No
    Can anyone register on this site?	No
    Default comment status	open
    Is this a multisite?	No
    User Count	1
    Communication with WordPress.org	WordPress.org is reachable
    <strong>Create loopback requests	The loopback request returned an unexpected status code, 401, this may affect tools such as WP_Cron, or theme and plugin editors.</strong>
    
    Installation size
    Uploads Directory	203.26 MB
    Themes Directory	27.14 MB
    Plugins Directory	281.91 MB
    Database size	16.59 MB
    Whole WordPress Directory	702.64 MB
    Total installation size	719.23 MB
    
    Active Theme
    Name	Twenty Seventeen
    Version	1.7
    Author	the WordPress team
    Author website	https://wordpress.org/
    Parent theme	Not a child theme
    Supported theme features	automatic-feed-links, title-tag, post-thumbnails, menus, html5, post-formats, custom-logo, customize-selective-refresh-widgets, editor-style, starter-content, custom-header, widgets
    
    Other themes (4)
    Cryption Child (cryption-child)	Version 1.0 by Codex Themes.
    Cryption (cryption)	Version 1.0.5.1 by Codex Themes
    Twenty Fifteen (twentyfifteen)	Version 2.0 by the WordPress team
    Twenty Sixteen (twentysixteen)	Version 1.5 by the WordPress team
    
    Must Use Plugins (1)
    Health Check Troubleshooting Mode	Version 1.5.0
    
    Active Plugins (1)
    Health Check & Troubleshooting	Version 1.2.1 by The WordPress.org community
    
    Inactive Plugins (60)
    Advanced Custom Fields Multilingual	Version 0.7 by OnTheGoSystems
    Akismet Anti-Spam	Version 4.0.8 by Automattic
    Classic Editor	Version 0.4 by WordPress Contributors
    CodexThemes Elements	Version 1.0.4 by Codex Themes
    Codex Themes Import	Version 1.0.4 by Codex Themes
    Contact Form 7	Version 5.0.3 by Takayuki Miyoshi
    Easy Forms for MailChimp	Version 6.4.5 by YIKES, Inc.
    EthereumICO	Version 1.9.0 by ethereumicoio
    File Manager Advanced	Version 1.6 by modalweb
    Hello Dolly	Version 1.7 by Matt Mullenweg
    Hide Admin Bar From Non-admins	Version 1.0 by Stranger Studios
    Import Users from CSV	Version 1.0.0 by Ulrich Sossou
    MailChimp for WordPress	Version 4.2.4 by ibericode
    Paid Memberships Pro	Version 1.9.5.3 by Stranger Studios
    Paid Memberships Pro - Add Member Admin	Version .4 by Stranger Studios
    Paid Memberships Pro - Add Name to Checkout Add On	Version .3.1 by Stranger Studios
    Paid Memberships Pro - Affiliates Add On	Version .3 by Stranger Studios
    Paid Memberships Pro - Approvals Add On	Version 1.0.4 by Stranger Studios
    Paid Memberships Pro - Developer's Toolkit	Version .5 by Stranger Studios
    Paid Memberships Pro - Donations	Version .4 by Paid Memberships Pro
    Paid Memberships Pro - Download Monitor Integration Add On	Version .2.1 by Stranger Studios
    Paid Memberships Pro - Email Confirmation Add On	Version .4 by Stranger Studios
    Paid Memberships Pro - Email Templates Add On	Version 0.7.1 by Stranger Studios
    Paid Memberships Pro - Import Users from CSV Add On	Version .3.3 by Stranger Studios
    Paid Memberships Pro - MailChimp Add On	Version 2.1.1 by Stranger Studios
    Paid Memberships Pro - Member Directory Add On	Version .5.1 by Stranger Studios
    Paid Memberships Pro - Member Homepages Add On	Version .1 by Stranger Studios
    Paid Memberships Pro - Membership Manager Role Add On	Version .3.1 by Stranger Studios
    Paid Memberships Pro - Nav Menus Add On	Version .3.2 by Stranger Studios
    Paid Memberships Pro - Post Affiliate Pro Integration Add On	Version .2.1.1 by Stranger Studios
    Paid Memberships Pro - Register Helper Add On	Version 1.3.7 by Paid Memberships Pro
    Paid Memberships Pro - Reports Dashboard Add On	Version .2 by Stranger Studios
    Paid Memberships Pro - State Dropdowns Add On	Version 0.1 by Stranger Studios
    Paid Memberships Pro - User Pages Add On	Version .6 by Stranger Studios
    PMPro Reason For Cancelling	Version .1.1 by Stranger Studios
    Power VC Add-on For WPBakery Page Builder (formerly Visual Composer)	Version 1.0.0 by Webnus
    Restrict Content	Version 2.2.3 by Pippin Williamson
    Slider Revolution	Version 5.4.8 by ThemePunch
    TinyMCE Advanced	Version 4.8.0 by Andrew Ozz
    TinyMCE Custom Styles	Version 1.0.9 by Tim Reeves (original author David StΓΆckl)
    Toolset Access	Version 2.5 by OnTheGoSystems
    Toolset Forms	Version 2.0.2.1 by OnTheGoSystems
    Toolset Layouts	Version 2.4 by OnTheGoSystems
    Toolset Module Manager	Version 1.7.1 by OnTheGoSystems
    Toolset Types	Version 3.0.6 by OnTheGoSystems
    Toolset Views	Version 2.6.3 by OnTheGoSystems
    Ultimate Member	Version 2.0.21 by Ultimate Member
    Velvet Blues Update URLs	Version 3.2.8 by VelvetBlues.com
    Wordpress Page Widgets	Version 3.9 by CodeAndMore
    WP Admin Theme	Version 1.0 by David Smith
    WPBakery Page Builder	Version 5.5.2 by Michael M - WPBakery.com
    WP File Manager	Version 2.8 by mndpsingh287
    WP Health (Formerly My WP Health Check)	Version 1.6.4 by Frank Corso
    WPML CMS Nav	Version 1.4.23 by OnTheGoSystems
    WPML Media	Version 2.3.5 by OnTheGoSystems
    WPML Multilingual CMS	Version 4.0.5 by OnTheGoSystems
    WPML Sticky Links	Version 1.4.4 by OnTheGoSystems
    WPML String Translation	Version 2.8.5 by OnTheGoSystems
    WPML Translation Management	Version 2.6.5 by OnTheGoSystems
    ZillaLikes	Version 1.1.1 by ThemeZilla
    
    Media handling
    Active editor	WP_Image_Editor_GD
    Imagick Module Version	Imagick not available
    ImageMagick Version	Imagick not available
    GD Version	bundled (2.1.0 compatible)
    Ghostscript Version	Unable to determine if Ghostscript is installed
    
    Server
    
    The options shown below relate to your server setup. If changes are required, you may need your web host's assistance.
    Server architecture	Linux 2.6.32-754.2.1.el6.x86_64 x86_64
    PHP Version	7.2.8 (Supports 64bit values)
    PHP SAPI	fpm-fcgi
    PHP max input variables	1000
    PHP time limit	600
    PHP memory limit	256M
    Max input time	600
    Upload max filesize	64M
    PHP post max size	128M
    cURL Version	7.61.0 OpenSSL/1.0.2o
    SUHOSIN installed	No
    Is the Imagick library available	No
    htaccess rules	Custom rules have been added to your htaccess file
    
    Database
    Extension	mysqli
    Server version	5.6.39
    Client version	mysqlnd 5.0.12-dev - 20150407 - $Id: 38fea24f2847fa7519001be390c98ae0acafe387 $
    Database user	blacksto_wpuser
    Database host	localhost
    Database name	blacksto_wp
    Database prefix	wp_
    
    WordPress Constants
    
    These values represent values set in your websites code which affect WordPress in various ways that may be of importance when seeking help with your site.
    ABSPATH	/home/blackstone/public_html/
    WP_HOME	Undefined
    WP_SITEURL	Undefined
    WP_DEBUG	Disabled
    WP_MAX_MEMORY_LIMIT	256M
    WP_DEBUG_DISPLAY	Enabled
    WP_DEBUG_LOG	Disabled
    SCRIPT_DEBUG	Disabled
    WP_CACHE	Disabled
    CONCATENATE_SCRIPTS	Undefined
    COMPRESS_SCRIPTS	Undefined
    COMPRESS_CSS	Undefined
    WP_LOCAL_DEV	Undefined
    
    Filesystem Permissions
    
    The status of various locations WordPress needs to write files in various scenarios.
    The main WordPress directory	Writable
    The wp-content directory	Writable
    The uploads directory	Writable
    The plugins directory	Writable
    The themes directory	Writable
    The Must Use Plugins directory	Writable
    

    Maybe you can help me, Marius.

    Best Wishes,

    Johannes

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Marius L. J.

    (@clorith)

    Hiya,

    I might be able to provide some insights, yes.

    The first thing that strikes me is that your .htaccess file has custom rules in it, would you be able to share those?

    I’m also wondering if you have any kind of access related rules in your vHost configuration for the site (in apache/nginx)?

    Hi Marius,

    this is the .htaccess – file:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    
    AuthUserFile "/home/blackstone/.htpasswds/public_html/passwd"
    AuthType Basic
    AuthName "blackstone"
    require valid-user
    
    # php -- BEGIN cPanel-generated handler, do not edit
    # NOTE this account's php is controlled via FPM and the vhost, this is a place holder.
    # Do not edit. This next line is to support the cPanel php wrapper (php_cli).
    # AddType application/x-httpd-ea-php72 .php .phtml
    # php -- END cPanel-generated handler, do not edit
    
    # BEGIN cPanel-generated php ini directives, do not edit
    # Manual editing of this file may result in unexpected behavior.
    # To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
    # For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
    <IfModule php7_module>
       php_flag display_errors Off
       php_value max_execution_time 600
       php_value max_input_time 600
       php_value max_input_vars 1000
       php_value memory_limit 256M
       php_value post_max_size 128M
       php_value session.gc_maxlifetime 1440
       php_value session.save_path "/var/cpanel/php/sessions/ea-php56"
       php_value upload_max_filesize 64M
       php_flag zlib.output_compression Off
    </IfModule>
    # END cPanel-generated php ini directives, do not edit
    Plugin Author Marius L. J.

    (@clorith)

    Ahh yes,

    I see that you require Basic authentication to access your site (a prompt for username and password when visiting the site).

    You may be able to work around this with a loopback exception, I don’t know what version your webserver is running, but try adding the following after the require valid-user line:

    
    Order allow,deny
    Allow from 127.0.0.1
    Allow from blackstone.sale
    satisfy any
    

    It may fail though, depending onb what version you are running as mentioned.

    Hi Marius,

    you were completely right. The basic authentication has been the problem.

    I deactivated it and, boom, above error-message disappeared.

    Nevertheless, when I reactivated the basic authentication and inserted your proposed code, the error messages come back again.

    Is there another workaround in the .htaccess or somewhere else, which I can try, as long as the basic authentication is on?

    Best Wishes,

    Johannes

    Plugin Author Marius L. J.

    (@clorith)

    My bad, it should be Satisfy Any, capitalization matters, and I keep forgetting that πŸ™‚

    Hi Marius,

    I corrected the capitalizations (also Require was in small letters):

    AuthUserFile “/home/blackstone/.htpasswds/public_html/passwd”
    AuthName “blackstone”
    AuthType Basic
    Require valid-user
    Order allow,deny
    Allow from 127.0.0.1
    Allow from blackstone.sale
    Satisfy any

    But it doesn’t change anything. It only works, when I deactivate the .htaccess-Authentication.

    Maybe the Health Check doesn’t like access-auths. πŸ˜‰

    But never mind, I now know the reason for the Healt Check – Errormessage, which actually is no error.

    Plugin Author Marius L. J.

    (@clorith)

    I’m afraid I don’t know then, the rules should work fine with the proper capitalizations.

    It’s worth noting that this will prevent tools like WP_Cron (scheduled tasks in plugins, scheduled posts etc) from working unless it’s resolved, so the plugin does correctly report it as a potential problem.

    If you don’t use any scheduled tasks, it won’t be a concern though πŸ™‚

    Hello @clorith Can I use this htaccess because my problem is also similar with this. Do I have to edit or change anything inside the file? TQ

    • This reply was modified 1 year ago by  Sazarima Salihin. Reason: Forgotten to tick to notify me
    Plugin Author Marius L. J.

    (@clorith)

    It doesn’t sound like you have the same problem, I’d suggest continuing our talk in your own topic, as this is someone elses thread and we’re causing unnecessary email notifications to go out πŸ™‚

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Loopback-Request Error 401 + updates prevented by disabling wp_version_check()’ is closed to new replies.