Support » Plugin: Rename XMLRPC » Try this first

  • So this plugin did not work for me, as I was trying to get JetPAck to work for me and came across the error HTTP 412 Site_inaccessible and it only supports up to 3.2.1 but in searching my hosts knowledge base when I stumbled upon the problem: Mod_security2. Read the steps I took to solve this. Below this is a troubleshotting segment from the android wordpress app FAQ and below that is the explanation given by the knowledge base.

    So here’s the steps:
    1. If you modified xmlrpc.php to something else, rename it back
    2. Create file called .htaccess and copy the code for xmlrpc.php
    <IfModule security2_module>
    SecRuleRemoveById 114
    3. I placed the file in both the main directory (which should work for all subdirectories and also in the wp-content/plugins directory
    4. There is no step 4 🙂

    Recommended testing to see if this is really your problem:
    1. Ensure that you’ve typed in the URL correctly.
    2. If it’s correct, make sure XML-RPC services are enabled on the blog.
    3. Verify that xmlrpc.php is functioning properly. Locate your RSD meta tag by viewing-source on your blog. It will look similar to this:
    <link rel=”EditURI” type=”application/rsd+xml” title=”RSD” href=”” />
    Next, follow the link,, and make sure it resolved to an XML file. Locate the WordPress API item: And lastly, load that apiLink value into your browser. If everything is setup correctly, you should see this message: “XML-RPC server accepts POST requests only.”
    4. Go to the W3C Markup Validator and type in the URL of your WordPress site. If you get a response such as “… one or more bytes that I cannot interpret as UTF-8″ that is most likely what is causing the app to have trouble with your site.
    5. Try with the default theme and with no active plug-in.
    (Trying it with the default theme and plugins disabled will help pin down where the problem is. If everything works then you go back and enable your theme and then try it again. If everything still works then you go back and activate each plugin one at a time until you find the one that is causing the breakage.)

    Mod_security2 is an Apache 2 module which protects vulnerable software from security breaches. This additional security feature is activated by default on our servers in order to provide maximum protection from hacker attacks for the websites of our customers. However, the module can also block certain legitimate scripts from executing. When this happens, the error message returned by the server is 412 Precondition Failed.

    Disabling the mod_security2 module would decrease the security of your website considerably, so we would recommend that you do not do that. Instead, please contact our Support team in order to find out which mod_security2 rule blocks the execution of your script. These rules can be disabled individually. You can also disable mod_security2 only in the directory in which the script that causes the error is located.

    In order to disable mod_security2, you can create an .htaccess file in the directory where you want to disable it. The file should contain the following code:
    <IfModule security2_module>
    SecRuleEngine Off
    SecRequestBodyAccess Off
    </IfModule>The .htaccess file can be easily created using the File Manager page of the hosting Control Panel. The settings in this file apply to the directory in which it is located and recursively to its subdirectories.

    The most frequently occurring problem is caused by a mod_security2 rule that blocks requests to xmlrpc.php files. In order to allow access to xmlrpc.php, you can create an .htaccess file with the following code in it:
    <IfModule security2_module>
    SecRuleRemoveById 114

  • The topic ‘Try this first’ is closed to new replies.