XML-RPC Questions

[JohnA]

Hey Guys,

Can someone help with this? I want to allow just 2 IPs to post remotely to a blog and I have to modify ModSecurity to do that. How do I do that in WHM or cPanel please?
Thanks!

 

[KH-DanielP]

Do you have current mod_security rules setup blocking xmlrpc, or are you using our default htaccess rule to block it?

 

[JohnA]

Daniel, standby please...checking

 

[JohnA]

Well, seems like I can't login into WP blog...getting this return: http://127.0.0.1/ Probably a plugin is blocking?

 

[KH-DanielP]

@JohnA , That very well could be a plugin redirecting things back to local host thinking your an attacker. If you've got another computer (cell) to try from that might let you in.

 

[JohnA]

Roger...I'll try that

 

[JohnA]

Hey Daniel,

Got that sorted out finally. It appears my .htaccess was at fault so I deleted it and created another one. I don't have mod_security rules setup blocking xmlrpc, never changed anyting there - in fact, I don't know how to modify mod_security rules so I can allow 2 designated IPs to post. My .htaccess is basic now so no blocking rule that I'm aware of...help!

John

 

[KH-DanielP]

John,

If it's default on our server there's an htaccess file located in /home , you have to use SSH as root to access it.

In that file it'll look something similar to this:

<Files xmlrpc.php>
ErrorDocument 403 default
order deny,allow
deny from all
</Files>

Add a line for each IP that needs to access it:

<Files xmlrpc.php>
ErrorDocument 403 default
order deny,allow
deny from all
allow from 127.0.0.1
allow from 127.0.0.2
</Files>

Of course the above are example IP addresses to be replaced with valid ones. If you have any trouble accessing the file just raise a ticket and reference this thread.

 

[JohnA]

Thanks mate!

 

[JohnA]

Thanks Daniel...that worked!

 

[KH-DanielP]

@JohnA awesome! Glad everything is working for you.