Have your Jetpack and use Better WP Security too

Jetpack header logo

Recently I started using Jetpack for amongst other things the Publicize feature. Publicize
automatically share your site’s posts on a range of social media networks when you publish a new post. The time this saves makes Jetpack a worth while plugin on its own. Not to mention all of the other features you get when you install Jetpack.

After I installed and configured Jetpack to connect to wordpress.com and Publicize to my social media sites I published a Post and sure enough a post was sent to my social media sites. The next post which was after an update of Jetpack was not so successful. The post on my blog was fine but no publicization of my article to my social media sites. So commenced the reading, reading, reading, reading, reading, reading…

Then I came across the Jetpack Troubleshooting Tips page which states;

Jetpack Troubleshooting Tips

  1. Check your XMLRPC file. You can do this by going to your web site URL and adding “/xmlrpc.php” to the end (without the quotes). When it loads in your browser, you should see “XML-RPC server accepts POST requests only.” on a line by itself.

If you see this message, but it is not on a line by itself, a theme or plugin is displaying extra characters when it shouldn’t. See points 1 and 2 above for debugging steps.If you get an 404 Error Not Found message, contact your web host. They may have security in place that is blocking XMLRPC.

  1. Check the Known Issues list and make sure you aren’t using a plugin or theme listed there.

I ran the test for my self. I simply went to my home page and added “/xmlrpc.php” to the end of the URL in the address bar of my browser window (without the quotes) and sure enough I got a 404 error page, not the “XML-RPC server accepts POST requests only.” on a line by itself. So I clicked the Known Issues list link and the words Better WP Security immediately jumped off the page because I have the Better WP Security plugin installed. The Known Issues page states;

Known Issues

Known Issues
WordFence, Better WP Security, Login Security Solution

These plugins block access to your site’s XML-RPC file. This file is used by Jetpack to connect to WordPress.com, and must be accessible at all times. You will consequently need to deactivate these plugins to be able to use Jetpack.

My first thought was “I am not going to deactivate a plugin that provides the amount of security that Better WP Security provides with out first running some tests”. I then went over to my wordpress dashboard and the Better WP Security plugin and had a good look around. I had not had a look at the Better WP Security plugin for a while and did not remember all of its features.

Better WP Security - Various Security Tweaks

Quite quickly I found what I was looking for on the Tweaks screen which ststes;

Remove EditURI header

Remove EditURI header

Removes the RSD (Really Simple Discovery) header. If you don’t integrate your blog with external XML-RPC services such as Flickr then the “RSD” function is pretty much useless to you.

Warning: This feature is known to cause conflicts with some 3rd party application and services that may want to interact with WordPress.

I uncheck the checkbox and clicked Save Changes. Then I ran the “/xmlrpc.php” test again. This time it was successful I got “XML-RPC server accepts POST requests only.” on a line by itself.

Now to test if my posts are once again being published on social media networks I will post this Article but if it does not work I will continue searching for the answer and post it here as an addition to this post.