If you have received the following error message when trying to install or use Jetpack, it is because we disabled access to your xmlrpc.php script by default. We have this disabled because attackers have the ability to brute force as well as send out attacks using an exploit against the pingback ability. (Read More)
To enable access to your xmlrpc.php we first recommend upgrading WordPress to the latest version along with installing a plugin that will disable certain functionalities of the script that may potentially allow an attacker to use them maliciously. The plugin is available here.
Always make sure to review this link for the updated Jetpack IPs to whitelist.
Using FTP or File Manager browse to your public_html folder and inside open the .htaccess file. Once opened, add the following to the top.
<FilesMatch "^(xmlrpc\.php)">
Order Deny,Allow
# Whitelist Jetpack/ Automattic CIDR IP Address Blocks
Allow from 192.0.64.0/18
Allow from 198.181.116.0/22
Allow from 192.0.98.0/24
Allow from 195.234.108.0/22
Allow from 2a04:fa80::/29
Allow from 2001:470:1:ff::/64
Allow from 209.15.0.0/16
Allow from 66.155.0.0/17
Allow from wordpress.com
Allow from 45.56.2.139
Deny from all
</FilesMatch>
Save and your xmlrpc.php script will once again be reachable by Jetpack.
Congratulations! You've successfully updated your .htaccess file with Jetpack whitelisted IP's.
If you have any questions, please don’t hesitate to contact our team via live chat.
For technical inquiries, please feel free to reach our support team by emailing support@bigscoots.com from your registered email or by submitting a support ticket.