If you have received the following error message when trying to install or use Jetpack, it is because we disabled access to your xmlrpc.php script by default. We have this disabled because attackers have the ability to brute force as well as send out attacks using an exploit against the pingback ability. (Read More)

To enable access to your xmlrpc.php we first recommend upgrading WordPress to the latest version along with installing a plugin that will disable certain functionalities of the script that may potentially allow an attacker to use them maliciously. The plugin is available here.

Using FTP or File Manager browse to your public_html folder and inside open the .htaccess file. Once opened, add the following to the top.

<FilesMatch "^(xmlrpc\.php)">
Order Deny,Allow
# Whitelist Jetpack/ Automattic CIDR IP Address Blocks
Allow from
Allow from
Allow from
Allow from wordpress.com
Allow from
Deny from all

Save and your xmlrpc.php script will once again be reachable by Jetpack.

Did this answer your question?