Error: Registration Secret Sent by Your Site is Empty (Status 500)

  • anonymousconservativeblog

    (@anonymousconservativeblog)


    3 days, 22 hours ago

    I had come here before with a strange connection issue with jetpack that may have been related to Cloudflare. The link to that is here:

    https://wordpress.org/support/topic/registration-secret-sent-by-your-site-is-empty-status-500-2/#post-18729933

    I decided to redo Cloudflare, since jetpack says it should work out of the box, and it had for me for a few months. That requires deleting the site from the account and waiting a week, as if you recreate it sooner, Cloudflare will recreate the deleted account with all its settings. In the interim the old thread was closed.

    Here is a rehash of the issue, and what I have done:

    Site was fully updated, with Jetpack installed, I used Cloudflare and it worked fine for months. After several months, I first noticed the site health said I should connect to Jetpack, so I attempted to, and was thrown to the new onboarding screen saying “Start with Jetpack for free” and the “Supercharge My Site button.” I clocked it, and below it, it eventually said, “The registration secret sent by your site is empty. (Status 500)”

    I have uninstalled all plugins, changed themes to from Twenty Twenty One to Twenty Twenty Four, got the object cache purge button installed and used it, paused Cloudfare, re-FTP’d all new core files, deactivated, deleted and reinstalled Jetpack, clicked the “My Jetpack” button to go back to the onboarding page, clicked “Supercharge My Site” and got the same error.

    Oddly I uploaded an old htaccess file out of the blue, as I was out of options, and I was able to connect with the Supercharge my site button, but you guys said you were still seeing connection issues on your end, and sure enough each day it disconnects. I see no difference between the old htaccess file and the one which prevents all connections, strangely. But it is no long-term fix either.

    I also made sure the non www version of your URL redirects to the URL with the www included.

    Two things, xmlrpc.php tests find using CMD commands, and at the url, and the error changes if I delete the htaccess file, instantly saying, “An error occurred. Please try again.” If I regenerate htaccess using permalinks, it goes right back to the first error. Everything is up to date, and this started out of the blue, after Jetpack was functioning fine, and the problem persists with Cloudflare paused, and Jetpack IPs allowed on top of that, and everything /wp-admin* set to be just passed through.

    I also had the host delete all DNS info and regenerate it from scratch to be sure all DNS info had not been toyed with in some weird way in the past, and I copied it exactly over to the newly redone Cloudflare with all default settings.

    I think the only difference now is, Jetpack will work if I set the registrar nameserver setting direct to Ipage, but if I set the nameservers to Cloudflare, and use the exact same DNS data there, for some reason Jetpack will not connect.

    Unfortunately I need Cloudflare as I have some actor using upwards of a million and a half IPs per month to screw up my server.

    So since then I went to the host, and they have said this:

    “As per the error logs, I have removed the ‘ctype’ and ‘propro.so’ extensions, but unfortunately, the issue persists. I also attempted to debug your website using the tool at https://jptools.wordpress.com/debug/ and encountered an unknown error. Given the steps you’ve already taken, including allowing IPs in Cloudflare, pausing Cloudflare, and checking the XML-RPC functionality, it seems we may need to escalate this matter. I recommend contacting Jetpack support directly at https://jetpack.com/contact-support/ to verify the connection issue from their end. If they provide any error logs or reports indicating that the problem is server-related, please share those with us, and we will work with our engineering team to investigate further. Thank you for your patience as we work through this curious case.”

    It seems I cannot just delete everything and reinstall for some reason, so I was wondering if you can find any error logs which might help the host.

    Thank you!

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Alin (a11n)

    (@alinclamba)

    3 days, 12 hours ago

    Hi @anonymousconservativeblog,

    Thanks for all the details and for running those tests, that is very helpful.

    When we test the Jetpack connection from our side, your server is returning a 409 Conflict response when Jetpack tries to access:

    https://www.anonymousconservative.com/xmlrpc.php

    You can read more about this status code here:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/409

    In addition to that, we are also seeing a 465 Access Denied page in some cases. This is not a standard HTTP status code and is typically used by Web Application Firewalls. Both responses indicate that something on the server is blocking or altering Jetpack’s POST requests before they reach WordPress.

    Jetpack needs unrestricted POST access to xmlrpc.php in order to stay connected. Since your tests already ruled out plugins, caching, and Cloudflare, the most likely cause is a server level firewall or security layer intercepting the requests.

    At this stage, the best next step is to contact your hosting provider and ask them to check their security or firewall logs for blocked POST requests to xmlrpc.php. For reference, Jetpack’s requests look like this:

    Please ask them to allow unrestricted access to that endpoint and ensure no security system injects or rewrites the response. Once they confirm this has been adjusted, let us know and we can test the connection again from our side.

    We will be here to continue helping as soon as you have an update.

    Thread Starter anonymousconservativeblog

    (@anonymousconservativeblog)

    1 day, 4 hours ago

    Here is what tech support has said in return, and bear in mind I yet again deactivated and deleted jetpack and reinstalled and reactivated it with no change in the error. If you can give me some concrete thing to do or search it would be great:

    Thank you for getting back to us with the requested information. I understand how important it is to get this issue addressed. 

    We have provided the given details to our engineers and they were able to duplicate the issue. Rest assured, there is no modsec blocks and XML-RPC is accessible. They have suggested you to reinstall the Jetpack plugin and then test the connection. If the issue persists, then it is advisable to contact jetpack plugin vendors regarding this issue and get it fixed. If they ask to make any changes from our end, then please let us know the exact changes so that we can check further.  Also, if they report that the issue is from our end, then please let us know the exact issue/error. 

    Please feel free to reply to this email if you have any further questions. We are happy to help!

    I should add they have been doing security upgrades lately, and installed server limits which generate block pages if there is too much activity from one IP, though I do not think that specifically is the issue. So they have some problem there and are installing stuff to address it.

    Though I am not sure that explains why Jet pack will work fine if I point the domain at GoDaddy to the host’s nameservers, but if I point to Cloudfare’s name servers and then pause cloudfare to let everything through, or create rules to send Jetpack IPs through, or ignore everything /wp-admin*, or do it all together, then it breaks.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.