I am using a third party app called MarsEdit to publish to my WordPress. My WP is hosted on a DigitalOcean droplet. My domain and DNS is handled by Cloudflare. MarsEdit uses XMLRPC to publish directly to my blog. But I keep getting an XMLRPC error. Specifically, “Invalid XML response.” I’ve contacted MarsEdit’s support and sent a copy of my network log to troubleshoot. They said Cloudflare is causing my site to redirect the API URL that MarsEdit needs to access. That URL is an XMLRPC and Cloudflare seemingly redirects it to my homepage instead of the API URL needed.
it seems like something in Cloudflare may be blocking it. How can I ensure that XML site doesn’t get redirected and/or blocked? I’ve checked the Cloudflare Firewall and have not seen an event.
Hello, sdayman. Good to hear from you, being that you were really helpful in the previous thread.
I’ve checked the server log and that’s what I sent to the MarsEdit support team, who directed me to Cloudflare. They’re not sure but they’re inclined to believe the issue is with a Cloudflare redirect.
I have one Page Rule set up which I made in an attempt to rectify this problem. Otherwise, prior to that repair attempt, I had no page rules in place. The Rule is directing the XMLPRC url to Browser Integrity Check: Off, Always Online: Off, Security Level: Low, Cache Level: Bypass.
Cloudflare probably isn’t the source of the redirect. With your one subtractive Page Rule that’s removing barriers, that’s not the problem.
Here’s another Curl command to hit your server directly to test that URL: curl --silent --verbose https://example.com/xmlrpc.php --resolve example.com:443:123.123.123.123
Change both example.coms, and the IP address to your Droplet’s IP address.
That shows you hit your Apache server directly and it redirected it with a 301 to the home page.
Now you just need to track down why, whether it’s in .htaccess, or something in an Apache conf file. There’s also the chance a WordPress plugin is doing it.
Thanks. I’ve done a little digging so far and can’t quite figure it out. I do not have any plugins enabled. However, there is a Must-Use plug-in of fail2ban. I wonder if this XML issue is related to the fail2ban plugin?
I will keep digging. Thanks so much for your help so far. I will be sure to post my findings or continued issue for future users stumbling upon this post.
Well, I figured it out. I destroyed my droplet and made a fresh install of the One Click WordPress install. Still the same problem so I knew it had to be something with the One Click.