If you are experiencing an issue with connecting your website to your MainWP Dashboard, be sure to check this list of potential issues and solutions.
Connection Blocked by Firewall
In most cases, when the child site server firewall or any other security layer blocks requests from your MainWP Dashboard, you will get the error message that says that the “Connection timed out after 100000ms” or the “Site can’t be reached”.
In some cases, the Child Site server blocks requests sent from the Dashboard site, and your website may return the message that the MainWP Child plugin can’t be found. This means that the request never reaches the website, and since there is no feedback from the MainWP Child, MainWP Dashboard returns this generic error message.
In both cases, you need to contact your Child Site host support department and have them allow your MainWP Dashboard IP address (found at the MainWP > Status page, under the Server IP check). In most cases, this will be ModSecurity, Imunify360, or even Cloudflare firewalls, but it can be any. It is highly recommended to insist on reviewing all security layers on the child site server.
To troubleshoot this problem,
First, try to temporarily disable all security plugins on the child site.
If that doesn’t help, check the .htaccess file (or any other server config files)
Check if there are some security rules left by previously deactivated security plugin(s).
Also, make sure that there are no custom security rules in the file.
If none from above doesn’t help and you use a cloud proxy firewall for the child site (such as Cloudflare, Sucuri, WebARX, and others…), try to temporarily disable it or whitelist your MainWP Dashboard IP in the firewall settings.
If you don’t use a cloud proxy, or you do, but that is not causing the problem, the last security layer is your server Firewall. Please get in touch with your host support and have them review the firewall logs around the time you tried to connect your child site. Once found, they should be able to whitelist your MainWP Dashboard IP or readjust the WAF rule that got triggered.
ModSecurity
ModSecurity is a toolkit for real-time web application monitoring, logging, and access control. It is an open-source, cross-platform web application firewall (WAF) module known as the “Swiss Army Knife” of WAFs.
In case you can’t connect a website to your MainWP Dashboard because the ModSecurity on your child site server is blocking requests from your MainWP Dashboard, you can create a custom exception for the ModSecurity and allow your MainWP Dashboard to reach your child site.
First, go to your MainWP Dashboard
On the MainWP > Status page, locate your MainWP Dashboard IP address and note it down.
Now, go to your child site server and find the Nginx/Apache Error Log and find the ModSecurity error that is generated when your MainWP Dashboard tries to connect. You should be able to quickly narrow down your search with the timestamp or your MainWP Dashboard IP address. Once you’ve found your error, you need to note down the Error ID (bolded number in the example below), as we’ll be using this for our exclusion rule. It should look similar to this:
[Fri Jun 26 23:07:04.178701 2020 [:error] [pid 78007:tid 139308447686754] [client 125.54.65.125]
ModSecurity: Access denied with code 403 (phase 2). Pattern match "Mozilla/(4|5)\\\\.0$" at REQUEST_HEADERS:User-Agent. [file
"/etc/apache2/conf.d/modsec2.conf"] [line "109"] [id "20000221"] [hostname "127.0.0.1"] [uri "/wp-admin/admin-ajax.php"]
[unique_id "WwjPWChxvG3CO5kz-D55eQBBBCU"]Once you have the correct ModSecurity error, you will need to edit the ModSecurity configuration. The ModSecurity configuration location can be different in different hosts, so if you are not sure where to find it, please ask your hosting provider, and they should be able to help you. Here are some examples:
If you are using Easy Apache 4, you will find the configuration file with this path: /etc/apache2/conf.d/modsec2/whitelist.conf, if you are
On Plesk, you will find the configuration under Tools & Settings > ModSecurity > Settings > Configuration
If you are using GridPane hosted sites, you will find the configuration file in /etc/nginx/modsec/owasp/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
Open the config file and add your exclusion rule at the bottom; it should look similar to the example below, and add your MainWP Dashboard IP address and Error ID (both bolded in the example below)
SecRule REMOTE_ADDR "^125\.54\.65\.125" "phase:1,nolog,allow,ctl:ruleEngine=off,id:20000221"
Save the changes.
This should solve the problem; however, if your site still can’t be connected to your MainWP Dashboard, please get in touch with your host support and have them review the logs.
Imunify360
Imunify360 is a security suite for Linux web servers. If it is present on the server that’s hosting the Child Site, it can, in some circumstances, block connection from the MainWP Dashboard.
If your MainWP Dashboard detects that Imunify360 is blocking the connection, it will display the following error message:
Error detected: Connection Failed. We suspect that Imunify360, a security layer added by your host, is causing this problem. Please contact your host to whitelist your Dashboard IP in their system. If you need help determining your MainWP Dashboard site IP address, check with your hosting provider.
As the error message suggests, please contact your host provider and have them whitelist the Dashboard IP in their system, or follow the steps outlined in this document.
NOTE: The experience has shown that some support representatives are unaware of Imunify360 and how it plays a role in this connection issue. In that case, please try to escalate your support ticket and gently insist on them investigating the issue further, and checking any logs that might show connection blocks.
Whitelist the MainWP Dashboard IP in Imunify360
Log in to WHM.
Click on the “Plugins” option.
Click on the “Imunify360” sub-option
Select the “Firewall” tab
On the right side of the screen you will find an “Add” option. Click on it.
A small window will open up as shown below.
Enter the “IP or subnet in CIDR notation” in the IP tab.
Enter a comment.
Enter “TTL” and select “Days or Hours” from the drop-down menu.
Select the “Whitelist” selection.
Tick on the “Full access” option.
Finally, click on the “ADD IP” option.
Using Cloudflare with Imunify360
If you are using Cloudflare and its “Cache Everything” feature for a Child Site, in addition to Imunify360 being used on the server that’s hosting the Child Site, then it is necessary to follow the steps outlined in this Imunify360’s help document for disabling Edge Cache TTL: https://blog.imunify360.com/using-cloudflare-cache-everything-with-imunify360
Cloudflare
If your MainWP Dashboard cannot connect to your website because Cloudflare’s Firewall is blocking the requests, you can resolve this issue by whitelisting your MainWP Dashboard. Simply go to the Firewall settings in Cloudflare and create custom Firewall rules to allow requests from your MainWP Dashboard.
To do that,
First, go to your MainWP Dashboard
On the MainWP > Info > Server page, locate your MainWP Dashboard IP address and note it down.
Now, go to your Cloudflare account, and go to the Security > WAF page.
Click the Create firewall rule button
Next,
Give your rule a Name
In the Field menu, select IP Source Address, In the Operator menu, select Equals, In the Value field, enter the previously noted IP Address of your MainWP Dashboard.
In the Choose Action dropdown, select Skip
From the WAF components to skip, Select Security Level
Click the Deploy button
If whitelisting your Dashboard IP doesn’t help, you can try to alter the Firewall rule.
In the Field menu, select Referrer.
In the Operator field, select Contains.
In the Value field, enter your MainWP Dashboard site URL
Even if you can connect the website, you can still do this to ensure that the Cloudflare Firewall won’t start blocking requests and cause your child site to get disconnected.
If whitelisting the Dashboard in Cloudflare Firewall does not solve the issue, it may be necessary to also turn off Cloudflare Bot Fight Mode, which can be found on Cloudflare Dashboard > Security > Bots page.
SSL Certificate Verification Issues (Error: This site can not be reached!)
In some cases, when your MainWP Dashboard tries to reach the child site, SSL Certificate verification can fail due to SSL Cert misconfiguration or expiration. To be sure that the child site SSL cert is set properly and verification can pass, please do the following:
Go to the SSL Checker or use any other similar tool
Enter your child site URL
Click the Check SSL button
After results appear, if there is any warning or error reported, contact your host support and have them recheck the SSL Settings and do what is necessary to resolve the error.
DNS Issues
You may have recently moved the website to another server, and your Dashboard’s Server may not have an updated DNS, or your server may be experiencing DNS issues. To check this, use the Test Connection tab and verify the IP matches with the IP that shows on your website WP > Settings > MainWP Child > Server Information page.
In case there is an IP address mismatch, you will need to contact your hosting provider and request two things:
Dashboard Site host: request DNS Cache flush
Child Site host: request DNS Settings verification
In most cases, this issue resolves itself in up to 48 hours; however, some host companies do not flush DNS cache that often, and more time is needed.
Dashboard Site Server Misconfiguration
To be sure that your Dashboard Site server is configured properly and can be used for hosting the MainWP Dashboard plugin:
Log in to your Dashboard Site
Go to the MainWP > Server Information page
Locate the following checks and make sure that all of them display the Pass response:
cURL Extension Enabled
cURL Version
OpenSSL Extension Enabled
OpenSSL Version
PHP Version
MySQL Version
If any of those show Warning or Fail markers, check this document to resolve the issue(s).
OpenSSL Library Misconfiguration (Error: Invalid Request)
If you are getting the “Invalid request” error upon failing to connect a Website to your MainWP Dashboard, it is more than likely that the OpenSSL library is not properly set on your MainWP Dashboard host. To begin the troubleshooting process, first, go to the MainWP > System > Server Information page and check the SSL Warning row. If it shows one of the following errors:
error:02001003:system library:fopen:No such process
error:02001002:system library:fopen:No such file or directory
It confirms that the problem is with the OpenSSL library. To solve this problem,
Go to your MainWP Dashboard
Go to the MainWP > Settings > Advanced Settings page
The new option will appear to add the OpenSSL.cnf file path
Click the Save Settings button
Once this process is completed, please recheck the Server Information and verify that the SSL Warning is gone. If yes, you can start connecting your child sites.
Child Site Server Misconfiguration
To be sure that your Child Site server is configured properly and can be connected to your MainWP Dashboard:
Log in to your Child Site
Go to the WP > Settings > MainWP Child > Server Information page
Locate the following checks and make sure that all of them display the Pass response:
MainWP Upload Directory
cURL Extension Enabled
cURL Version
OpenSSL Extension Enabled
OpenSSL Version
PHP Version
MySQL Version
Plugin Conflict
If, after verifying that the MainWP Child plugin is installed and activated on your website, the website still can’t be connected to your MainWP Dashboard, try to disable all plugins except for MainWP Child and connect your site after that.
If you cannot disable all your plugins, be sure to disable all security and caching plugins. In most cases, it will be some security plugin that will be blocking requests from your MainWP Dashboard.
MainWP Child plugin missing
To connect your website, you need to make sure that the MainWP Child plugin is installed & activated on the website that you are trying to connect.