Troubleshooting the 'ERR_HTTP2_PROTOCOL_ERROR' When Accessing WordPress XML-RPC

It is advisable to disable XML-RPC for security purposes. If you need to enable XML-RPC, consider adding code that allows access only from specific IP addresses. After upgrading to PHP 8.2 on Cloudways, there was an issue with XML-RPC not functioning. When accessing the xmlrpc.php page, an "ERR_HTTP2_PROTOCOL_ERROR" error occurred. In this case, we'll explore how to address this issue.

When searching for cost-effective and high-quality web hosting, it's worth exploring popular choices like Bluehost. Although it may not deliver the same speed as Amazon AWS or other alternatives, combining it with fast WordPress themes, such as GeneratePress, can lead to respectable speeds, even for revenue-generating blogs. However, if speed is a top priority or if you manage e-commerce or critical business websites, Cloudways is an outstanding option. Cloudways simplifies the process of handling servers like Amazon AWS and Vultr. Please note that if you click any of the links in this article to register for web hosting services, I may earn a commission. Nonetheless, I only endorse services I have personally utilized for several years, including Bluehost and Cloudways. Take advantage of the coupon code WPCAFE15 when signing up for Cloudways to receive a 15% discount.

Troubleshooting the 'ERR_HTTP2_PROTOCOL_ERROR' When Accessing WordPress XML-RPC

When accessing example.com/xmlrpc.php on a WordPress site, if the following message is displayed, it means xml-rpc is properly enabled:

XML-RPC server accepts POST requests only.

In this blog, XML-RPC was disabled by adding the following code to the .htaccess file:

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
	order deny,allow
	deny from all
</Files>

If you attempt to access the xmlrpc.php file on this blog, the following error message appears:

403 Permission Denied
You do not have permission for this request /xmlrpc.php

To allow access only from specific IP addresses, add a line in the following format below the "deny from all" line:

allow from 123.456.78.900

The numbers at the end represent the IP addresses to be allowed.

Cloudways, a global web hosting provider, recently added support for PHP 8.2. Upon confirming that PHP 8.2 was supported, I immediately upgraded to this version.

However, after upgrading to PHP 8.2, an issue arose where XML-RPC was not functioning. When accessing the xmlrpc.php page, an "ERR_HTTP2_PROTOCOL_ERROR" error occurred.

If you encounter this issue, first check if XML-RPC has not been disabled in security plugins or similar tools. Disabling a plugin that deactivates XMLRPC should resolve the problem. Optimization plugins like Clearfy and security plugins like Wordfence and iThemes Security also offer xml-rpc disabling options.

I initially thought it was a plugin issue and tried disabling plugins one by one, but the problem persisted. I switched to the Divi theme, suspecting it might be a theme-related issue, but changing to another theme didn't resolve the error either.

When I contacted Cloudways, they requested the server IP address and the name of the problematic application. After providing the information, the Cloudways representative resolved the issue. When I inquired about the problem, I was told that xmlrpc was disabled due to the PHP update, and they re-enabled it.

What I could observe updating the PHP disabled xmlrpc so I have enabled it.

If xml-rpc doesn't work on Cloudways, contacting a support representative will promptly resolve server-related issues.

Cloudways Promo Code: Enjoy 15% Off Your First 3 Months

In conclusion:

As mentioned earlier, it is advisable to disable xml-rpc for security reasons, as it can be exploited for DDoS attacks. If you must enable it, add code to the .htaccess file to allow only specific IP addresses. You can find your public IP address by searching "my IP address" on Google.

If you use Cloudways and encounter such issues after changing the PHP version, contacting customer support will help resolve the problem. For security reasons, it is currently recommended to use PHP 8.0 or higher. I have applied PHP 8.2 to most of my sites, and they all work well without any issues. If you experience errors with PHP 8.2, try downgrading to PHP 8.1 and check if the error no longer occurs.

See Also...


3s