Troubleshooting connection issues

If VaultPress is having trouble connecting to your site, there are a few things to check:

Install & Register the VaultPress plugin

If the plugin hasn’t been installed and registered we can’t back up your site! Follow the instructions here to get everything set up properly.

Make sure your site is publicly available

Please disable any “Under Construction” plugins, and ensure that your site is publicly accessible. VaultPress cannot back up private sites that are not accessible to the public.

Check your Site URL 

Please make sure that you’ve set your Site URL (at VaultPress dashboard → Settings) to the address that your site ultimately redirects to. For example, if http://www.yourgroovydomain.com redirects to http://yourgroovydomain.com, then you should set your Site URL to http://yourgroovydomain.com.

Check that your site’s SSL certificate is valid

If your site has an SSL certificate (i.e. the site address starts with “HTTPS” instead of “HTTP”) there could be an issue with the certificate for your site. You can check that by entering your site address here. If all is well, you’ll see a list of green checkmarks. If you see any warning messages, then it’s a sign that there’s an issue with your SSL certificate, and you should pass that on to your hosting provider for investigation.

Whitelist VaultPress IP Ranges to prevent blocking

Whitelist these IP ranges with your hosting provider or any firewall you might be using (view in CIDR notation). By whitelisting our IP ranges, you are telling the server to accept connections from VaultPress.com so we can create backups of your site.

Note: If your host requires a port number, they should whitelist requests to ports 80, 21, and 22, or 443 for requests over “HTTP”.

Reverse proxy/load balancer/caching server issues

Note: VaultPress 1.9.7 and above are better able to detect this scenario. Before using the snippets below, please try resetting VaultPress on our server. You can do that by visiting the VaultPress settings page inside the WP Admin dashboard, clicking the “DELETE ALL SETTINGS” button, and then registering the plugin again. If that doesn’t work,  you may need to add the code below.

As a security measure, VaultPress uses an internal firewall that only accepts incoming connections from the VaultPress IP ranges. Several proxies, load balancers, or caching servers (like Cloudflare, Varnish, LiteSpeed, and Incapsula) can interfere with this firewall.  These servers often provide the IP address associated with incoming requests in the “X-FORWARDED-FOR” header. You’ll need to re-configure your web server so that this header is used to set the remote address variable (“$_SERVER[‘REMOTE_ADDR’]”) in PHP. Your host is in the best position to assist with this step.

If you can’t modify your server configuration, you can try addressing this issue at the PHP level by adding these lines to your “wp-config.php” file, right after the opening “<?php” line:

if ( !empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
    $forwarded_ips = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
    $_SERVER['REMOTE_ADDR'] = $forwarded_ips[0];
    unset( $forwarded_ips );
}

Varnish Specific Troubleshooting

If adding the above code mentioned in the previous section to your “wp-config.php” file doesn’t work, we recommend adding the following in your Varnish configuration as a next step:

if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " +
client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}

Sucuri Specific Troubleshooting

If the reverse proxy code above did not fix the VaultPress connection issue and you are using Sucuri CloudProxy, we recommend adding the following modified code to your “wp-config.php” file:

if ( !empty( $_SERVER['HTTP_X_SUCURI_CLIENTIP'] ) ) {
    $forwarded_ips = explode( ',', $_SERVER['HTTP_X_SUCURI_CLIENTIP'] );
    $_SERVER['REMOTE_ADDR'] = $forwarded_ips[0];
    unset( $forwarded_ips );
}

Incapsula Specific Troubleshooting

If the reverse proxy code above did not fix the VaultPress connection issue and you are using the Incapsula Security CDN, we recommend adding the following modified code to your “wp-config.php” file:

if ( !empty( $_SERVER['HTTP_INCAP_CLIENT_IP'] ) ) {
    $forwarded_ips = explode( ',', $_SERVER['HTTP_INCAP_CLIENT_IP'] );
    $_SERVER['REMOTE_ADDR'] = $forwarded_ips[0];
    unset( $forwarded_ips );
}

Cloudflare Specific Troubleshooting

If the reverse proxy code above did not fix the VaultPress connection issue and you are using Cloudflare, we recommend adding the following modified code to your “wp-config.php” file:

if ( !empty( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ) {
    $forwarded_ips = explode( ',', $_SERVER['HTTP_CF_CONNECTING_IP'] );
    $_SERVER['REMOTE_ADDR'] = $forwarded_ips[0];
    unset( $forwarded_ips );
}

Error: 400:403:Forbidden

This error likely means your site is down or your host is blocking our attempts to connect. If your site is functional, please reach out to your host and have them whitelist our full IP range:

192.0.64.1 to 192.0.127.254

Still unable to connect?

Contact support, and we’ll be happy to help you out! If you can add FTP, SFTP, or SSH credentials for your site before you contact us, this will help us troubleshoot further on our end.