Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

unexpected response code 500.

edited August 2014 in MarsEdit
Hi there,

I'm getting the 'ol unexpected response code 500.

"The post could not be published because of an error while uploading an attached file: unexpected response code 500.
If this problem persists, try deleting the attachment from the Uploads list, and from your post content. Then, insert the attachment again before sending to your blog."

This seems to be the relevant portion of the log file:

Response text:

500 Internal Server Error

Internal Server Error

The server encountered an internal error or
misconfiguration and was unable to complete
your request.

Please contact the server administrator, and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.

More information about this error may be available
in the server error log.

Apache/2.2.22 Server at Port 80

But I don't really know what to do next...
Could someone help?




  • Hi there - I think the advice from the general failure is good - to contact the server administrator for your domain. I'm not sure if that listed address will work or if you need to get in touch with whoever is in charge of the hosting for your site.

    Generally when there is a 500 error it means that something has "crashed" on the server and that can be due to a bad plugin, out of memory error, something wrong with the PHP configuration, etc. If you haven't tried already I recommend disabling all your WordPress plugins as a test, to see if it makes any difference. Otherwise I think the best way to get the problem solved is to talk to your server admins and let them know you're getting a 500 error when MarsEdit accesses the site, and send them a copy of the log file.
  • Hey Daniel - Thanks! Unfortunately I'm the administrator (although I have no right to be called such a thing... I don't know anything :)

    I'm getting this from my web host (Media Temple):

    "I would recommend checking your (gs) Grid-Service error logs for in order to get more information in regards to the issue. Based on the error that you are receiving it seems that the application you are using may have been blocked or does not have the proper access to make the changes."

    Which is equally confusing...

    Is there a list out there of stuff to check if you get the 500 error?
  • So I've been back with the MT support guys... we've checked everything - plugins turned off, disabled fast php stuff... to the point that we are getting no errors on the server side anymore, but the uploads are still not working.

    Just says the "server timed out"///

    Any ideas?
    (I've emailed you my log file)

  • (update: the email I sent to bounced back... is that still active?)
  • Hi again - yes, should definitely work. I'm getting other email there all the time. Is it possible there was a typo on the part? I don't have the domain for example.

    Unfortunately I've learned from some other customers that Media Temple in particular seems to have some pretty strict security restrictions in place, and at least for one other customer who has been in touch with them, they seem unwilling to bend on the restriction. This really surprises me because MT is such a long-standing and well-liked host. In a nutshell it seems that they are blocking accesses to WordPress's xmlrpc.php when they judge the client (e.g. MarsEdit) is a security risk.

    I didn't end up with any better solution apart from trying to convince MT to change their policy, than to suggest to another customer that they might need to find another hosting company for their blog that will allow access from apps like MarsEdit.

  • Hi Daniel,

    Thanks for looking into this... could you check what precisely the other user requested from MT? They send me the below in response for my request for the service to be "whitelisted" ... : /


    Thank you for your inquiry to (mt) Media Temple.

    There are limits on the number of POST requests that can be sent to "xmlrpc.php" on the Grid hosting service; this is due to a large number of recent WordPress attacks across the internet that make use of this file. For security reasons, this would not be something we can alter or disable on a per-account basis. I apologize for any inconvenience caused by this.

    If this is necessary for your site applications to work, I would recommend a DV Server. This is a VPS where you and your developer would have complete control of the security settings. For more information, please see:

    Product Info: DV Server

    If you have questions about the information within this support request or any of your (mt) Media Temple services, please feel free to contact us at any time.

    Shawn H.
    Senior Customer Support @ (mt) Media Temple
  • Hi Daniel,

    I got a further response from MT, asking if its possible to change the Mars Edit code?

    I don't know how hard this would be...

    "Due to the proliferation of WP brute-force style attacks using xmlrpc.php, we have settings in place to limit POSTs to this file.

    We cannot alter this, as it pertains to the security and stability of the entire (gs) Grid-Service.

    You'll have to contact "MarsEdit" and ask them to modify their code so that it spaces these POSTs out a bit more, otherwise this is not going to work on the (gs) Grid-Service and, as Shawn mentioned, you'd then need to move to a DV where you have more granular control over these types of settings.

    Please let us know if there is anything else we can do for you. If you have any other questions or concerns, you may contact us at any time.

    Mike G
    Tech Support MT"

  • Thanks for letting me know their position. It's not particularly realistic to change MarsEdit's approach to handling how it sends requests to a blog. It would slow things down unncessarily for all users when only a small handful (I guess, including MT) have a problem with the normal use of this API to communicate with WordPress blogs. Also, it would be a non-trivial change to the code of the app to program it to space out the requests like this, in such a way that it meets MT's arbitrary request for spacing out the requests.

    I am sorry they didn't respond positively to the request to whitelist your requests. It seems like they are drawing a line in the sand about this which is a shame because I am sure many of their customers use MarsEdit or other apps that depend upon accessing the WordPress API.
  • My log files just say this -- at least the ones that refer to xmlrpc - - [02/Sep/2014:00:02:15 -0700] "POST /heavysid HTTP/1.1" 200 206 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1" - - [02/Sep/2014:00:02:16 -0700] "POST /heavysid HTTP/1.1" 200 206 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1"

    Any idea what any of that means?

  • Thanks, those lines just represent instances in time when some client tried to access your xmlrpc.php (the interface for the WordPress blog). I don't think those are related to MarsEdit because the Mozilla and Windows related strings would suggest it's from another app. Maybe you used another blog editor app to connect around that time?

    In any case those requests appear to have been successful (the part that says "200" after the HTTP stuff indicates as much) - I wonder if there is another separate log file for the errors and warnings?
  • ah... ok found it... it's a seperate error log, indeed:

    [Wed Sep 03 14:14:22 2014] [error] [client] ModSecurity: Warning. Match of "rx ^POST$" against "REQUEST_METHOD" required. [file "/etc/apache2/mod_security/custom/wpbrute.conf"] [line "9"] [hostname ""] [uri "/wp-login.php/"] [unique_id "VAeErs26uBgAABV83AYAAAA3"]
    [Wed Sep 03 14:14:23 2014] [error] [client] ModSecurity: Warning. Match of "rx ^POST$" against "REQUEST_METHOD" required. [file "/etc/apache2/mod_security/custom/wpbrute.conf"] [line "14"] [hostname ""] [uri "/gs-bin/php-stable/wp-login.php/"] [unique_id "VAeErs26uBgAABV83AYAAAA3"]
    [Wed Sep 03 14:14:25 2014] [error] [client] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/mod_security/custom/wpbrute.conf"] [line "10"] [hostname ""] [uri "/wp-login.php"] [unique_id "VAeEsc26uBgAAHXpEPMAAACX"]
    [Wed Sep 03 14:14:25 2014] [error] [client] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 0 at USER:bf_block. [file "/etc/apache2/mod_security/custom/wpbrute.conf"] [line "20"] [msg "ip address blocked for 5 minutes, more than 15 login attempts in 3 minutes."] [hostname ""] [uri "/wp-login.php"] [unique_id "VAeEsc26uBgAAHXpEPMAAACX"]

  • Access denied looks like its their API policy yeah?
  • And a further response from the Media Temple people...

    "These errors appear to be related to the Apache "mod_security" plugin blocking IP addresses that are trying to make repeated login attempts at "wp-login.php". This may indicate that the software that you are using is repeatedly sending incorrect credentials and causing an IP block to occur as a result. If the issue is that this external blogging software is failing to upload files, you will need to make sure that a valid user name and password are configured and that the software itself is configured correctly."

    This doesn't seem likely though as the only posts that don't work are with images - the other posts seem to work ok.

    Any further ideas? Does the image uplaod make a lot of requests to wp-login.php or something?
  • Look at the part of the log that says "ip address blocked for 5 minutes, more than 15 login attempts in 3 minutes." The problem is MarsEdit, and other apps like it, need to "login" with every single request they make to the site. And the way WordPress's API works, it's common to make many consecutive requests in a row. So you can easily exceed 15 transactions within a 3 minute period if you're e.g. refreshing posts/etc. I'm not sure why it only seems to be affecting you when you upload an image, though.

    Also the error messages in this particular log seem to be related to a different URL than MarsEdit uses. The errors here are about /wp-login.php, but MarsEdit uses /xmlrpc.php. So it makes me wonder if something else is causing that wp-login URL to be hit repeatedly. Did you customize the preview template in MarsEdit to contain HTML from your site by any chance?
  • Hi Daniel,

    No - I've not done anything with the preview template in MarsEdit (I don't really even know what that means exactly :)

    I'll copy this over to the MT customer service and see if they can make sense of it
  • Cool, let me know what they say. As I said I think others who use MT have had spotty results getting them to lift the security measures, but I hope you will have good luck.
  • Hi Daniel,

    Apparently it is a limit on the XMLRPC service. Can Mars Edit be set to reduce these requests? Or is there ANY OTHER WAY?

    I don't really have the money to pay these guys for more non-existent "services", and I certainly don't have time (I just spent week and weeks transferring everything over to their damn grid service these past months! :)

    Any ideas? It's pretty essential that I'm able to do offline blog editing... such a common thing -- I just assumed it wold work!


    Message from MT below...

    That error in your initial support specifically pertains to the client IP address listed. Checking your login history, the IP in the error doesn't match any of the IPs you have used to log in.

    When I filter your error logs using the IP address that you have used to log in (, I do see the following error come up multiple times:

    [Fri Sep 05 12:33:30 2014] [error] [client] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 6 at IP:wpxmlrpc_counter. [file "/etc/apache2/mod_security/custom/wpbrute.conf"] 0;[line "29"] [msg "IP address is making too many XMLRPC requests, requests temporarily blocked."] [hostname ""] [uri "/xmlr pc.php"] [unique_id "VAoQCs26uBEAACOam9YAAABE"]

    In order to make mass updates/posts to your WordPress site, the offline editor is likely using the xmlrpc.php file. Since that file is a common attack target on WordPress, for security purposes, there are limitations on the GRID for requests to that file. If there is a way to limit the xmlrpc.php requests in your offline editor, please try that. If there isn't a way to limit the xmlrpc requests, you may want to look into migrating your sites to a DV server, where these xmlrpc request limits are not in place. Here's a KnowledgeBase article that can assist you with this:

    Migrate to a DV from a Grid

    Our CloudTech team also offers the Move a Site service ($100 per domain), in which they can move your websites for you. If you'd like to add this service to your account, please let me know!
  • Hi again heavyside, unfortunately for the time being at least there is no way to limit the amount of XMLRPC requests that MarsEdit makes. This is because historically, for over 10 years now, MarsEdit's behavior hasn't been a problem with most if any hosts.

    Looking forward there are some potential ways I could cut back on the number of total requests that MarsEdit makes, but I can't make promises about when I will be able to enhance the app in this way. I guess if a ton of hosting companies take a stance like MT has done then it will become a higher priority but luckily the vast majority of services don't impose these limits.

    I wonder if switching to another hosting service at the same price tier is a possibility you have considered? I don't expect you will find many other companies take this strong a position on the matter. In my experience most other companies just "whitelist" the behavior on behalf of their customers - once they know the users are intentionally accessing the XMLRPC.php file repeatedly it's not such an alarming concern that it is happening.

  • For what it's worth I'm following up with Media Temple and will try to start a dialogue with folks there to see if I can convince them to relax their rules on this. Maybe it they understand the history and constraints of how apps like MarsEdit work with WP, they will be more amenable to allowing it.
  • thanks - that's great - i'm also trying from my end... they've advanced my support ticket to some 'higher level' internally, so hopefully it'll work our... :/
  • This is the last response I got... I'm not understanding why I'm the only one who has this problem...

    "Unfortunately, we cannot whitelist the xmlrpc requests on the (gs) Grid-Service. The MarsEdit software will also very likely not function on the Premium WordPress hosting service."

    Is that true?
  • "The specific off-line editor you are using appears to exceed the xmlrpc.php thresholds in place on the GRID hosting. While I cannot confirm if there are other off-line editors that do not exceed the limits, I can only assume there are since the xmlrpc.php thresholds have not cause any issues for the majority of GRID hosting clients and this is personally the first time I have seen a situation where the limits have caused an issue with an offline editor."
  • Didn't you have another person with MT and MarsEdit who got it working?
  • edited September 2014
    Hi heavyside - sorry about the long delay in getting back to you on this.

    It's a real disappointment that they won't support whitelisting the XMLRPC service. I still haven't heard back from them after my request to discuss the issue. Hopefully they will follow up with me at some point.

    As far as whether it's true that MarsEdit will or won't work with their varying levels of service, they are ultimately the ones who would know best. It sounds like they have a very strict rule about accepting connections via the XMLRPC endpoint.

    (As for the other person using MT who did seem to have it working, that was the gist I got from one other customer, but it was via private email so I don't want to share that information. For all I know they could have been mistaken, or maybe they have a special arrangement with MT that is not apparent to me.)
  • I just find it hard to believe that I'm the only one with this problem... so strange! Boring web host decision means I can't use offline editors for Wordpress. It's a bit ridiculous!
  • Well I doubt it will make you feel better but you are definitely not the only one with the problem. I have had several other complaints and that's how I started coming to the conclusion that MT in particular is unusual for not whitelisting accesses like this.
  • edited September 2014
    Hi Daniel, 2014-09-29 10.49.45.png?dl=0

    There's a new error now - they've tried to fix something on their end at MT.

    Any ideas why this would be happening?

    Network message sent: 2014-09-29 08:28:02 +0000
    Method name: metaWeblog.newMediaObject
    Network reply received: 2014-09-29 08:29:32 +0000
    Method name: metaWeblog.newMediaObject
    Status code: -1
    Succeeded: NO
    --Download Error--
    --Timeout Error--
    Request text:
    <?xml version=\"1.0\" encoding=\"utf-8\"?>

    Response text:

  • Hi there - unfortunately the log doesn't show anything coming back from your server, which probably indicates that the server just crashed while trying to handle the request from MarsEdit. These things have to be sorted out on the server end of things, so it probably means asking your server administrators to look for error logs around the time of the request and see if they can make sense of why the server it not returning a response to MarsEdit when it posts the request.
  • Hi Daniel,

    Just a note that this still doesn't work with Media Temple... 2014-11-11 12.04.26.png?dl=0

    Anything we can do?
  • Hi,

    I work for a different hosting company (not MT.) We have ultimately, the same problem that MT must have been having. Wordpress as an application, is a nightmare to support on shared hosting environments, because of the multiple security problems it presents. One of these is the xmlrpc.php file, which can be used quite trivially to DDOS other websites. This will only change when Wordpress themselves actually care about the companies that try to host their product for their consumers. Until they give us the tools we need to better manage security, it is doubtful that MT, or other hosting companies will broadly allow access to xmlrpc.php because of the risk to our infrastructure.

    The hoster I work for, does not restrict POSTs to xmlrpc.php, but limits it on an IP basis. This is a more pragmatic approach but not without its own set of problems. Blaming MT here is pretty pointless as the actual problem lies with Wordpress' security, something that, until WP do something about, will only get worse.
Sign In or Register to comment.