WordPress Toolkit Testing and External IPs

jhawkins003

Active Member
Jun 24, 2014
36
7
58
cPanel Access Level
Root Administrator
Hello! We are testing WordPress Toolkit on a dev server that limits connection access to our internal org IP's and specific whitelisted connections for utilities, etc. I notice the screenshot panel for sites in WordPress Toolkit seem to be throwing 403's which is to be expected (something similar happens on Installatron). Are there any other features we should be aware of in WPT that utilize external connections?

It would be great to be able to whitelist these if so, but from what I can tell from our logs the connections for the screenshot utility at least seem to rotate (I presume they are coming from a CDN of some description).
 

jhawkins003

Active Member
Jun 24, 2014
36
7
58
cPanel Access Level
Root Administrator
Thank you for the response! When you select a domain in Wordpress Toolkit you are presented with a number of details regarding the installation, and one of the interface elements is a little screenshot of the site. I believe it uses an external service or script function to capture this site preview, and in the case of our testing server we block external connections. I just wanted to A) verify if there are any other elements of the toolkit which rely on external (non-localhost) connections, and B) if so, are there IP's we could/should whitelist so everything functions as it should for the utility.
 

cPJustinD

Administrator
Staff member
Jan 12, 2021
286
52
103
Houston
cPanel Access Level
Root Administrator
It appears that connections outbound to 89.187.164.38 and store.cpanel.net on port 443 are required for WordPress Toolkit. Can temporarily allow these external connections (if not already allowed) and report back if you're still seeing the issue?

Additionally, I wanted to note that there are various connections necessary for WordPress Toolkit functioning in aspects like installation, updating, installing assets. It utilizes the wordpress.org API entry point. Another example is the screenshotting service shots.plesk.com for taking website previews for the list of websites as you're mentioning. These should be considered when reviewing your external connection restrictions.

If you require further information so that you can properly configure your server to allow these connections, it would be best to submit a support request so that we can work with WordPress Toolkit to obtain and provide more information.
 
Last edited:

jhawkins003

Active Member
Jun 24, 2014
36
7
58
cPanel Access Level
Root Administrator
Thank you! Unfortunately whitelisting those did not make a difference. I even tried whitelisting the current IP associated with shots.plesk.com (assuming it's static and not on a CDN).

By the way, outbound connections aren't really the issue - inbound traffic is what gets blocked, as this is a development server and items hosted on it are not intended for public access. We allow almost all outbound connections. I have to think that having test servers behind some form of secure access is not an uncommon practice, so having a list of utility/service-related IP's for WHM admins to be aware of would be a great thing to communicate.
 

jhawkins003

Active Member
Jun 24, 2014
36
7
58
cPanel Access Level
Root Administrator
Hellohello! Just checking in on this question - was the final answer a "we don't know at this time"? I would be more than happy to open a ticket, but my question "what inbound IP's do we need to whitelist on secured servers so Wordpress Toolkit works as intended" feels more like a documentation/forum item and less a technical support/bug-fix item to burden the support staff with.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,519
1,028
313
cPanel Access Level
Root Administrator
I'm not sure there is going to be a way to provide a comprehensive list for this tool. It reaches out to cPanel, WordPress, and Plesk, depending on what operations are being performed, and the IPs from the various areas could change at any time.
 

jhawkins003

Active Member
Jun 24, 2014
36
7
58
cPanel Access Level
Root Administrator
Ok! That makes sense.

We will soon be testing the tool in more detail and will be happy to share our experiences onto this thread regarding quirks, etc. As of now, the only feature that seems to not function as intended are the screenshot thumbnails mentioned earlier in the thread. That might well be the only element meaningfully impacted.
 

Bucanero74

Registered
Nov 12, 2021
1
0
1
USA
cPanel Access Level
Reseller Owner
Hi, something "similar" is happening to me, I create a site with the WordPress Toolkit, the site works, but the admin area gives 403 forbidden so I can'y login to the WP Admin Dashboard
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
617
57
103
Houston, TX
cPanel Access Level
Root Administrator