View Categories

Tips for troubleshooting Solid Central

14 min read

Solid Central allows you to manage multiple WordPress websites from a central location. Occasionally, you may encounter issues or errors when managing your Solid Central Dashboard. This doc gives you an overview of some of the most common errors when using Solid Central and key troubleshooting steps.

Retrieving Your Site ID #

Each site to Solid Central is assigned a unique ID for identification. When contacting the SolidWP support team, it’s advisable to include the Site ID of the problematic site, along with screenshots or a screen recording of the issue or the steps you’ve tried. This information helps the team resolve your issue more quickly.

How to Find Your Site ID #

1) Open your Solid Central Dashboard and navigate to the Sites screen.

2) Locate the domain of the site and right-click on the “Site Admin” button.

3) Copy the link and paste it on your notes app or anywhere.

4) Take note of the numbers at the end of the URL (after /login/) – this is your Site ID.

4) Include the Site ID in your support ticket, along with the details of the issue.

Central Server Whitelisting #

Due to the nature of the service, your host or a security plugin could block the Solid Central IP, preventing websites from being connected. If this happens, you may need to whitelist Central IPs and/or access ports:

Important Central IPs
#

Add these IPs to your server’s allowlist:

  • 207.246.254.118
  • 207.246.255.233 
  • 207.246.255.133
  • 207.246.255.60

Central Access Ports
#

You can also add the following access ports to your server’s allowlist:

  • 443
  • 80

Central User-Agent #

Solid Central uses this user-agent:

Mozilla/5.0 (compatible; iThemes Sync/1.0; +http://ithemes.com/sync).

It’s important to ensure that your server firewall or ModSecurity isn’t blocking this.

Uptime Whitelisting #

If your site uses a security plugin or firewall that restricts traffic by IP, UptimeRobot’s monitoring checks may be blocked and cause false downtime alerts. To prevent this, you can whitelist UptimeRobot’s IP addresses so its uptime requests are allowed to reach your site. Add the IP addresses listed below to your hosting firewall, CDN, or security plugin’s allowlist. This ensures accurate uptime monitoring without compromising your site’s protection.

Note: this list was updated on April 21st, 2026 to reflect changes to UptimeRobot’s IP addresses

Uptime IPs 
3.12.251.153
3.20.63.178
3.77.67.4
3.79.134.69
3.105.133.239
3.105.190.221
3.133.226.214
3.149.57.90
3.212.128.62
5.161.61.238
5.161.73.160
5.161.75.7
5.161.113.195
5.161.117.52
5.161.177.47
5.161.194.92
5.161.215.244
5.223.43.32
5.223.53.147
5.223.57.22
18.116.205.62
18.180.208.214
18.192.166.72
18.193.252.127
24.144.78.39
24.144.78.185
34.198.201.66
45.55.123.175
45.55.127.146
49.13.24.81
49.13.130.29
49.13.134.145
49.13.164.148
49.13.167.123
52.15.147.27
52.22.236.30
52.28.162.93
52.59.43.236
52.87.72.16
54.64.67.106
54.79.28.129
54.87.112.51
54.167.223.174
54.249.170.27
63.178.84.147
64.225.81.248
64.225.82.147
69.162.124.227
69.162.124.235
69.162.124.238
78.46.190.63
78.46.215.1
78.47.98.55
78.47.173.76
88.99.80.227
91.99.101.207
128.140.41.193
128.140.106.114
129.212.132.140
134.199.240.137
138.197.53.117
138.197.53.138
138.197.54.143
138.197.54.247
138.197.63.92
139.59.50.44
142.132.180.39
143.198.249.237
143.198.250.89
143.244.196.21
143.244.196.211
143.244.221.177
144.126.251.21
146.190.9.187
152.42.149.135
157.90.155.240
157.90.156.63
159.69.158.189
159.223.243.219
161.35.247.201
167.99.18.52
167.235.143.113
168.119.53.160
168.119.96.239
168.119.123.75
170.64.250.64
170.64.250.132
170.64.250.235
178.156.181.172
178.156.184.20
178.156.185.127
178.156.185.231
178.156.187.238
178.156.189.113
178.156.189.249
188.166.201.79
206.189.241.133
209.38.49.1
209.38.49.206
209.38.49.226
209.38.51.43
209.38.53.7
209.38.124.252
216.144.248.18
216.144.248.19
216.144.248.21
216.144.248.22
216.144.248.23
216.144.248.24
216.144.248.25
216.144.248.26
216.144.248.27
216.144.248.28
216.144.248.29
216.144.248.30
216.245.221.83
2a01:4f8:1c1a:3d53::1
2a01:4f8:1c1b:4ef4::1
2a01:4f8:1c1b:5b5a::1
2a01:4f8:1c1b:7ecc::1
2a01:4f8:1c1c:11aa::1
2a01:4f8:1c1c:5353::1
2a01:4f8:1c1c:7240::1
2a01:4f8:1c1c:a98a::1
2a01:4f8:c0c:83fa::1
2a01:4f8:c2c:9fc6::1
2a01:4f8:c2c:beae::1
2a01:4f8:c012:c60e::1
2a01:4f8:c013:3b0f::1
2a01:4f8:c013:3c52::1
2a01:4f8:c013:3c53::1
2a01:4f8:c013:3c54::1
2a01:4f8:c013:3c55::1
2a01:4f8:c013:3c56::1
2a01:4f8:c013:34c0::1
2a01:4f8:c013:c18::1
2a01:4f8:c17:42e4::1
2a01:4ff:2f0:3b3a::1
2a01:4ff:2f0:27de::1
2a01:4ff:2f0:193c::1
2a01:4ff:f0:3e03::1
2a01:4ff:f0:5f80::1
2a01:4ff:f0:7fad::1
2a01:4ff:f0:9c5f::1
2a01:4ff:f0:2219::1
2a01:4ff:f0:b2f2::1
2a01:4ff:f0:b6f1::1
2a01:4ff:f0:bfd::1
2a01:4ff:f0:d3cd::1
2a01:4ff:f0:d283::1
2a01:4ff:f0:e9cf::1
2a01:4ff:f0:e516::1
2a01:4ff:f0:eccb::1
2a01:4ff:f0:efd1::1
2a01:4ff:f0:fdc7::1
2a03:b0c0:2:f0::bd91:f001
2a03:b0c0:2:f0::bd92:1
2a03:b0c0:2:f0::bd92:1001
2a03:b0c0:2:f0::bd92:2001
2a03:b0c0:2:f0::bd92:4001
2a03:b0c0:2:f0::bd92:5001
2a03:b0c0:2:f0::bd92:6001
2a03:b0c0:2:f0::bd92:7001
2a03:b0c0:2:f0::bd92:8001
2a03:b0c0:2:f0::bd92:9001
2a03:b0c0:2:f0::bd92:a001
2a03:b0c0:2:f0::bd92:b001
2a03:b0c0:2:f0::bd92:c001
2a03:b0c0:2:f0::bd92:e001
2a03:b0c0:2:f0::bd92:f001
2a05:d014:1815:3400:6d:9235:c1c0:96ad
2a05:d014:1815:3400:90b4:4ef9:5631:b170
2a05:d014:1815:3400:654f:bd37:724c:212b
2a05:d014:1815:3400:9779:d8e9:100a:9642
2a05:d014:1815:3400:af29:e95e:64ff:df81
2a05:d014:1815:3400:c7d6:f7f3:6cc1:30d1
2a05:d014:1815:3400:d784:e5dd:8e0:67cb
2400:6180:10:200::56a0:b000
2400:6180:10:200::56a0:c000
2400:6180:10:200::56a0:e000
2400:6180:100:d0::94b6:4001
2400:6180:100:d0::94b6:5001
2400:6180:100:d0::94b6:7001
2406:da1c:9c8:dc02:7ae1:f2ea:ab91:2fde
2406:da1c:9c8:dc02:7db9:f38b:7b9f:402e
2406:da1c:9c8:dc02:82b2:f0fd:ee96:579
2406:da14:94d:8601:9d0d:7754:bedf:e4f5
2406:da14:94d:8601:b325:ff58:2bba:7934
2406:da14:94d:8601:db4b:c5ac:2cbe:9a79
2600:1f16:775:3a00:3f24:5bb0:95d7:5a6b
2600:1f16:775:3a00:8c2c:2ba6:778f:5be5
2600:1f16:775:3a00:37bf:6026:e54a:f03a
2600:1f16:775:3a00:91ac:3120:ff38:92b5
2600:1f16:775:3a00:ac3:c5eb:7081:942e
2600:1f16:775:3a00:dbbe:36b0:3c45:da32
2600:1f18:179:f900:4b7d:d1cc:2d10:211
2600:1f18:179:f900:5c68:91b6:5d75:5d7
2600:1f18:179:f900:71:af9a:ade7:d772
2600:1f18:179:f900:2406:9399:4ae6:c5d3
2600:1f18:179:f900:4696:7729:7bb3:f52f
2600:1f18:179:f900:e8dd:eed1:a6c:183b
2604:a880:800:14:0:1:68ba:d000
2604:a880:800:14:0:1:68ba:e000
2604:a880:800:14:0:1:68bb:0
2604:a880:800:14:0:1:68bb:1000
2604:a880:800:14:0:1:68bb:3000
2604:a880:800:14:0:1:68bb:4000
2604:a880:800:14:0:1:68bb:5000
2604:a880:800:14:0:1:68bb:6000
2604:a880:800:14:0:1:68bb:7000
2604:a880:800:14:0:1:68bb:a000
2604:a880:800:14:0:1:68bb:b000
2604:a880:800:14:0:1:68bb:c000
2604:a880:800:14:0:1:68bb:d000
2604:a880:800:14:0:1:68bb:e000
2604:a880:800:14:0:1:68bb:f000
2607:ff68:107::4
2607:ff68:107::14
2607:ff68:107::33
2607:ff68:107::48
2607:ff68:107::49
2607:ff68:107::50
2607:ff68:107::51
2607:ff68:107::52
2607:ff68:107::53
2607:ff68:107::54
2607:ff68:107::55
2607:ff68:107::56
2607:ff68:107::57
2607:ff68:107::58
2607:ff68:107::59
2607:ff68:107::60

You can bookmark the raw list of IP addresses here.

Imunify360 Whitelisting #

Imunify360 restricts automated scanning activity on protected servers, which can interfere with Solid Central’s site monitoring features, specifically plugin and site data collection.

As a workaround, users needing SolidWP on their servers can manually whitelist the required IP range using one of the following options: IP group management, an external IP list file, or the native agent method.
https://docs.imunify360.com/dashboard/#firewall
https://docs.imunify360.com/features/#external-black-whitelist-management

Quick Connection Checklist #

When a site fails to connect to Solid Central, several factors may be responsible, including server configuration, security settings, or WordPress settings. This quick connection checklist helps you work through the most common causes and recommended steps to resolve them:

WordPress Settings #

  1. Enable Application Passwords
    • Solid Central requires the WordPress Application Passwords feature; you must approve the application password request to successfully connect the site to Central.
    • To confirm that it’s enabled on your site, check your WordPress user profile in WP Admin > Users > Profile (or edit your account) and you should see an “Application Passwords” section.
      Note: Solid Central uses the “SolidWP” application password name.
    • For Solid Security users, here’s how to unblock it:
    • If you use other security plugins, check their documentation for enabling Application Passwords.
      • For example, Hostinger’s “Hostinger Tools” plugin can disable this feature.
  2. Ensure site use HTTPS
    • Solid Central requires a secure HTTPS connection to communicate with your site. Test or staging sites using plain HTTP (http://) may fail to connect, returning errors such as:
      • Could not validate the authorization attempt
      • The requested user is not authenticated
      • Application Passwords authorization endpoint not found
    • Solution: Install a valid SSL certificate and connect via the HTTPS version of your site.
  3. Verify WordPress URL Settings
    • Go to WP Admin > Settings > General and confirm both the WordPress Address (URL) and Site Address (URL) fields use https.
  4. Check Permalink Structure
    • Go to WP Admin > Settings > Permalinks and ensure the structure is not set to “Plain.”
  5. Avoid Forced Login Redirects
    • Make sure that your site does not automatically redirect visitors to the login page.
  6. Re-attempt With Defaults
    • Try running a fresh connection attempt (which means all the old SolidWP app passwords must be removed from your WP Profile) while all other plugins are deactivated and while switched to a default WordPress theme (e.g., Twenty Twenty-Five).
  7. Disable Solid Security Pro’s Trusted Devices feature
    • There is a known incompatibility with Solid Security Pro’s Trusted Devices feature at the moment, so keep it disabled for now.

Server & Security Configuration #

  1. Verify WordPress REST API Accessibility
    • Ensure that the site’s REST API endpoints (e.g., https://example.com/wp-json/) are accessible.
    • If using a security plugin, check if there’s a setting that can disable/restrict REST API and adjust as needed.
  2. Check ModSecurity or Firewall logs in the Server
    • Review your server security logs for blocked Solid Central requests.
    • Specifically, ModSecurity rule 225170 has been reported to block Solid Central requests. If found, request your host to whitelist Solid Central IPs or disable this rule for your domain.
  3. Whitelist Solid Central
  4. Verify SSL Certificate, TLS Support, and Proxy Configuration
    • Ensure your site has a valid, active SSL certificate that is correctly installed and trusted.
    • Ensure that your server supports TLS 1.2. You can test with Qualys SSL Labs to know if it’s supported.
    • If your site uses a CDN or proxy such as Cloudflare, ensure the SSL mode is compatible with authenticated API requests. Cloudflare recommends using Full or Full (Strict) SSL to prevent connection and authorization issues.
    • Check for Chain issues
      • In SSL Labs, look under the Chain issues section. If you see “Contains anchor“, it means the server is incorrectly sending the root certificate in the chain, which can cause Solid Central to reject the connection, even if the site appears secure in browsers.
      • How to fix? Ask your hosting provider or SSL vendor to remove the root certificate from the chain being served by your web server. Once corrected, re-run the SSL test and confirm the “Contains anchor” warning disappears.
  5. Enable PHP-FPM
    • Confirm PHP-FPM is enabled on the server.
  6. Allow Authorization Headers
    • Confirm with your hosting provider that the Authorization header is not being stripped on your server. Some servers strip this header for GET/HEAD requests by default. Solid Central uses a GET request to verify Application Passwords, and blocking this header can cause connection failures.
    • For Apache servers, add this to your .htaccess file:
      RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

Additional Troubleshooting #

  • If all else fails, try to apply this recommended code snippet in wp-config.php to bypass certain conflicts:
    • define( 'ITHEMES_SYNC_SKIP_SET_IS_ADMIN_TO_TRUE', true );

See Site connects initially but disconnects after a while for more details.

Connection Errors #

When Solid Central attempts to connect to your website but is blocked for some reason, it displays an error that can give you a clue on what went wrong. Here are some of the common errors that you may encounter:

Failed to discover authentication, application passwords authorization endpoint not found #

This error indicates that Solid Central’s Application Password request is blocked by a security plugin or setting on your site. To resolve, check your security plugin/settings for a feature that disables the WordPress Application Passwords feature.

You can confirm that the Application Passwords feature is enabled by checking your WordPress admin profile. If enabled, you’ll see an Application Passwords section when viewing or editing your user profile settings. Note: Solid Central uses the “SolidWP” password name.

If you have other security plugins installed, please consult their documentation on how to enable application passwords. If you are on Hostinger, the Hostinger Tools plugin has the ability to disable application passwords. Please consult their documentation or support for how to enable application passwords within their plugin.

Invalid URL, could not connect. #

There are several reasons this error is triggered, so try to troubleshoot the following areas on your site and/or server with the help of your hosting provider:

  • Ensure your server supports TLS version 1.2. Some servers are set to the newer version of 1.3 (which is okay) but had disabled 1.2, which Solid Central requires. Note: Kinsta does not enable TLS 1.2 by default and you will need to reach out to their support to have this enabled.
  • Ensure REST API is enabled and accessible on the site.
  • Ensure the server’s Basic Authentication Authorization header is accessible. The Authorization header is crucial for Application Passwords because it allows authentication requests to be securely processed. If this header is missing or blocked—often due to server configuration, authentication fails, preventing external applications such as Solid Central from accessing your site’s REST API endpoints.
    • You can inform your host that the default behavior during Solid Central’s connection request is to strip the Authorization header for GET and HEAD requests. Solid Central makes a GET request to verify that we have a good application password and if something is not allowing that header to go through, it could be why it’s failing.

Failed to discover WP REST, unable to communicate with the site. #

This error indicates an issue with accessing your site’s REST API, so double-check that it’s enabled and accessible. If you have any security plugins, try to temporarily disable them.

Could not validate the authorization attempt #

If you get this error despite making sure the WP Application Passwords is enabled on your site, the issue may be due to selected Permalink structure.

Double-check that the permalink structure of your site is not set to “Plain” via WP Admin -> Settings -> Permalinks.

Solid Central was forbidden from accessing your site. Please check if the Solid Central server IP address has been blocked. #

This error is more straightforward than the others, so ensure the Solid Central IPs listed above aren’t blocked on your server, and have your host whitelist them directly on the server firewall.

Divi’s Exit the Visual Builder Is Broken When Accessing Site Via Central #

If you use Divi’s Exit Visual Builder feature, you may encounter a conflict with Central if you use Central to access your WordPress site via the Visit Site or Site Admin links. Adding the snippet below to your theme’s function.php file will resolve this issue.

add_filter('ithemes-sync-admin-bar-item-whitelist-' . get_current_blog_id(), function ($whitelist) {
    if (!in_array('et-disable-visual-builder', $whitelist)) {
        $whitelist[] = 'et-disable-visual-builder';
    }

    if (!in_array('et-use-visual-builder', $whitelist)) {
        $whitelist[] = 'et-use-visual-builder';
    }

    return $whitelist;
});

If Adding from Solid Central Fails, Connect from WordPress Instead #

If connecting your site to Solid Central from the Solid Central dashboard doesn’t work, the issue may be related to hosting configurations outside of your control or a plugin that is blocking requests from the outside. In those cases, connect directly from your WordPress admin panel instead.

To do this: Go to WP Admin -> Settings -> Solid Central and click the Connect button.

This method uses the same underlying connection but may succeed where the other fails.

Common Issues #

Site connects initially but disconnects after a while #

If you’re experiencing connectivity issues with Solid Central where the connection drops:

  • immediately after the site is connected or
  • after updating certain plugins (for example, Google Analytics for WordPress by MonsterInsights or Google for WooCommerce)

try adding the following line to your site’s wp-config.php file, just above the line that says: /* That's all, stop editing! Happy publishing. */

define( 'ITHEMES_SYNC_SKIP_SET_IS_ADMIN_TO_TRUE', true );

This disables a specific behavior in the Solid Central connection process that may conflict with how certain plugins load admin privileges during REST API requests.

Is it safe to add this constant?

Adding this constant should be safe in most cases, as it specifically bypasses the remote admin detection behavior of some plugins during REST API calls, and it shouldn’t affect the overall functionality of your site or Solid Central. Still, if you observe any issue related to admin detection or remote REST API requests after adding it, contact the SolidWP support team for assistance.

Pro tip: You can also try this method if you’re experiencing connectivity issues on a site that hasn’t yet been connected to your Solid Central account.

Getting Authorization Errors on Google Analytics/Search Console Areas #

If you’re seeing errors like:

  • “We could not locate this site using your existing linked account(s).”
  • “No authorized user found with access to this site. Please add an authorized account.”

These usually indicate a problem with how Solid Central is connecting to your Google Analytics and/or Google Search Console (GSC) accounts. Below are common causes of these errors and how to resolve them:

Missing or Incorrect Web Stream Tag (GA4)
Ensure that the Web Stream Details Google Tag from your GA4 property is correctly added to the <head> of your website. You can add this manually or via a plugin like Google Site Kit.

Outdated or Cached Measurement IDs
If your website was previously using a different GA property, a cached/outdated Measurement ID can interfere with Solid Central’s ability to locate the property correctly.

Unlinked GSC and GA Properties
Even if both GA and GSC are enabled for your account, they must be linked together within Google’s platform for Solid Central to access both correctly.

Broken API Authorization
Google authorizations can sometimes get outdated—especially if you unlink or relink accounts or properties after the initial Solid Central connection.

How to resolve GA/GSC issues on Solid Central? #

  1. Confirm that the correct Web Stream Details Google Tag from your GA4 property is correctly added to the <head> of your website. Use Google Tag Assistant or your browser’s View Page Source to confirm.
  2. Confirm that the ID shown is the correct ID generated by the property.
  3. Clear your browser’s cache and cookies. Also, clear and server-level and plugin caches.
  4. Try reconnecting via Solid Central.

If the above doesn’t help, proceed with removing Solid Central from your Google Account Permissions to hard reset the connection:

  1. Open myaccount.google.com and sign in with the authorized account.
  2. Navigate to “Date & privacy” in the sidebar menu.
  3. Clicking “Data from apps and service you use” will scroll you to the section with “Third-party apps and service” and select it
  4. Scroll down and select “Solid Central”
  5. Click the “Delete all connections you have with Solid Central” link at the bottom
  6. Go back to Central and attempt authorization of Google Analytics/Search Console again

Note that restarting the connection will happen on all sites connected to Solid Central using the same Google account.

I cannot find the Solid Central plugin on my WordPress dashboard view #

The Solid Central plugin can be hidden from a user’s WordPress dashboard view via the Solid Central Dashboard’s Hide and Show plugin setting. This is controlled by a setting called show_sync within the plugin’s internal options.

In some cases, the Solid Central plugin may appear hidden from the WordPress Plugins page, even though it is installed and active, and is not being hidden from the dashboard setting.

To temporarily reveal the plugin, visit:
/wp-admin/plugins.php?ithemes-sync-force-display=1
This sets a user-specific transient that displays the plugin for approximately 10 minutes.

To permanently unhide the plugin, update the show_sync option to true via WP-CLI or a must-use (MU) plugin. Example WP-CLI command:

wp site option update ithemes-sync-settings '{"show_sync":true}' --format=json

For sites without WP-CLI access, create a file named unhide-solid-central.php in the wp-content/mu-plugins/directory and add:

<?php
/**
 * Plugin Name: Unhide Solid Central
 * Description: Permanently unhides the Solid Central (iThemes Sync) plugin for all users.
 */

add_action('init', function() {
    if (is_admin()) {
        $settings = get_site_option('ithemes-sync-settings', []);
        if (!is_array($settings)) {
            $settings = [];
        }
        $settings['show_sync'] = true;
        update_site_option('ithemes-sync-settings', $settings);
    }
});

This ensures the Solid Central plugin remains visible in the WordPress dashboard.

Cannot copy file error when connecting to Solid Central #

This error usually appears when the web host blocks file operations due to missing permissions or required PHP extensions. In most cases, the zip or pclzip extensions are not installed, or the hosting environment is preventing the plugin from copying files.

When a site connects to Solid Central for the first time, the system attempts to automatically install the Solid Central plugin. If that installation fails, the connection cannot complete.

Solution:
Manually install the plugin by following these steps:

  1. In the WordPress dashboard, go to Plugins > Add New.
  2. Search for Solid Central.
  3. Click Install Now, then Activate.

Once the plugin is installed and active, return to Solid Central and try connecting the site again.

Updated on April 22, 2026

Was this doc helpful?

  • Happy
  • Normal
  • Sad

Get Solid Suite bundled with hosting.

Explore StellarSites

A Liquid Web Brand
Hosting for WordPress
© 2025 All Rights Reserved

StellarWP logo
Liquid Web logo