A variety of issues can prevent MarsEdit from connecting to your blog. This page summarizes the most common issues, and details workarounds where they exist.

Security-Related Connection Failures

Many mysterious connection failures can be explained by security measures imposed either by the web hosting company where your blog is published, or by additional plugins designed to increase security. Here are some of the most common security-related configuration problems, and how you can work around them:

• Blocked WordPress API. Some web hosting companies block access to WordPress’s “xmlrpc.php” API endpoint, which is the interface MarsEdit uses to communicate with WordPress-based blogs. If this is the case for your blog you will need to get in touch with your web hosting support team to ask them to “whitelist” access for MarsEdit. This is usually achieved by either whitelisting MarsEdit’s user agent, or by whtielisted a specific IP address from which you will always be connecting. It is generally preferred to whitelist by user agent so that you can connect with MarsEdit regardless of which internet connection you are using at the time.
• Disabled WordPress API. Many WordPress security plugins disable the WordPress API by default, on the assumption it won’t be used. If you are running any security plugins on your blog, look for an option to enable the WordPress API so that apps such as MarsEdit can connect to your blog.
• HTTP Rate Limiting. The interfaces that MarsEdit uses to connect to most blogs is a very “chatty” interface, which is to say that MarsEdit must make a large number of separate requests in the process of keeping your blog up to date. This is particularly true when downloading the backlog of existing content from your blog. Some web servers are configured to treat repeated requests from a single source as suspicious, and will shut down the connection after a certain threshold has been passed. If this is happening with your blog, you will need to ask the web hosting team to whitelist connections from MarsEdit. See the section on “Blocked WordPress API” above for more information.
• humans_21909 If MarsEdit fails to connect, and you find the presence of the term “humans_21909” in the Network Log, chances are good that your web hosting company has configured the mod_security security package in a way that is not compatible with MarsEdit. See this article for more information about this issue.

Incompatible Plug-Ins

If you run a WordPress blog with custom plug-ins, it’s possible that one of your plug-ins either intentionally blocks access to the WordPress API that MarsEdit connects to, or inadvertently interferes with the proper functioning of that API. It can be a useful debugging step to disable plugins on your blog to see if it eliminates the problems you have connecting with MarsEdit. If it does, you might enable them one at a time to narrow down exactly which plugin is causing the problem, and contact the plugin developer for assistance.

Repeated Password Requests

When MarsEdit connects to your blog for the first time, it doesn’t include any authentication information. Your blog should respond with a request to MarsEdit to ask you to authenticate, either by providing a username and password, or by confirming the connection through your web browser.

If you are prompted repeatedly to enter a password, then the credentials you provide are not being accepted for some reason. There are some common scenarios where a valid password is rejected by your blog. For example, if you have enabled Two Factor Authentication, the regular password you use to sign in on the web will not work. Read more about Two Factor Authentication with MarsEdit to learn how you can configure these blogs.

Fault Code 0

If you encounter a vague “–Fault Error–” message with “Fault Code: 0”, it means MarsEdit has received an unexpected failure in which the blog server didn’t respond with a meaningful error code. The most common cause for this is a WordPress plugin called WP-SpamShield which changes the behavior of WordPress. Read more about WP-SpamShield if you are using this plugin.