Proxy settings/Custom API endpoint for censored network

[sparanoid]

What I expected

Ability to use Jetpack on servers in China.

What happened instead

*.wordpress.com, and *.wp.com are blocked in China mainland, the plugin cannot process the callback response from WordPress.com.

Steps to reproduce the issue

Jetpack is great, but some features need to talk to Jetpack (WordPress.com) servers to work, however, *.wordpress.com, and *.wp.com are blocked in China mainland, so this plugin cannot process the callback response from WordPress.com on site hosted in China.

In China, we all know that we can host our sites outside China but larger companies with ICP licenses have to host their sites in China due to Chinese law.

So, I'd like to suggest add a feature like "Proxy settings" or "Custom API endpoint", so we can use HAProxy or Nginx to proxy the original *.wp.com to bypass the censorship.

Thanks

[jeherve]

As you pointed out, a lot of the Jetpack features rely on WordPress.com servers. That is in fact one of the main ideas behind the Jetpack plugin.

You could use a VPN to bypass the censorship for the original connection to WordPress.com, and then find work-arounds to keep bypassing censorship every time your site needs to communicate with WordPress.com. However, this would only solve a small part of your problems. Jetpack also uses WordPress.com resources on the frontend; modules like Photon, Related Posts, Tiled Galleries, Stats, Subscriptions, all expose WordPress.com resources to your readers. They'd consequently need to be proxied as well to be able to access all the content and features on your site. The "Proxy settings" option you're offering wouldn't solve these issues.

As a result, I'd recommend against using Jetpack if your site visitors are in China. If you do want to use the plugin, you're better off using Development Mode, where no WordPress.com resources will be used on the frontend or in the backend.

Sorry not to be able to help you more :(

[sparanoid]

Thanks for your reply @jeherve, I partly agree with you but I think we can do more to fight against the internet censorship.

You could use a VPN to bypass the censorship for the original connection to WordPress.com, and then find work-arounds to keep bypassing censorship every time your site needs to communicate with WordPress.com.

At the moment, the Jetpack cannot be activated on servers in China, however, yes, I could use VPN on my server to make WordPress.com accessible. But this is hard to scale when I have plenty of WordPress instances to manage. I have to configure VPN on every server that need to access to WordPress.com. Even though I can use Ansible or Puppet to automate this task, it's still complex and time-consuming.

Jetpack also uses WordPress.com resources on the frontend; modules like Photon, Related Posts, Tiled Galleries, Stats, Subscriptions, all expose WordPress.com resources to your readers. They'd consequently need to be proxied as well to be able to access all the content and features on your site. The "Proxy settings" option you're offering wouldn't solve these issues.

Some great features like "Manage Multiple Sites", "Automatic Updates", and "Centralized Posting" require access to WordPress.com, but no additional resources on the front-end. I really want this feature because I have many self hosted WordPress sites to manage.

About the front-end stuff, there're already solutions to fight against censorship like Gravatar proxy, Similarly, I can create plugin to regex replace URLs from *.wp.com to proxied resources to bypass the censorship.

BTW Twitter for iOS and Android already officially provide custom API root for users where Twitter is not reachable.

However, this would only solve a small part of your problems.

So a custom API endpoint can really solve my problem I think. :)

[jeherve]

Some great features like "Manage Multiple Sites", "Automatic Updates", and "Centralized Posting" require access to WordPress.com, but no additional resources on the front-end. I really want this feature because I have many self hosted WordPress sites to manage.

That makes sense. You would still need to use a VPN to access WordPress.com to manage your sites, though.

If we were to implement such an option in the plugin, we'd have to make it very clear that it's only useful to use a handful of modules, or make sure all requests to WordPress.com are proxied.

• The former could be handled with module flags, like we do with Development mode (example)
• I don't know how we could implement a future-proof method for the latter.

I can create plugin to regex replace URLs from *.wp.com to proxied resources to bypass the censorship.

If you're caching *.wp.com resources locally, you're probably better off deactivating features like Photon and Tiled Galleries. The end result is the same: you're serving resources locally instead of using the WordPress.com CDN.

So, I'd like to suggest add a feature like "Proxy settings" or "Custom API endpoint", so we can use HAProxy or Nginx to proxy the original *.wp.com to bypass the censorship.

Since this would only be useful to a few people, this would probably be better handled as a filter, and not as an additional option in the interface. We don't want to confuse most users with an additional option.

I'm reopening this issue, and giving it the Community milestone; it's not something we'll add to our roadmap right now, but we'd happily review a Pull Request from a community member.

[stale[bot]]

This issue has been marked as stale. This happened because:

• It has been inactive in the past 6 months.
• It hasn’t been labeled `[Pri] Blocker`, `[Pri] High`.

No further action is needed. But it's worth checking if this ticket has clear reproduction steps and it is still reproducible. Feel free to close this issue if you think it's not valid anymore — if you do, please add a brief explanation.

[jeherve]

Closing this for now because of the lack of activity on this. We can always reopen in the future if needed.