Manage GPL
Sign up free

← Support & troubleshooting

Support & troubleshooting

Common pairing errors

The errors we see most often during site pairing — REST API disabled, 2FA on wp-admin, HTTP-only sites, and what to do about each.

Updated

On this page

Pairing works on the vast majority of WordPress sites with no trouble. Here's what to do when it doesn't.

"REST API is disabled or unreachable"

The connector can't complete pairing without reaching the site's WordPress REST API. Common causes:

  • Security plugin blocking REST: Wordfence, iThemes Security, WP Hide, and others sometimes block the REST API for unauthenticated requests. Check their settings.
  • Custom .htaccess or nginx rules: some hosts ship templates that block /wp-json/. Remove the block.
  • Plugin conflict: a plugin returning a filter callback error on rest_api_init breaks REST entirely. Deactivate plugins one at a time to isolate.

To verify: in a browser, open https://yoursite.com/wp-json/. You should see a JSON response. If you see a 404 or security-plugin page, fix that first.

"Login failed: 2FA required"

Only applies to the automatic pairing flow. The site's wp-admin has two-factor authentication on the login, which we can't supply. Use the manual flow instead — it doesn't require logging into wp-admin.

"Login failed: CAPTCHA detected"

Same as 2FA — the automatic flow can't solve CAPTCHAs. Use the manual flow.

"Site is HTTP-only (not HTTPS)"

The automatic flow refuses to transmit wp-admin credentials over an unencrypted connection. Either:

  • Install an SSL certificate on the site (Let's Encrypt is free), then retry.
  • Use the manual pairing flow — no credentials required.

We strongly recommend HTTPS regardless of whether you pair Manage GPL.

"Site is behind HTTP basic auth"

If your site has a server-level HTTP basic auth popup (not a plugin-level one), the automatic flow can't get past it. Use the manual flow, or temporarily remove the basic auth for the pairing, then restore it.

"Pairing token invalid" / "plugin already paired"

The token you pasted doesn't match what the connector on your WordPress site has stored. Two reasons this happens: (1) someone clicked Regenerate token in WP admin after you copied the original value; (2) the site was previously paired to a different Manage GPL account that didn't unpair cleanly.

To fix: on the WordPress side, go to Settings → Manage GPL Connect and click Regenerate token. Copy the new value, go back to Manage GPL's Add Site form, paste it, and retry.

"Could not reach Manage GPL"

The connector on your WordPress site couldn't call home. Usually means the site's outbound HTTPS is blocked — a firewall rule, a hardened host, or a PHP SSL cert issue. Check:

  • SSH into the host and run curl https://www.managegpl.com. If it fails, your server can't reach us.
  • Check your site's PHP version — PHP < 7.2 can't do modern TLS.
  • Check your host's support docs for "outbound request whitelisting".

"Site URL mismatch"

You generated a token for https://example.com but the connector reports the site's canonical URL is https://www.example.com. Match the URL exactly (with or without www, http or https) when generating the token.

Still stuck

Open a support ticket with:

  • The site URL.
  • The exact error message.
  • Whether you used the manual or automatic flow.
  • What you've already tried.

We'll usually have an answer within a business day.

More in Support & troubleshooting

Open a support ticket

My site is stuck in "pending"

Is something wrong with this article?

Tell us so we can fix it — outdated info, broken steps, wrong numbers, anything.

Report an issue

Article: Common pairing errors

Still stuck?

If this article didn't solve it, open a ticket and we'll help.

Open a support ticket