Twitter Card Error "ERROR: Fetching the page failed because other errors."

andypiper · 2016-08-15T14:45:39.084Z

It looks like a problem on our side with our fetcher currently unable to access your site. Sorry about that - hopefully that will resolve itself in a little while.

ralphsnart · 2016-08-18T09:25:16.695Z

Don’t mean to be a pain, but what’s a little while? Still not working after 3 days, or are we talking weeks, months to resolve. Thanks -

andypiper · 2016-08-18T12:25:57.205Z

Hopefully only about a week or so as the cards crawler usually has a 7 day cache, but on rare occasions it can take a little bit longer.

BillTCCC · 2016-08-18T15:58:50.630Z

I am having the same problem on one of our sites: https://intofarms.org
I have been setting Twitter Cards up on all our sites and have been successful on every one except this one. I can’t find what is causing this. The site is identical in terms of theme and plugins to our main site: https://intorog.org which works perfectly. Both are on GoDaddy hosts (but different servers). Have been trying for about a week, but that might be the problem because I did find some insecure link references on the intofarms homepage which have now fixed. I guess we wait a week and see?

andypiper · 2016-08-18T16:35:50.599Z

I’ve looked into this a bit more and in both cases (intofarms.org and marchansenstuff.com) I’m seeing an SSL Handshake error with an “unrecognised name at the remote address”, so I think there could be a configuration issue - I can’t tell what that is, though, I’m not familiar with GoDaddy setup. Additionally, I assume there’s a typo in https://intorog.org/ as that doesn’t resolve for me.

BillTCCC · 2016-08-18T20:01:43.204Z

Hi Andy. Thanks the SSL Handshake is a very helpful clue. I will check into it and then test again.
I will test another SSL site on the same server and see if it has the same problem.
You are correct. It was a typo the working example is https://intoorg.org

BillTCCC · 2016-08-19T14:29:12.161Z

Hi Andy. Worked with GoDaddy to fix this and made several changes to the https://intofarms.org website. But that did not seem to fix the problem. Would you be able to try it once more and see if it is giving the same handshake error? Thanks

andypiper · 2016-08-19T15:15:12.704Z

Yes, same thing as far as i can tell, unless something is cached on our side.

ralphsnart · 2016-08-21T12:23:29.638Z

Andy, Here’s a link to a SSL server test of marchansenstuff.com. Don’t know if this helps or not. Also (server variables at bottom).
Does Twitterbot have SNI support? Or are godaddy’s servers misconfigured?

ralphsnart · 2016-08-21T12:24:15.255Z

Bill, what changes did you make?

BillTCCC · 2016-08-21T14:53:52.542Z

Hi. GoDaddy suggested that we add a plugin "really simple SSL’. I did that but as far as I can tell it did not make any difference. Just checked Twitter Card Validation on both of the problem sites and still same error. I had been waiting to see if it was a Twitter cach issue but suspect it is something to do with GoDaddy. The GoDaddy server where the two effected sites we have live is a Linix server. The SSL is: Encryption Strength - GoDaddy SHA-2
What is the host type and Encryption of yours?

ralphsnart · 2016-08-21T19:41:06.461Z

I have Godaddy’s Standard SSL 256-bit encryption on Linux. I get a worse grade than your site though when I test at https://www.ssllabs.com/ssltest/index.html ( you get an A and I get a C grade).

Looks like because my server uses RC4 and doesn’t have Forward Secrecy. Yours doesn’t support RC4 and has Forward Secrecy. This would just affect clients though. Depends on what Twitterbot demands perhaps. I’m not sure.

Do you have the Premium SSL plan? Don’t know if it matters since so far neither work.

Looks like All Really Simple SSL does is to redirect http to https, which can already be done in your htacess file.

ralphsnart · 2016-08-21T20:11:19.834Z

I can connect using cURL (however this is using tsl1).

curl -A “Twitterbot” -v -1 https://www.marchansenstuff.com

When I use openssl to connect, it works using tsl1 but I get a handshake failure when using ssl2 and ssl3. Note, when using tsl1, it’s using the less secure RC4.

openssl s_client -connect marchansenstuff.com:443 -tls1

BillTCCC · 2016-08-21T22:42:50.473Z

Wow. Thanks Ralph, good detecting. Have you talked to GoDaddy about this? I am thinking that we need Andy’s help on Monday to figure out what is going on from the Twitter perspective.
You are absolutely right the Really Simple SSL plugin, while useful, did not do anything I had not already done manually when we set the site up about a year ago.
I did use it on a new site and was pleased with it.

andypiper · 2016-08-22T08:25:39.324Z

Currently I’m not sure what else I can add beyond what I’ve mentioned, which is what the internal log reports from the crawler.

ralphsnart · 2016-08-23T20:15:30.126Z

Bill,
This worked for me. I added this to my .htaccess file. It redirects http to https except for Twitterbot. The card URL should use http instead of https.

RewriteEngine On
RewriteCond %{HTTPS} !^on$
RewriteCond %{HTTP_USER_AGENT} !Twitterbot [NC]
RewriteRule (.*) https://www.yourdomain.com/$1 [R,L]

BillTCCC · 2016-08-23T22:36:14.585Z

Thanks Ralph. Glad you got yours working. I will try this on our site.

HaythamElMogazy · 2016-08-27T15:11:28.837Z

Im having the same problem, and the log only show minimal info “ERROR: Fetching the page failed because other errors.”. I tried @ralphsnart .htaccess solution, but no success. The Url: https://riskinnovation.asu.edu/ @andypiper can you take a look at the log and give me some more info?

Thanks
Haytham

ralphsnart · 2016-08-27T15:28:40.359Z

Make sure you’re not blocking Twitterbot. Add this to the end of robot.txt…

User-agent: Twitterbot
Disallow:

Also, your validating url and image meta url needs to be http and not https.

andypiper · 2016-08-27T17:07:19.767Z

handshake alert: unrecognized_name at remote address which almost certainly means your web server’s SSL settings are not correct. There are a few threads like this one and this one which refer to ways to resolve SSL issues so that strictly-configured Java-based code can work with them.