Incoming requests made by WordPress VIP Platform features and components can be identified by the User-Agents listed below.
Before receiving a Let’s Encrypt TLS certificate, a domain must complete an “ACME challenge” to verify its ownership and hosting location. The following User-Agents are used for some pre-flight validations to verify that the domain is associated with a VIP-hosted application before a provisioning request is sent to the Let’s Encrypt validation service:
WPVIP Let's Encrypt Certificates (+https://docs.wpvip.com/vip-user-agents): A User-Agent related to preliminary validations for a domain.
WordPress.com; https://clitools.wordpress.com: User-Agents that perform secondary validations for the domain before the request is sent to Let’s Encrypt.
Note: Let’s Encrypt uses a separate user-agent for its validation service, which looks similar to:
Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org).
An updated format (v1) for the request body of webhook URLs was released on 2 February 2024.
VIP Webhooks (+https://docs.wpvip.com/vip-user-agents): A User-Agent that sends outbound webhook Notifications with the v1 format to endpoints configured by customers to receive events.
VIP Webhooks (+https://vip.wordpress.com): A User-Agent that sends outbound webhook Notifications with the v0 legacy format to endpoints configured by customers to receive events. The v0 legacy format will be deprecated on 2 May 2024.
Other User-Agents associated with the VIP Platform
Mozilla/5.0+(compatible; UptimeRobot/2.0; http://www.uptimerobot.com/): Uptime Robot is configured to monitor uptime for a site launched with a primary domain on a production environment. Requests from Uptime Robot are made to the site’s home page URL.
Last updated: February 02, 2024