MCP Troubleshooting: Connection, Cloudflare & SSL Issues
MCP connection failing? This guide covers the most common causes — Cloudflare blocks, SSL errors, token issues, and server configuration — with specific fixes for each.
In this article: Quick Diagnostics · Cloudflare Issues · SSL Issues · Token & Auth Issues · Other Causes
Before You Start
Related guides:
- New to MCP? Start with MCP for Beginners
- Setting up Claude.ai? Claude Remote MCP (OAuth)
- Setting up ChatGPT? ChatGPT MCP Guide
Before You Troubleshoot
First, do a quick connectivity test. Open this URL in a browser (replace with your domain):
https://yoursite.com/wp-json/aiwu/mcp/v1/discoveryYou should see JSON output (starting with {"name":"AIWU MCP Server"...}). If you get an error instead, that tells you what’s wrong.
| What you see | Likely cause | Jump to |
|---|---|---|
| JSON output | Endpoint works — issue is in the AI client config | Token & Auth Issues |
| 403 Forbidden | Cloudflare or security plugin blocking | Cloudflare Issues |
| SSL/HTTPS error | Certificate problem | SSL Issues |
| 404 Not Found | Plugin not active, or permalinks not flushed | Other Causes |
| 500 Server Error | PHP error on server | Other Causes |
| Connection timeout | Server or Cloudflare timeout | Cloudflare Issues |
Quick Diagnostics Checklist
- ☐ AIWU plugin is active (not just installed)
- ☐ HTTPS/SSL is enabled on your site (not HTTP)
- ☐ MCP is enabled in AI Copilot → MCP → Settings
- ☐ WordPress permalinks are set (not “Plain”) — Settings → Permalinks → Save
- ☐ Your MCP token hasn’t expired or been regenerated
- ☐ No conflicting security plugins blocking
/wp-json/paths
Cloudflare Issues
Cloudflare is the most common cause of MCP connection problems. Cloudflare’s security rules can block or slow SSE (Server-Sent Events) connections, which MCP uses.
Issue: 403 Forbidden from Cloudflare
How to check: Open browser DevTools → Network tab → click the failed request → look for the cf-ray header in the response. If present, Cloudflare is involved.
Fix: Add a Cloudflare WAF bypass rule for MCP paths.
- Go to Cloudflare Dashboard → [your domain] → Security → WAF → Custom Rules
- Click Create rule
- Set: URI Path contains
/wp-json/aiwu/mcp/ - Action: Skip → Skip all remaining custom rules
- Save and deploy
Issue: SSE Connection Timing Out (Cloudflare 524 error)
Cloudflare has a default 100-second timeout for origin connections. MCP uses persistent SSE connections that can exceed this.
Fix: Create a Cloudflare Page Rule for the MCP path:
- Rules → Page Rules → Create Page Rule
- URL pattern:
yoursite.com/wp-json/aiwu/mcp/* - Setting: Disable Performance and Cache Level: Bypass
- Save
Issue: Cloudflare Bot Fight Mode blocking Anthropic’s servers
When Claude.ai’s servers make MCP calls, Cloudflare may identify them as bots and block the connection.
Fix: Add Anthropic IP ranges to your Cloudflare IP allowlist, or create a WAF rule allowing requests with the Anthropic User-Agent:
- Security → WAF → Custom Rules → Create rule
- Condition: HTTP User Agent contains
claude - Action: Allow
SSL Issues
Issue: SSL certificate error (“SSL_ERROR_BAD_CERT”)
How to check: Go to SSL Labs and test your domain. A grade of A or B is required. F grade or “Certificate not trusted” means Claude.ai will refuse the connection.
Fix options:
- Install a free Let’s Encrypt certificate via your hosting control panel
- If using Cloudflare, set SSL mode to Full (strict) in SSL/TLS → Overview
- Renew expired certificate through your hosting provider
Issue: Mixed content (HTTP resources on an HTTPS page)
Fix: In AIWU settings, make sure the site URL is set to https://. Go to WordPress Admin → Settings → General and verify both WordPress Address and Site Address start with https://.
Token & Authentication Issues
Issue: “Unauthorized” or 401 error when Claude calls MCP tools
How to check: Test your token manually:
curl -H "Authorization: Bearer YOUR_TOKEN"
"https://yoursite.com/wp-json/aiwu/mcp/v1/tools"If you get a 401, the token is invalid or expired.
Fix: Go to AI Copilot → MCP → Settings, click Regenerate Token, then update the token in your AI client config.
Issue: OAuth token expired (Remote MCP)
Remote MCP OAuth tokens are valid for 30 days of inactivity.
Fix: In Claude.ai settings, disconnect and reconnect the AIWU integration. The OAuth flow will issue a new token automatically.
Issue: Token works in browser but not in Claude Desktop config file
Fix: Check your mcp.json for:
- No extra spaces around the token
- Valid JSON syntax (use jsonlint.com to validate)
- Token on one line — no line breaks inside the string
Other Causes
Issue: 404 Not Found on MCP endpoints
Fix: Go to WordPress Admin → Settings → Permalinks and click Save Changes (no need to change anything — just saving flushes rewrite rules). Then test the endpoint again.
Issue: Security plugin blocking MCP
Plugins like Wordfence, iThemes Security, or WP Cerber can block REST API access.
Fix: Temporarily disable the security plugin and test. If MCP works, whitelist the path /wp-json/aiwu/mcp/ in your security plugin settings.
Issue: PHP memory limit causing 500 errors
Fix: Add to your wp-config.php:
define('WP_MEMORY_LIMIT', '256M');
Still stuck? Enable AIWU debug logging in AI Copilot → Settings → Advanced → Enable Debug Log, reproduce the error, then check the log at AI Copilot → Logs for specific error messages. Contact support with the log.
What’s Next
- 🟢 Set up Remote MCP (OAuth): Claude.ai Remote MCP Setup
- 🔵 ChatGPT MCP setup: ChatGPT MCP Guide
- 🔐 Security details: Security & Privacy: How AIWU Handles Your Data
Last verified: AIWU v.4.9.2 · Updated: 2026-02-25