Plugin Author
Pascal
(@iqpascal)
Hi,
This is because your theme is sending data before the plugin is able to. A theme will always be displayed partly before the plugin kicks in as this is wordpress behavior.
I think in this case you can solve it by removing: <?php language_attributes(); ?>
The error is generated by PHP and not the plugin itself. I think your hosting provider did not set display_errors to off in the php configuration. This supresses most error messages and should reveal as less as possible.
See for more info:http://phpsec.org/projects/phpsecinfo/tests/display_errors.html
Thread Starter
b-cat
(@b-cat)
Thanks, Pascal.
Your links above are helpful.
However, I have tried the solutions you recommend, but they don’t seem to work on my site. I called my hosting provider, and got instructions on how to turn off the display errors function in the php.ini file, and I’ve also deleted the <?php language_attributes(); ?> code in the theme’s header.php file…but it still displays error messages.
I also tried modifying the root htaccess file, but that crashed the site, so I’ve restored the original .htaccess file.
I might just have to live with this.
Plugin Author
Pascal
(@iqpascal)
Hi,
You can also alter the plugin code.
Where it says
// display block message
Remove the next line that starts with header just above the print of blockmessage. That should make the error disapear as it will. Ot send the 403 forbidden header.
It breaks how it should be done but will still be effective with human visits.
Thread Starter
b-cat
(@b-cat)
Thanks, Pascal. I think it is fixed now. Here is what I did…
(1) First, in the plugin php file, I removed the header line that you describe above:
header ( 'HTTP/1.1 403 Forbidden' );
However, there were still some header error messages.
(2) So then I removed these four (4) header lines, also:
// Prevent as much as possible that this error message is cached:
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header("Expires: Sat, 26 Jul 2012 05:00:00 GMT");
And now it appears to work without displaying header errors.
I don’t know if it is a serious problem if the error messages are or are not cached, but I guess it won’t matter too much in my case since I’m only blocking people from countries who should not be contacting our site in the first place.
Thanks again!
Thread Starter
b-cat
(@b-cat)
One more note…
I’ve noticed that Better WP Security plugin has an option to manually block specific IP addresses. I’m using that plugin, also, and when it blocks an IP address, it seems to do this before the site or the theme loads any info at all, and it delivers in a clean 403 error page without any “cannot modify headers” errors.
I think Better WP Security is doing this by modifying the root .htaccess file and blocking IP addresses that way.
I don’t know if that is an approach that makes sense for your plugin, but just thought it might be something to consider if these header errors are a common problem.
All the best!
Plugin Author
Pascal
(@iqpascal)
I must not have been very awake when I wrote my last update on this topic as I completly forgot about the other headers indeed.
Glad that you solved it by yourself!
For blocking countries the .htacccess file cannot be used or it will be a very very long list of ip address that are blocked. For individual IP addresses that approach can be used indeed.
I am curious which headers are send out by your site so if you can supply your website url I can check things out (can also be done via email if you like)
Thread Starter
b-cat
(@b-cat)
Sure…how do I reach you by email? I couldn’t find a message option on your user profile link (or maybe I’m missing something).
Plugin Author
Pascal
(@iqpascal)
You can reach me at [firstname]@redeo.nl
Plugin Author
Pascal
(@iqpascal)
I’ll probably implement an option in the settings panel that allows you to choose between sending headers or not.
