Hi @boabo, glad you reached out!
I’d like to replicate this on our end so our team can get this resolved. Can you please provide additional information on your current site environment? – WP, PHP, and Solid Security versions
Also, can you tell me what actions were made or if plugin settings were updated when the error occurred?
Looking forward to your response.
Thread Starter
boabo
(@boabo)
All updated, Wp 6.5.4,php 8.2, Solid security 9.3.3, etc Also runs on litespeed and litespeed cache. I discovered it recently only.
Hi @boabo,
Just wanted to circle back here that I’ve worked on trying to replicate this warning on my test environments, but I could not see it on my logs.
Still, I’ve escalated this to our dev team for review and fixing. I’ll get back to you when I have news.
Thank you for your patience!
Flick
(@felicity_gilbertson)
FYI – I’m also getting this error message filling up my logs… Have you ended up managing to replicate this?
-
This reply was modified 1 year, 8 months ago by
Flick.
-
This reply was modified 1 year, 8 months ago by Flick.
Thread Starter
boabo
(@boabo)
@felicity_gilbertson No, still getting same error in my public_html/error_log and the file size is now close to 0.5MB
Hi @boabo, @felicity_gilbertson,
I’ve had a look at the relevant code (I’ve replaced irrelevant lines of code with …):
59 if ( is_ssl() ) {
...
...
...
...
...
...
67 } elseif ( 'cli' !== php_sapi_name() && ! ITSEC_Core::doing_data_upgrade() && 'GET' === $_SERVER['REQUEST_METHOD'] ) {
68 $this->redirect_to_https();
69 }
It seems to me that the condition at line 67 (as is) may create a conflict. The goal of the condition is to exclude command line interface (cli) commands from being redirected to https. Which makes sense because a cli command is not an http(s) request. So when a cli command runs there is no point to redirect to https.
However, just checking for ‘cli’ !== php_sapi_name() and then assuming it’s a http request where $_SERVER[‘REQUEST_METHOD’] exists is prone to error/PHP warning. This can easily be avoided:
67 } elseif ( 'cli' !== php_sapi_name() && ! ITSEC_Core::doing_data_upgrade() && isset( $_SERVER['REQUEST_METHOD'] ) && 'GET' === $_SERVER['REQUEST_METHOD'] ) {
As a test please make a copy of the /wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php file. Then edit the original file (not the copy) and change line 67 to match with the above. Then start monitoring whether the issue persists (or not).
@shanedelierrr
Instead of using the PHP php_sapi_name() function it’s probably better to check for the WP_CLI constant:
67 } elseif ( defined( 'WP_CLI' ) && WP_CLI && ... ) {
68 ...
69 }
+++ To prevent any confusion, I’m not SolidWP +++
-
This reply was modified 1 year, 8 months ago by
nlpro.
-
This reply was modified 1 year, 8 months ago by nlpro.
-
This reply was modified 1 year, 8 months ago by nlpro.
Hi @nlpro, thank you for this insightful recommendation!
I’ve forwarded them to our dev team for review and I’ll circle back here when I have feedback.
We greatly appreciate your help!
Hi @shanedelierrr,
Okidoki. Just realized I got the alternative for php_sapi_name() wrong…ahum. Apologies for the confusion.
This is better:
67 } elseif ( ( ! defined( 'WP_CLI' ) || ! WP_CLI ) && ... ) {
68 ...
69 }
Thank you @nlpro! I got your message across the team before I’m out of office for today. I’ll keep you posted when I have news. Our challenge for this issue is that we don’t see it in any of our test (old and new) environments.
Also, @boabo @felicity_gilbertson, if you can give the suggestion a try, please let us know if it works on your end.
Flick
(@felicity_gilbertson)
That code is in for me and so far the Error_Log is not producing that warning…
Hi @boabo,
According to the 9.3.4 Changelog:
Bug Fix: PHP warning in the SSL module on some server setups.
Please update the SolSec plugin to the 9.3.4 release and then confirm the issue has been fixed in your env. If so, please mark this topic as ‘Resolved’.
