Fatal error in admin

  • Hi, after today’s update to 3.1.0, our site admin was not accessible anymore. This was reported in debug.log:

    [16-Oct-2024 11:23:34 UTC] PHP Fatal error: Uncaught Error: Undefined constant “Automattic\Jetpack\Waf\JETPACK_WAF_ENTRYPOINT” in /home/xxxxx/public_html/wp-content/plugins/jetpack-protect/jetpack_vendor/automattic/jetpack-waf/src/class-waf-standalone-bootstrap.php:157
    Stack trace: 0 /home/xxxxx/public_html/wp-content/plugins/jetpack-protect/jetpack_vendor/automattic/jetpack-waf/src/class-waf-initializer.php(187): Automattic\Jetpack\Waf\Waf_Standalone_Bootstrap->generate() 1 /home/xxxxx/public_html/wp-includes/class-wp-hook.php(324): Automattic\Jetpack\Waf\Waf_Initializer::check_for_updates() 2 /home/xxxxx/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters() 3 /home/xxxxx/public_html/wp-includes/plugin.php(517): WP_Hook->do_action() 4 /home/xxxxx/public_html/wp-admin/admin.php(175): do_action() 5 /home/xxxxx/public_html/wp-admin/index.php(10): require_once(‘/home/xxxxx/…’) 6 {main}
    thrown in /home/xxxxx/public_html/wp-content/plugins/jetpack-protect/jetpack_vendor/automattic/jetpack-waf/src/class-waf-standalone-bootstrap.php on line 157

    [16-Oct-2024 11:23:36 UTC] PHP Fatal error: Uncaught Error: Undefined constant “Automattic\Jetpack\Waf\JETPACK_WAF_ENTRYPOINT” in /home/xxxxx/public_html/wp-content/plugins/jetpack-protect/jetpack_vendor/automattic/jetpack-waf/src/class-waf-standalone-bootstrap.php:157
    Stack trace: 0 /home/xxxxx/public_html/wp-content/plugins/jetpack-protect/jetpack_vendor/automattic/jetpack-waf/src/class-waf-initializer.php(187): Automattic\Jetpack\Waf\Waf_Standalone_Bootstrap->generate() 1 /home/xxxxx/public_html/wp-includes/class-wp-hook.php(324): Automattic\Jetpack\Waf\Waf_Initializer::check_for_updates() 2 /home/xxxxx/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters() 3 /home/xxxxx/public_html/wp-includes/plugin.php(517): WP_Hook->do_action() 4 /home/xxxxx/public_html/wp-admin/admin-ajax.php(45): do_action() 5 {main}
    thrown in /home/xxxxx/public_html/wp-content/plugins/jetpack-protect/jetpack_vendor/automattic/jetpack-waf/src/class-waf-standalone-bootstrap.php on line 157

    Clearing the auto_prepend_file was our only option to get access again.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Support Alin (a11n)

    (@alinclamba)

    Hi @ravanh,

    Thank you for providing the detailed error log. I’ve tried replicating the issue on my end but haven’t been able to reproduce it.

    Could you please share your site URL with us so we can take a closer look and try to replicate the issue in a similar setup? It would also help us check for any potential causes specific to your environment.

    If you want it to remain private, you can also contact us via?contact form. If you choose to reach out directly, please include a link to this thread.

    Thank you!

    Thread Starter Rolf Allard van Hagen

    (@ravanh)

    Hi, the same error occurred on two different sites so far:

    In both cases right after an automatic plugin update, and only fixed by removing the auto_prepend_file from PHP settings. Both sites are hosted by o2switch running PHP 8.2, MariaDB (no sure which version) and lsCache with Redis 7 for object caching.

    Is the JETPACK_WAF_ENTRYPOINT constant something that should be defined in wp-config.php?

    Thread Starter Rolf Allard van Hagen

    (@ravanh)

    Just found a third: https://vivarais.net/. This one is running on a completely different platform (Nginx, PHP 8.1) …

    Thread Starter Rolf Allard van Hagen

    (@ravanh)

    I should note: after removing auto_prepend_file and accessing the admin again, I reset auto_prepend_file to the same bootstrap.php again. The admin remains accessible after that.

    It looks like the wp-content/jetpack-waf/bootstrap.php was updated right after regaining access, now containing a new line define( 'JETPACK_WAF_ENTRYPOINT', 'rules/rules.php' );

    On a fourth site, where Jetpack Protect is still at 3.0.2, that line is not present in bootstrap.php…

    So it feels to me like this file is not properly updated together with the automatic plugin update, and only updates after a successful admin access? I’ll test updating Jetpack Protect from 3.0 to 3.1 manually from the admin on the fourth site, with the auto_prepend_file parameter set…

    Thread Starter Rolf Allard van Hagen

    (@ravanh)

    To confirm: I did a manual update on that fourth site and right after a successful update, browsing back to the admin plugin update page, the same error occurred, blocking further access. I unset the auto_prepend_file directive, re-accessed the admin, then set the directive again.

    I’ve taken snapshots of the bootstrap.php file before the update, after the update and after regaining access. Turns out that indeed the file remains untouched after the update, only to be updated after regaining admin access.

    I’ve verified file/directory ownership and rights but all are correct. I checked whether the define( 'DISALLOW_FILE_EDIT', true ); could be responsible but not all sites that suffered have this constant set.

    Hope this helps debugging ??

    Plugin Support Alin (a11n)

    (@alinclamba)

    Hi @ravanh,

    Thank you for the details provided.

    I’m checking with our developers and will keep you updated here.

    Please stay tuned!

    Plugin Support Alin (a11n)

    (@alinclamba)

    Hi @ravanh ,

    Me again. Our developers confirmed the bug and they are already investigating it. As promised, we’ll keep you updated.

    Thank you for reporting this!

    Plugin Author njweller

    (@njweller)

    Hello @ravanh,

    We have just released Jetpack Protect 3.1.1, which includes a fix for the undefined entrypoint constant. Thank you so much for the detailed reporting, and for your patience dealing with this issue!

    Please let us know if you have any additional issues or questions!

    Cheers,
    Nate

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.