WP-CLI (wp command line tool) error when itsec is active

  • Hi Guys,
    Is there a specific setting or something that needs to be flagged in order for wp-cli to work as expected while better-wp-security is active?

    We are on litespeed, php7.2;(with settings like hide back-end, force ssl always) and when running a wp-cli command it errors:
    Warning: Some code is trying to do a URL redirect. Backtrace:

    or something like

    Notice: Undefined index: HTTP_HOST in /home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php on line 131

Warning: Some code is trying to do a URL redirect. Backtrace:

#0  WP_CLI\Utils\wp_redirect_handler(https://) called at [/home/xxxxx/public_html/wp-includes/class-wp-hook.php:288]

#1  WP_Hook->apply_filters(https://, Array ([0] => https://,[1] => 301)) called at [/home/xxxxx/public_html/wp-includes/plugin.php:203]

#2  apply_filters(wp_redirect, https://, 301) called at [/home/xxxxx/public_html/wp-includes/pluggable.php:1199]

#3  wp_redirect(https://, 301) called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php:132]

#4  ITSEC_SSL->redirect_to_https() called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php:73]

#5  ITSEC_SSL->init() called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php:12]

#6  ITSEC_SSL->__construct() called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php:17]

#7  ITSEC_SSL::get_instance() called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php:205]

#8  require_once(/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php) called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/active.php:9]

#9  include_once(/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules/ssl/active.php) called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules.php:583]

#10 ITSEC_Modules::load_module_file(active.php, Array ([0] => ban-users,[1] => brute-force,[2] => network-brute-force,[3] => wordpress-tweaks,[4] => ssl,[5] => security-check,[6] => global,[7] => notification-center,[8] => privacy,[9] => admin-user,[10] => content-directory,[11] => database-prefix,[12] => core,[13] => file-permissions,[14] => hide-backend,[15] => password-requirements,[16] => strong-passwords,[17] => wordpress-salts,[18] => file-writing,[19] => malware,[20] => pro-module-upsells)) called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/modules.php:602]

#11 ITSEC_Modules::run_active_modules() called at [/home/xxxxx/public_html/wp-content/plugins/better-wp-security/core/core.php:158]

#12 ITSEC_Core->continue_init() called at [/home/xxxxx/public_html/wp-includes/class-wp-hook.php:286]

#13 WP_Hook->apply_filters(, Array ([0] => )) called at [/home/xxxxx/public_html/wp-includes/class-wp-hook.php:310]

#14 WP_Hook->do_action(Array ([0] => )) called at [/home/xxxxx/public_html/wp-includes/plugin.php:453]

#15 do_action(plugins_loaded) called at [/home/xxxxx/public_html/wp-settings.php:327]

#16 require(/home/xxxxx/public_html/wp-settings.php) called at [phar:///home/xxxxx/wp-cli.phar/vendor/wp-cli/wp-cli/php/WP_CLI/Runner.php:1188]

#17 WP_CLI\Runner->load_wordpress() called at [phar:///home/xxxxx/wp-cli.phar/vendor/wp-cli/wp-cli/php/WP_CLI/Runner.php:1111]

#18 WP_CLI\Runner->start() called at [phar:///home/xxxxx/wp-cli.phar/vendor/wp-cli/wp-cli/php/WP_CLI/Bootstrap/LaunchRunner.php:23]

#19 WP_CLI\Bootstrap\LaunchRunner->process(WP_CLI\Bootstrap\BootstrapState Object ([WP_CLI\Bootstrap\BootstrapStatestate] => Array ())) called at [phar:///home/xxxxx/wp-cli.phar/vendor/wp-cli/wp-cli/php/bootstrap.php:74]

#20 WP_CLI\bootstrap() called at [phar:///home/xxxxx/wp-cli.phar/vendor/wp-cli/wp-cli/php/wp-cli.php:23]

#21 include(phar:///home/xxxxx/wp-cli.phar/vendor/wp-cli/wp-cli/php/wp-cli.php) called at [phar:///home/xxxxx/wp-cli.phar/php/boot-phar.php:11]

#22 include(phar:///home/xxxxx/wp-cli.phar/php/boot-phar.php) called at [/home/xxxxx/wp-cli.phar:4]
Viewing 8 replies - 1 through 8 (of 8 total)

  • It looks like the PHP php_sapi_name() function does not return the string ‘cli’ when running a wp-cli command in your env …

    The question is what exact string does it return and why isn’t it ‘cli’ ?

    That shouldn’t be too hard to figure out.

    Thread Starter pietpompies

    (@pietpompies)

    Sorry @nlpro, but I’m not sure what you mean.

    This is on a cPanel server running php7.2 . Not sure how/what to adjust from what you are saying.
    In addition, why would everything else work OK as soon as I disable ITSEC. That would let me there is an issue with the plugin and or plugin settings.

    Thread Starter pietpompies

    (@pietpompies)

    OK looks like a php 7.2 compatibility issue.
    As soon as I revert to php7.1 the errors for ITSEC goes away.

    (sorry for the spam just need to unsubscribe from the topic)

    @pietpompies

    It seems to work fine in my php 7.2.12 test env …

    Switch back to php 7.2 (make sure the error reproduces) and then create a file named single-command.php in the folder where wp-cli is installed. Add the lines below to the file:

    <?php

WP_CLI::success( sprintf( "The PHP php_sapi_name() function returns: '%s'", php_sapi_name() ) );

    Then try and run the following wp-cli command from the wp-cli folder:

    wp eval-file single-command.php --skip-wordpress

    It should display the following result:

    Success: The PHP php_sapi_name() function returns: ‘cli’

    Also run the following wp-cli command and post the output displayed:

    wp --info

    Thread Starter pietpompies

    (@pietpompies)

    thx @nlpro

    Eval does give me:
    Success: The PHP php_sapi_name() function returns: 'cli'

    wp –info gives me:

    OS:     Linux 2.6.32-896.16.1.lve1.4.54.el6.x86_64 #1 SMP Wed May 2 07:43:19 EDT 2018 x86_64
Shell:  /bin/bash
PHP binary:     /opt/alt/php72/usr/bin/php
PHP version:    7.2.12
php.ini used:   /opt/alt/php72/etc/php.ini
WP-CLI root dir:        phar://wp-cli.phar/vendor/wp-cli/wp-cli
WP-CLI vendor dir:      phar://wp-cli.phar/vendor
WP_CLI phar path:       /home/xxxxx/.wp-cli
WP-CLI packages dir:
WP-CLI global config:
WP-CLI project config:
WP-CLI version: 2.0.1

    Ok, that seems to be fine.

    Try and run the following wp-cli command from the root folder of the WordPress install:

    wp eval-file /[your wp-cli folder]/single-command.php

    where [your wp-cli folder] should be replaced with the full path to the wp-cli folder.

    This way the php_sapi_name() function test will run with the full WordPress framework loaded.

    Just to be sure, this is while using the latest iTSec plugin release ? (7.2.0)

    • This reply was modified 6 years, 4 months ago by nlpro.

    Still not sure how this works with php 7.1 but breaks with php 7.2 in your env. Perhaps comparing the output of a working (php 7.1) and a failing (php 7.2) wp cli command with the parameter – -debug set might help.

    Anyway as a workaround you can prevent wp cli from loading the iTSec plugin code by using the – -skip-plugins= parameter like:

    wp plugin list --skip-plugins=ithemes-security-pro

    Unfortunately this will also break support for the iTSec Pro plugin WP-Cli commands.

    • This reply was modified 6 years, 3 months ago by nlpro.
    • This reply was modified 6 years, 3 months ago by nlpro.
    • This reply was modified 6 years, 3 months ago by nlpro.
Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘WP-CLI (wp command line tool) error when itsec is active’ is closed to new replies.