rempsyc
Forum Replies Created
-
Alright, thanks for your answer. I guess I can’t do much more for now as I transition to a new host. So I think I’ll give up on this issue for the moment as it is not breaking my site and, in my understanding, does not create any imminent security risks. Thanks.
Update: Using my host’s cPanel Cloudflare integration does not resolve the issue. Still receiving the emails. Thinking about giving up at this point since the site is otherwise functional. Would it be concerning to not address it (i.e., is it indicative of potentially larger problems)? What would you recommend next?
Right now, we are trying another approach. Instead of using Cloudflare directly, we are attempting to use my host’s cPanel Cloudflare integration to see if it resolves the issue. Will let you know if I receive the error email again.
Oh ok, I see what you mean. I’ll return to my host with this information. Thanks.
Hi @wfpeter as you know I have disabled all my plugins except Wordfence 2 days ago and I just received the same email again about the E_ERROR on line 22. This suggests that the other plugins are not at fault. What would be the next steps then?
We’d normally recommend pausing Cloudflare to see if the site functions properly without it, to at least narrow down the number of issues coming up at once, but if you’re depending on Cloudflare for SSL to work, you might not be able to.
Yes, my site depends on Cloudflare for SSL to work, so I’m not really able to disable it.
Your host stated they won’t enable IPv6 support because their servers don’t use it, and Cloudflare can’t connect to us with IPv6 addresses. However, Cloudflare can pass an IPv6 address in the CF-Connecting-IP header, so PHP won’t be able to process that when Wordfence needs it to. Cloudflare doesn’t let you turn off IPv6, so this might continue to be an issue going forward if the host won’t enable it.
Just to clarify, in my earlier post, I said:
IPv6 mode is disabled
If it is disabled, it means Cloudflare doesn’t let me turn it ON. So that would not be the issue.
Your host also said this is caused by the way our servers work. If you try the connection from your website back to your website, the connection doesn’t go through Cloudflare, it goes straight to Wordfence servers. That might mean that the cURL error is from the site trying to connect to itself directly, but with an invalid SSL certificate on the site. If the site would normally connect to itself with plain http, and it’s trying https instead (because of the really-simple-ssl plugin?), that could cause the cURL problem you’re seeing if the site doesn’t have its own valid certificate.
Ok, I can see that. But nothing I can do here, right?
When the file containing the “missing” class is present but this issue occurs, it’s usually a conflict with another plugin’s autoloader, but we don’t see any in your installed plugins that look like the cause. It could be a plugin that loads some WP core files out of order, or calls a hook earlier than it’s intended to be called. Another possibility might be if the host or a custom Linux cron job is running PHP on the command line in an unusual way. You could try disabling all plugins except for Wordfence, then reenabling plugins one-by-one to see if there’s an identifiable troublemaker.
Ok, I’ll try disabling all plugins and reenabling them one by one to see. Thanks.
Note: Received the email again yesterday afternoon.
- This reply was modified 4 years, 3 months ago by rempsyc.
Update: regarding the message about cURL error 35, my host said the following:
This is caused by the way our servers work. If you try to connect from your website to your website, the connection doesn’t go through Cloudflare, it goes straight to our server.
So could this be related to the E_ERROR/line 22?
In the meanwhile, I have turned Automatic HTTPS Rewrites OFF. I’m now getting a new Wordfence message on WordPress (no idea if it’s related):
The Wordfence Web Application Firewall needs a configuration update. It is not currently in extended protection mode but was configured to use an older version of PHP and may have become deactivated when PHP was updated. You may perform the configuration update automatically by clicking here or use the “Optimize the Wordfence Firewall” button on the Firewall Options page.
I did perform the configuration update automatically by clicking on the button. I also turned Enable 301 .htaccess redirect ON, and Enable WordPress 301 redirect OFF. However, then I could see a message saying that “No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect.” So I turned Enable WordPress 301 redirect back ON. Therefore both are ON right now (is that bad?).
I also saw the following option in the Settings menu: “Fire mixed content fixer with different method”. Hovering over the question mark produces the following message:
If this option is set to true, the mixed content fixer will fire on the init hook instead of the template_redirect hook. Only use this option when you experience problems with the mixed content fixer.
I believe I actually am experiencing problems with the mixed content fixer, so I just turned this ON too. Finally, I noticed another option in the Settings: “Mixed content fixer”:
In most cases you need to leave this enabled, to prevent mixed content issues on your site.
I did not touch this one (left it ON).
Finally, after making those changes, I just received yet another email with the same error (~1h after posting).
Hey, I think I have some new information, can you tell me if any of this might be useful in resolving our problem?
I am using the Really Simple SSL plugin. On Cloudflare, my SSL/TLS encryption mode is set to Flexible. The following options were set ON (after setting up Really Simple SSL): SSL/TLS Recommender, Always Use HTTPS, and Automatic HTTPS Rewrites.
Once connected to my admin site and going to the settings of Really Simple SSL, I can see the following message:
The mixed content fixer could not be detected due to a cURL error: cURL error 35: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error. cURL errors are often caused by an outdated version of PHP or cURL and don’t affect the front-end of your site. Contact your hosting provider for a fix
(How should I interpret this error?)
Furthermore, on the Really Simple SSL plugin, Enable WordPress 301 redirect is ON, but Enable 301 .htaccess redirect is OFF. Should I switch those two?
Finally, I checked IPv6 mode in Cloudflare and it is disabled (greyed out so I can’t change that).
Thank you for your reply @wfpeter. I just checked and wordfence/modules/login-security/classes/model/ip.php is there, not missing. Both my plugins and WordPress use the latest update and in both cases, they are set to update automatically.
I have posted on my host provider forum to see if they can help: https://forum.infinityfree.net/t/wordfence-wordpress-type-e-error-error-in-line-22/38491
- This reply was modified 4 years, 3 months ago by rempsyc.
Oh, turns out you were right… I received the email again with the same error message (line 22/”Class ‘WordfenceLS\Model_IP’ not found”). Shall we try something else then?
Awesome, thank you! I just followed your instructions. I think this should solve the issue, but if I receive any new error messages, I will come back to this thread.
No worry. Maybe that relates to the problem too (or not). Just sent it.
I just sent it again (to [email protected]). I wanted to attach a screenshot but do not see an option to do so. In any case, the message says “Diagnostic report has been sent successfully.” (like the previous time, however, so I don’t know if it really went through this time). I frequently receive emails from my site, so yes, I believe it works correctly in that regard.
Done, it was sent. Also, I would like to remove the personal info regarding my website above but can’t seem to be able to edit my post anymore. Can you do it for me? Thanks.