PHP Fatal error: Uncaught Error: Call to undefined function get_home_path() in mscan-ajax-functions.php:311

[barokoko]

I get fatal errors with BPS Pro, what to do?

[17-Jul-2021 04:52:01 UTC] PHP Fatal error:  Uncaught Error: Call to undefined function get_home_path() in .../wp-content/plugins/bulletproof-security/includes/mscan-ajax-functions.php:311
Stack trace:
#0 .../wp-content/plugins/bulletproof-security/includes/mscan-ajax-functions.php(132): bpsPro_mscan_calculate_scan_time('300')
#1 .../wp-includes/class-wp-hook.php(292): bpsPro_scheduled_mscan_scan()
#2 .../wp-includes/class-wp-hook.php(316): WP_Hook->apply_filters('', Array)
#3 .../wp-includes/plugin.php(551): WP_Hook->do_action(Array)
#4 .../wp-cron.php(138): do_action_ref_array('bpsPro_MScan_ch...', Array)
#5 {main}
  thrown in .../wp-content/plugins/bulletproof-security/includes/mscan-ajax-functions.php on line 311

[AITpro Admin]

Is there anything unusual about your WordPress site?  What type of WordPress site is this?  Standard single WordPress installation or a Network|Multisite installation?  Maybe WordPress Core files are missing or damaged – try manually reinstalling WordPress on the Dashboard > Updates page > click the Re-Install Now button.

[barokoko]

It is a single standard installation.
Last week the provider got an info from domain registrant that this domain would be “under control” of Kaseya attack virus. Provider switched off hosting and mail completely. I could not find anything wrong, but deleted all and installed a fresh WordPress and database with user data from a backup from April. I checked site with all online scanners I could find, test installed temporary Sucuri, Wordfence and after that BS Pro. Nothing unusual to see in files, database or logs. But:

[Fri Jul 16 06:50:44.675466 2021] [fcgid:warn] [pid 26053] (32)Broken pipe: [client ...] mod_fcgid: ap_pass_brigade failed in handle_request_ipc function, referer: https://.../wp-admin/admin.php?page=bulletproof-security%2Fadmin%2Fmscan%2Fmscan.php

The only perhaps not so common thing: using Plesk WordPress Toolkit. With all security settings activated (e.g. concatenate scripts=false, disallow file edit and more).
This website has only two pages, no comments or forms, so I also disabled the standard cron in Toolkit with a scheduled cron job every 30min (this was working on many similar pages last years without problems). Guessing this could be a problem for MScan I switched back to standard cron, but the fatal errors are repeating every hour, with MScan schedule set to 60min.

Reinstalled WordPress via Update page. Fatal error appeared again after 1 hour with MScan schedule.

[AITpro Admin]

Ok I’ll do some testing to see if there is some sort of problem with MScan Scheduled scanning.  You actually do not need to use scheduled MScan scanning.  BPS Pro comes with AutoRestore|Quarantine, which is far superior to MScan and all other website malware scanners. MScan was created just to do random scans or to confirm that a suspected hacked site/hosting account is actually hacked or not.

[AITpro Admin]

This is a bug.  This will be fixed in the next BPS Pro version release.

[barokoko]

Ok.
I just switched schedule on for testing and climbing up the learn curve. BPS Pro turned WordPress into a Boing-Cockpit 😉

This account was shut down because of virus alarm from someone, so I was just interested in what MScan does and finds. This Kaseya thing is not known to attack websites. I am sure it was a false alarm, but I have to proof it to the provider now, currently my customer is a violator against T&C.

Anyway, fatal error with get_home_path should not occur. Maybe my fault, please contact if you need more details.

 

[AITpro Admin]

I was able to reproduce the same PHP error.  So yeah it is a bug.

[AITpro Admin]

The bug has been fixed.  Just needed to add this additional code for the scheduled Cron job.

Function: bpsPro_mscan_calculate_scan_time($mstime)
Code Line: 311
File: /bulletproof-security/includes/mscan-ajax-functions.php

if ( ! function_exists('get_home_path') ) {
require_once ABSPATH . 'wp-admin/includes/file.php';
}

$source = get_home_path();

[barokoko]

might be another error, switched off MScan schedule 2 hours ago, but still get hourly mails about php-errors.

[AITpro Admin]

I didn’t find any other bugs. So most likely either the scheduled cron job is still scheduled and not turned Off or you have turned On this S-Monitor > PHP Error Log: New Errors in The PHP Error Log option setting.  I believe that option setting will continue to send you emails if you do not clear/reset the last php error that occurred by clicking the Reset Last Modified Time in DB button on the PHP Error Log page.

[barokoko]

MScan schedule is off.

Setting:
PHP Error Log: New Errors in The PHP Error Log Alerts
is set to Display Alerts in WP Dashboard.

Aha, another option:
PHP Error Log: New Errors in The PHP Error Log
is set to Send me Email alerts.

Not obvious, that this sends hourly even though I switched off the schedule.
It needs the condition: clear/reset the log
In my case: I do not want to reset the log. I want to report to you. One Mail is enough.

[AITpro Admin]

Resetting the PHP Error Log only resets the timestamp and alert and not the actual PHP Error Log itself.

[Author]

Posts