PHP Warning: posix_getpwuid() has been disabled for security reasons

Home Forums BulletProof Security Pro PHP Warning: posix_getpwuid() has been disabled for security reasons

This topic contains 5 replies, has 2 voices, and was last updated by  AITpro Admin 1 year, 6 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #32092

    Phil Yonge
    Participant

    Hello,

    I built a new website for a friend and installed BPS Pro.  I am having a lot of issues which I assume are being caused fundamentally by the hosting account.  I have access to the hosting account cPanel but the hosting company support won’t help me as I am not the account holder – I will elaborate more on that later.  I have decided to move the website to my VPS where I have several websites protected by BPS Pro without any issues.  I will list all problems below.

    Firstly I was receiving a large amount of emails daily that a file had been quarantined. It was the hosting account error_log file that was being placed in the root public_html folder multiple times per day. I set an exclude rule for this file in the AutoRestore|Quarantine area of BPS and the file is still being quarantined.  I noticed in cPanel that the hosting company is using Cloud Linux as their operating system as PHP selector is available.  Although PHP selector states that the hosting account is using PHP version 5.6 the cPanel server information page states that the account is running PHP version 5.3.26.  I asked the guy that owns the account to ask support about the discrepancies in PHP version running and about the hosting account error_log file and the hosting company said that there are no problems whatsoever.

    The error log is below that I inspected today, the 11th Jan 2017:

    [15-Nov-2016 00:41:36 UTC] PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0

    Moving on.  When I tried to delete the quarantined error_log file it isn’t being removed.  Some time later I updated some of my theme files and forgot to turn AutoRestore|Quarantine off and my updated theme files were naturally quarantined.  I turned off AutoRestore|Quarantine and attempted to restore my quarantined theme files but they weren’t being restored.  So I had to edit my theme files again, turned off AutoRestore|Quarantine and backed up my wp-content folder and turned AutoRestore|Quarantine back on again and my updated theme files were no longer being quarantined.  Again I tried to delete the quarantined theme files but they weren’t being deleted.  Now I have two language files that are being quarantined multiple times daily.  The files are: en_GB.po, en_GB.mo

    This may be due to changing language settings in a facebook feed plugin recently but I am unsure.  The odd thing is that although these two language files are being quarantined mutiple times daily they are still in their proper place in the WordPress languages folder.  Filezilla says that these two files were last modified with today’s date the 11th Jan 2017.  Again I am unable to delete these files from the quarantine folder within BPS pro.

    Moving on again I am receiving a lot of PHP error notifications – which I believe are due to the hosting account possibly running PHP version 5.3 but again I am unsure.  For your possible need today’s errors are noted below:

    [11-Jan-2017 02:58:03 UTC] PHP Warning:  posix_getpwuid() has been disabled for security reasons in /home/roadside/public_html/wp-admin/includes/class-wp-filesystem-direct.php on line 210
    [11-Jan-2017 17:02:57 UTC] PHP Warning:  array_values() expects parameter 1 to be array, null given in /home/roadside/public_html/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php on line 1925
    [11-Jan-2017 17:02:57 UTC] PHP Warning:  array_merge(): Argument #2 is not an array in /home/roadside/public_html/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php on line 1925

    Lastly and to close I have followed the instructions to backup my site to move the website files and database to my own VPS from the following link: https://forum.ait-pro.com/forums/topic/migrating-moving-or-cloning-websites/#post-20407

    I have absolutely no idea if I need to fix the problems I am having of being unable to restore or delete files in quarantine prior to moving the website.  It all seems to be rather a mess to me and combined with the large PHP errors being reported by BPS Pro I am wondering if the backup of the website will lead to BPS Pro continuing to malfunction on my VPS if I move the website.

    Many thanks in advance if you can help me please.

    #32093

    AITpro Admin
    Keymaster

    “I am wondering if the backup of the website will lead to BPS Pro continuing to malfunction on my VPS” – your statement is reversed.  It should be something like this – Your VPS server is malfunctioning, which is causing problems for both BPS, WordPress itself and probably everything else on this WordPress site (plugins, themes, etc).  Or your WordPress site is fubar, which is causing problems for everything else.

    So instead of trying to tackle any of the problems that appear to be related directly to BPS and WordPress, you instead need to figure out what is wrong with your VPS server or your WordPress site itself.  So what you need to do at this point is to figure out if the root problem is your VPS server or your WordPress site itself.  To do that install a brand new WordPress site on this server and test things.  If the server is not displaying all the errors that you previously posted above, then install BPS Pro and test things.  If this new test installation site and BPS Pro work fine then you have your answer.

    #32096

    Phil Yonge
    Participant

    Hello Admin,

    Thanks for the reply.  It seems you have mis-read my post as is states that my VPS has several sites running on it with BPS Pro with out any issues – hence why I have suggested to my friend that the website be moved to my VPS.  The website in question is running on a hosting account that I do not own.  I have cPanel access only.  The owner of the hosting account has asked the hosting company on my behalf to look into the hosting account error_log and discrepancy of which version of PHP it is really running only to be told that there is are no problems.  Please can you re-read my post as I do not know what I should do to proceed in moving the site as painlessly as possible.

    Many thanks in advance if you can guide me in moving forward with this.

    #32098

    AITpro Admin
    Keymaster

    Oh ok you were talking about a different host server.  Got it.  Ok what I see are a lot of host server problems.  So I assume once you move the site to your VPS server that is not fubar like the host server that the site is on now, then I assume you will not see all of those server errors and problems.  I’ve been doing this a long time and I can tell when a server is fubar by the types of server errors and BPS and WordPress errors and problems that are occurring.  So besides that other host server being fubar it sounds like the host support is also fubar, which makes sense in a comical way – like “send in the clowns” hosting.  😉

    So anyway this forum topic regarding migrations/moves/clones has several different methods you can use:  https://forum.ait-pro.com/forums/topic/migrating-moving-or-cloning-websites/#post-20407 but in this particular case what I recommend that you do is to Export your Custom Code on the fubar host server.  Then uninstall BPS Pro on this fubar host server.  Then do your clone without BPS Pro installed, if that is even possible to do.  It sounds like the other host server is so fubar you may not even be able to clone/migrate the site and will have to do something like create a DB Backup, Nuke the fubar site, reinstall a new WordPress installation on your good VPS server, import your DB Backup to the new site, install BPS Pro on the new WordPress installation and then Import your Custom Code.

    Also if you do not have full access to the hosting account to do everything that you need to do then that falls back on the website owner who will need to grant you access to everything you need obviously.  That is not your responsibility and is the website owner’s responsibility obviously.

    #32102

    Phil Yonge
    Participant

    Thank you very much for the advice.  Much appreciated.

    #32103

    AITpro Admin
    Keymaster

    FYI – If you have control panel access then you can create an FTP account or use an existing FTP account and change the password to access files.  You can access phpMyAdmin to get into the WordPress Users database table to change passwords for User Accounts so that you can login to the WordPress site.  https://codex.wordpress.org/Resetting_Your_Password#Through_phpMyAdmin

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.