Critical incompatibility with Shield Security plugin

  • Resolved jeffersonpowers

    (@jeffersonpowers)


    3 years, 4 months ago

    After updating WP-Optimize from version 3.2.7 to 3.2.9, several of my websites crashed to the point that I received those “your site is experiencing a technical issue” emails and had to log in using recovery mode. The following error was reported:

    An error of type E_COMPILE_ERROR was caused in line 26 of the file /var/www/wp-content/plugins/wp-simple-firewall/src/lib/src/Modules/AuditTrail/Lib/LogHandlers/LocalDbWriter.php. Error message: Declaration of FernleafSystems\Wordpress\Plugin\Shield\Modules\AuditTrail\Lib\LogHandlers\LocalDbWriter::write(array $record) must be compatible with Monolog\Handler\AbstractProcessingHandler::write(array $record): void

    Again, this error completely crashes the website.

    While it is Shield Security throwing up this error, it only started happening after updating WP-Optimize. Deactivating either plugin fixes the issue.

    I reported this to Shield Security, and their developer had this to say:

    It appears to be Shield generating the error, but as you’ve discovered, it’s both plugins together causing the problem. We each have a different, incompatible, version of the PHP monolog library distributed with our plugin. Our plugin throws the error just by the timing of the included library.

    We include a version of the monolog library that is most widely compatible with more WordPress sites. WPOptimise has unfortunately chosen a version of the library (v2.3.5) that is only compatible with PHP 7.2+. This is strange since their plugin states PHP 5.6+ compatibility. You’ll want to ask them if they’d consider using an older version of the library.

    You can see the original post from the Shield support forum here: https://wordpress.org/support/topic/critical-incompatibility-with-wp-optimize-plugin/

    It appears that a similar issue was reported here a few months ago:

    https://wordpress.org/support/topic/error-wpo_advanced_cache-constant-is-not-present-in-advanced-cache-php-2/

    Are you able to switch to using a more compatible version of the monolog library, as Shield Security suggests?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Harshad

    (@bornforphp)

    3 years, 4 months ago

    @jeffersonpowers I’ll check this with our development team and update you soon.

    Thank you for your time and patience.

    Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    3 years, 3 months ago

    Hi,

    The analysis here isn’t quite right. What *PHP* versions the two monolog libraries are compatible with is tangential to whether those two monolog libraries are compatible *with eachother*. The fact that they’re not compatible with eachother is the real problem.

    If we decide to stop using a more modern version and go back to using the same/older monolog version as Shield, then we’ll then become compatible with Shield, but incompatible with other plugins that are using newer versions of monolog. i.e. There’ll just be incompatibilities with a different set of plugins – and that set will grow over time, as more plugin authors update to more modern library versions.

    It’s an unfortunate situation, with a limited number of possibilities to resolve it. I’d argue that the presumption has to be that plugins are going to use newer, not older, versions of the code. Deliberately moving to an older version because there’s another plugin that has stayed on that older version is almost by definition a retrograde step.

    N.B. WP-O’s feature that’s using monolog is a PHP 7.1+-only feature. WP-O is listed as PHP 5.6+ in the plugin directory because is has other features that are still usable on older versions. PHP 5.6 became unsupported by the PHP group nearly 4 years ago now, and is not supported by current WordPress core releases (https://www.php.net/eol.php). So it’s only of any interest to people who have decided to run old WP core versions too. At some point you have to upgrade, and arguably that’s at the point that the pain of maintaining complex work-arounds becomes too great.

    David

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Critical incompatibility with Shield Security plugin’ is closed to new replies.