Internal Server Error codes 500 and 503 returned on a fresh Flatpress 1.3.1 installation on php versions 8.0 through 8.2

[justrudra]

Hello,

I would like to draw your attention @Fraenkiman and @azett. Its been quite sometime that I have been trying to raise this strange issue that I have been facing in "some" shared hosting environments. I am able to run the setup and the installation happens successfully. After that when I try to go the blog home page, I greeted with a "WHITE SCREEN OF DEATH" on the browser. Now, from a command line terminal, if i use 'curl' to check the code returned, it is always 500 and 503. I mean at times 500 and sometime 503.

The server logs aren't helping much either. Just the generic 500 errors are logged.

To overcome this, I tried to enable the display of php errors on the browser via .htaccess rules. And then there is a plethora of information displayed. Please have a look below :

FP_errors.txt

What is interesting though is, I never find that happening with FP 1.2.1. Everything just runs fine. By the way, I am not sure if this issue https://github.com/flatpressblog/flatpress/issues/386 is the same as the one that I mentioned above.

Also there is a big bloodbath happening between Imunify 360 and Modsecurity rules with prettyurls rules inserted by the prettyurls plugins.. Always triggers the 403 rules. That needs to be looked at as well.

The usage of Apache webserver might have reduced as @Fraenkiman had mentioned in a different thread on prettyurl issues. But what needs to be kept in mind though is that modern shared hosting rig consists of Litepeed server, which is reads the .htaccess file and loads rules form there. And Modsecurity and imunify 360 plugins are active by default on most if not all shared hosting servers. And if this issue is not addressed, it will have a negative impression on people choosing Flatpress are a medium of blog/website, in the long run.

I wish I could help you folks in troubleshooting these issues, but my skills aren't that great beside linux/unix server administration.

[Fraenkiman]

Hello @justrudra,

thank you for the bug report. I have passed the output from your FP_errors.txt file and the affected core.date.php file through a few hands. Over a coffee break, I was told: the date_strformat() function repeatedly uses the $timestamp parameter, but it assumes that this value is already correctly formatted and ready to be passed to strftime_replacement(). However, if $timestamp is null or another inappropriate value, this can lead to errors, as strftime_replacement() expects the timestamp in different formats (e.g. UNIX timestamp, DateTime object, or datetime string). In PHP, 0 is a valid UNIX timestamp (corresponding to January 1, 1970), but often zero or a non-valid value is passed, which causes the function to fail.

If you can, replace the file core.date.php in the directory /fp-includes/core with this one and test whether the problem still occurs. Download from PR472

In issue #386 there was unfortunately not enough information available, e.g. an error log. The same applies to the Imunify 360 protected system. We do not use Imunify 360 protected systems. This makes traceability and reproducibility impossible. If you are able to access such error logs that are directly related to FlatPress, please create a separate issue. Possibly, not excluded, there is a solution here: https://docs.imunify360.com/faq_and_known_issues/

Let us know if you still get the Fatal error “Can only throw objects” or if the problem is solved.

With best regards Frank

[Fraenkiman]

@azett Maybe if the problem with Imunify 360 and Modsecurity with Prettyurls rules is not tangible, we should disable the PrettyURLs plugin by default.

[justrudra]

@Fraenkiman Thank you so much for the detailed explanation and a fix for core.date.php. I ran a fresh installation of FP using your fix. As usual the installation runs fine. But once it is complete and I try to go to the homepage, a new error message is displayed. I see error messages when I visit the urls 'example.com' and 'example.com/login.php'. Please see the attachment below:

`

PHP Error when going to the url http(s)://example.com/

Fatal error: Uncaught TypeError: DateTime::setTimezone(): Argument #1 ($timezone) must be of type DateTimeZone, mixed given in /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php:143 Stack trace: #0 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php(143): DateTime->setTimezone() #1 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php(67): strftime_replacement() #2 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.theme.php(322): date_strformat() #3 /home/cnplqtma/domains/example.com/public_html/fp-plugins/archives/plugin.archives.php(50): theme_date_format() #4 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.filesystem.php(51): plugin_archives_monthlist->_exitingDir() #5 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.filesystem.php(19): fs_filelister->_listFiles() #6 /home/cnplqtma/domains/example.com/public_html/fp-plugins/archives/plugin.archives.php(78): fs_filelister->__construct() #7 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.wp-plugin-interface.php(134): plugin_archives_head() #8 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.theme.php(303): do_action() #9 /home/cnplqtma/domains/example.com/public_html/fp-content/cache/e93fccb09cf8b04111b9595da102f3f4^2ee303d0915c03ec78713a4944cfd6dfabf0679e_0.file.header.tpl.php(33): theme_smarty_function_action() #10 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_resource_base.php(123): content_670fae6a3c49f3_42392426() #11 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_compiled.php(114): Smarty_Template_Resource_Base->getRenderedTemplateCode() #12 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_template.php(217): Smarty_Template_Compiled->render() #13 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_template.php(386): Smarty_Internal_Template->render() #14 /home/cnplqtma/domains/example.com/public_html/fp-content/cache/e93fccb09cf8b04111b9595da102f3f4^2c5f253910a6548ffb2fff1c67e979e800f47d4f_0.file.index.tpl.php(28): Smarty_Internal_Template->_subTemplateRender() #15 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_resource_base.php(123): content_670fae6a3bc839_26744752() #16 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_compiled.php(114): Smarty_Template_Resource_Base->getRenderedTemplateCode() #17 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_template.php(217): Smarty_Template_Compiled->render() #18 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_templatebase.php(238): Smarty_Internal_Template->render() #19 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_templatebase.php(134): Smarty_Internal_TemplateBase->_execute() #20 /home/cnplqtma/domains/example.com/public_html/index.php(186): Smarty_Internal_TemplateBase->display() #21 /home/cnplqtma/domains/example.com/public_html/index.php(194): index_display() #22 {main} thrown in /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php on line 143

PHP Error when going to the url http(s)://example.com/login.php

Fatal error: Uncaught TypeError: DateTime::setTimezone(): Argument #1 ($timezone) must be of type DateTimeZone, mixed given in /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php:143 Stack trace: #0 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php(143): DateTime->setTimezone() #1 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php(67): strftime_replacement() #2 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.theme.php(322): date_strformat() #3 /home/cnplqtma/domains/example.com/public_html/fp-plugins/archives/plugin.archives.php(50): theme_date_format() #4 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.filesystem.php(51): plugin_archives_monthlist->_exitingDir() #5 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.filesystem.php(19): fs_filelister->_listFiles() #6 /home/cnplqtma/domains/example.com/public_html/fp-plugins/archives/plugin.archives.php(78): fs_filelister->__construct() #7 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.wp-plugin-interface.php(134): plugin_archives_head() #8 /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.theme.php(303): do_action() #9 /home/cnplqtma/domains/example.com/public_html/fp-content/cache/e93fccb09cf8b04111b9595da102f3f4^2ee303d0915c03ec78713a4944cfd6dfabf0679e_0.file.header.tpl.php(33): theme_smarty_function_action() #10 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_resource_base.php(123): content_670fae6a3c49f3_42392426() #11 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_compiled.php(114): Smarty_Template_Resource_Base->getRenderedTemplateCode() #12 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_template.php(217): Smarty_Template_Compiled->render() #13 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_template.php(386): Smarty_Internal_Template->render() #14 /home/cnplqtma/domains/example.com/public_html/fp-content/cache/e93fccb09cf8b04111b9595da102f3f4^72ad704ac9e73a1a21b18d69c0067e589b513421_0.file.default.tpl.php(27): Smarty_Internal_Template->_subTemplateRender() #15 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_resource_base.php(123): content_670fae868655e5_28818218() #16 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_template_compiled.php(114): Smarty_Template_Resource_Base->getRenderedTemplateCode() #17 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_template.php(217): Smarty_Template_Compiled->render() #18 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_templatebase.php(238): Smarty_Internal_Template->render() #19 /home/cnplqtma/domains/example.com/public_html/fp-includes/smarty-4.3.1/libs/sysplugins/smarty_internal_templatebase.php(134): Smarty_Internal_TemplateBase->_execute() #20 /home/cnplqtma/domains/example.com/public_html/login.php(115): Smarty_Internal_TemplateBase->display() #21 {main} thrown in /home/cnplqtma/domains/example.com/public_html/fp-includes/core/core.date.php on line 143

` But interestingly if I visit the url 'example.com/setup.php' post installation. the pgae displays just fine with the obvious messge

`Setup has been locked

It looks like you already run setup, because we found the lockfile fp-content/%%setup.lock.

If you need to restart setup, please delete this file first.

Remember! It's not safe keeping setup.php and the setup/ directory on your server, we suggest you to delete it! `

If we can get through this. I will be doing some more testing with pretturls plugin and see if we can figure out a fix for its issues with Imunify 360 and Modsecurity rules.

Thanks Once Again. :)

[Fraenkiman]

Hello @justrudra,

The setup does not use the Smarty template engine. Therefore the setup is displayed as expected. Strangely, I can't provoke such error output on my test system nor live. Perhaps @azett sees something else that I/my colleagues may have overlooked. I have added a fallback option to UTC in the file core.date.php (strftime_replacement) in line 143, in case no valid time zone can be set. I also made a change in the file core.theme.php in line 164, which now refers to the function date_time().

Both files are included in this archive. https://github.com/Fraenkiman/FP-1.3.1-Issue-471/archive/refs/heads/main.zip Simply replace the existing files with the two files from the archive.

Update: 17.10.2024: At a certain level I have to capitulate. I have therefore had the multitude of your output reviewed and asked that the corrections are compatible from PHP 7.2 to PHP 8.3. If the two fixed files from yesterday also produce errors, test the two files from this archive: https://github.com/Fraenkiman/FP-1.3.1-Issue-471-2/archive/refs/heads/main.zip

Which time zone and region is included in your PHP configuration by default?

Best regards Frank

[justrudra]

Hello Again @Fraenkiman,

Sorry I was a bit late to respond. The default timezone of the server is 'America/Detroit'.

I have tested both the set of files that you have provided.

1) With the first set of files php still throws errors as listed in the attached file below. Also at the bottom of the file there are two links to similar discussions. Not sure how much of that is useful in this case.

FP_errors.txt

2) With second set of files, the request for the url does not reach php. The server revolts with a 503 error:

3) Again when I do a fresh installation of FP 1.2.1 with php-8.0, everything runs just fine. no errors. This is really intriguing. Why is this happening with version 1.3.1 alone? Has this got something to do with bugs in smarty 4.X.X.. ?? That is because, as you said earlier, 'example.com/setup' url does not load smarty. And hence it displays correctly without errors. This again brings me to the conclusion, that the server environment or a php misconfiguration at server level is not a possibility in this case because FP 1.2.1 runs fine but FP 1.3.1 crashes.

Not sure if this can be sorted out. But thank you so much Frank for sparing your time and trying to help me out. :)

Best regards Rudra

[Fraenkiman]

Hello @justrudra,

the difference between FlatPress 1.2.1 and 1.3.1 is that the intl extensions are no longer optional, but mandatory. And the Smarty template engine has changed from 2.6 to 4.X. This was necessary to ensure compatibility with PHP 8.3. You may have a problem with installing the intl / PECL package.

Is this the only test system available to you or can you switch to another test system? If you have activated modsecurity, deactivate it as a test.

Your error log says: _The error occurs because the function DateTimeZone::_construct() expects a string, but an invalid or unknown value is passed. But one thing is for sure. The problem occurs primarily in the strftime_replacement() function. I have therefore made another change.

https://github.com/Fraenkiman/FP-1.3.1-Issue-471-3/archive/refs/heads/main.zip

Changes in detail:

• Before calling new \DateTimeZone($timezone), it is checked whether the passed time zone is contained in the list of valid time zones (\DateTimeZone::listIdentifiers()). If not, the time zone is set to 'UTC' to ensure that no error occurs.
• If an invalid time zone is passed, a fallback to 'UTC' is performed. This is a safe standard and avoids triggering errors if invalid values occur.
• It is now ensured that no infinite loop is created in the callback function for preg_replace_callback() (server error 503) and that invalid or unhandled format characters are properly intercepted.
• If an unknown or invalid format character is found, it is either replaced with a default value or left unchanged in the output.

I also have another suspect. The archive plugin. You would have to deactivate it before installing FlatPress. Open the file fp-defaults/plugins.conf.php in an editor. Comment out archives, then save the file. You could also deactivate the BBcode plugin before running the setup and activate it later in the admin area.

In your PHP configuration, comment out the time zone and the region as a test. Then start the setup as usual.

I'm looking forward to your feedback.

With best regards Frank

[justrudra]

Hi @Fraenkiman,

I hate to say this. But I guess, I am quitting now. Just a plain 503 server side error this time. It feels like hitting a dead end. Having said that, I will continue testing with different systems. Let me see if I run into same issue again. As of now, lets see this issue as a one off case.

Thank you once again Frank for all the help that you have provided.

[Fraenkiman]

Notes on server error 503:

How to deactivate the PHP immunity of Imunify360

Introduction For websites on a cPanel server with Imunify360, errors like the following can occur. 503 Service Unavailable The server is temporarily busy, try again later! The error can be resolved by disabling PHP immunity.

Procedure To disable PHP immunity in WHM.

• Log in to WHM as root and navigate to “Home / Plugins / imunify360”.
• Click on the gear icon to access the settings.
• Select the “Malware” tab.
• Deactivate the “PHP immunity” checkbox.
• Click on the “Save changes” button.

References: https://support.cpanel.net/hc/en-us/articles/11666545720983-How-to-disable-Imunify360-s-PHP-Immunity

[justrudra]

I have tried that. Does not work in my case. The web hosting service provider has sort of hard coded certain things, which the end users cannot change. And they are not very helpful either in sorting this out. And just respond saying use other blog/cms tool like wordpress.

Also, there are no issues with Flatpress version 1.2.1. It works fine. So its very difficult for me to conclude if it indeed is Imunify 360 that is creating this trouble. However, this possibility cannot be denied either, since I have no way to access Immunify 360 control panel and make the necessary changes.

Just for the sake of information to anyone who is reading is trying to use Flatpress in a shared hosting environment, the service provider in my case is 'simplesonic dot com'. This issue prevails in both of their Cpanel as well as DirectAdmin based hosting services. So I would, as on this date, suggest not to consider them as far as Flatpress hosting is concerned.

[Fraenkiman]

Hello @justrudra,

Thank you for your feedback. It's a pity that your shared hosting provider is restricting you so much. The problem also seems to be known at litespeedtech.com - without a connection to FlatPress.

I'll attach further documentation for similar cases: https://docs.litespeedtech.com/lsws/cp/cpanel/503-error/

After hours of reading, I have the feeling that only the shared web host provider can solve the problem. Perhaps they don't want to solve the problem, but rather encourage you to buy a more expensive product.

You can try to downgrade to PHP7.4. Or, if possible, switch to an Apache server. I would consider switching to an Apache server.

If you feel you are very close to a solution and need support, please let us know.

With best regards Frank

[justrudra]

Thank you @Fraenkiman .