Critical issue in Site Health after updating the plugin to version 4.7

Prior to version 4.7, NinjaFirewall was hiding that message because it was scary and was displayed even if there was no error. NinjaFirewall does use session but it closes it before any HTTP requests. Still, Site Health displays the scary message anyway.
Since version 4.7, we don’t hide it any longer because we think it’s not NinjaFirewall that should handle that, but rather the developers of Site Health.
In your case, unless you have another critical error displayed by Site Health, there’s nothing to worry about.

Thank you for your reply and clarification. If this warning in Site Health does not pose any danger to the stable operation of the site, then I will ignore it. I think I have no more questions on this topic.

“there’s nothing to worry about”

It is . NinjaFirewall can not be disabled from the Dashboard. NinjaFirewall can not be deactivated from Plugins. Both actions return “There has been a critical error on this website. Please check your site admin email inbox for instructions.”

Same message when admin user logs in.

The problem might come from the Event Notifications function. All works well if all event notifications are disabled.

[11-Nov-2024 18:11:47 UTC] PHP Fatal error:  Uncaught Error: Call to undefined function PHPMailer\PHPMailer\mail() in /home/whatever/public_html/wp-includes/PHPMailer/PHPMailer.php:881
Stack trace:
#0 /home/whatever/public_html/wp-includes/PHPMailer/PHPMailer.php(1972): PHPMailer\PHPMailer\PHPMailer->mailPassthru()
#1 /home/whatever/public_html/wp-includes/PHPMailer/PHPMailer.php(1693): PHPMailer\PHPMailer\PHPMailer->mailSend()
#2 /home/whatever/public_html/wp-includes/PHPMailer/PHPMailer.php(1525): PHPMailer\PHPMailer\PHPMailer->postSend()
#3 /home/whatever/public_html/wp-includes/pluggable.php(546): PHPMailer\PHPMailer\PHPMailer->send()
#4 /home/whatever/public_html/wp-content/plugins/ninjafirewall/lib/utils.php(1668): wp_mail()
#5 /home/whatever/public_html/wp-content/plugins/ninjafirewall/lib/utils.php(833): nfw_mail()
#6 /home/whatever/public_html/wp-content/plugins/ninjafirewall/ninjafirewall.php(591): nfw_send_loginemail()
#7 /home/whatever/public_html/wp-includes/class-wp-hook.php(324): nfw_login_hook()
#8 /home/whatever/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()
#9 /home/whatever/public_html/wp-includes/plugin.php(517): WP_Hook->do_action()
#10 /home/whatever/public_html/wp-includes/user.php(138): do_action()
#11 /home/whatever/public_html/wp-login.php(1315): wp_signon()
#12 {main}
  thrown in /home/whatever/public_html/wp-includes/PHPMailer/PHPMailer.php on line 881

@nintechnet thank you for your reply. while i understand that this isn’t your fault, it still might look scary to my clients.

do the developers of Site Health know about this specific case?

@scinews: your issue is not related to this discussion. NinjaFirewall calls the wp_mail() function and your site cannot find the PHPMailer library (which is included with WP) :

#4 /home/whatever/public_html/wp-content/plugins/ninjafirewall/lib/utils.php(1668): wp_mail()

Check your WordPress installation, and make sure it’s not corrupted. You can reinstall WP without affecting your current configuration: “Dashboard > Update > Re-install version {current_version}”

@getupworks: I really can’t recall, that message has been there for years! I had even forgotten we were hiding it. We are currently rewriting a lot of code in NF and I came across the code that hid the notice last week. I decided to stop hiding it, but that wasn’t a good idea: it’s scary and useless.
I reversed the change and within the next few hours, the message should be gone. Go to “NinjaFirewall > Security Rules” and click the “Check for updates now” to make sure you have the latest rules. Then go to site health to check if the scary message is gone.

Also, to those who don’t want to use PHP sessions, we introduced NinjaFirewall sessions in the latest 4.7 version.

@nintechnet it’s hidden now. thank you!