CRITICAL Uncaught TypeError on Woocommerce

Hi @rezocom,

First step is to enable the iTSec Debug menu option as described in the article below:

How Do I Enable iThemes Security Debug?

Then navigate to the newly added Security > Debug menu option. On the Debug page in the Settings section select global from the drop down list and finally click on the Load button.

You’ll be presented with a list of ~34 settings and their values. One of these settings is “server_ips”. Does it exist? And if so, what is the current value? Usually it contains an array of 1 or more IPs. No need to produce the exact IPs.

If the setting does not exist, please share the full list of global settings. Don’t forget to anonymize any values you don’t want to share.

+++++ To prevent any confusion, I’m not iThemes +++++

Post edit: What PHP version is the site using?

• This reply was modified 1 year, 11 months ago by nlpro.

Hi @nlpro and thank you for the answer.
For the moment I didn’t have the time to do the manipulation for the debug log…
The PHP version is 8.1.
Does the log retrieved from woocommerce indicate any useful leads?
Thanks

Hi @rezocom,

Does the log retrieved from woocommerce indicate any useful leads?

Yes, definately. This seems to be a PHP 8 specific/related issue.

Still need the current value for the global server_ips setting to get a complete picture. Note the global server_ips setting default value is an empty array ([]). On plugin initialization the setting’s value is usually updated to an array containing 1 or more IPs.

Based on the information provided so far it looks like it’s current value is an empty array or null. And PHP 8 (array_merge() function) doesn’t like it.

• This reply was modified 1 year, 11 months ago by nlpro.

Hello @nlpro,

Thank you for these answers.
I installed the debug log as mentioned in the first message.
To answer in order, here is already the "global debug" :

{
"lockout_message": "error",
"user_lockout_message": "You have been locked out due to too many invalid login attempts.",
"community_lockout_message": "Your IP address has been flagged as a threat by the iThemes Security network.",
"blacklist": true,
"blacklist_count": 6,
"blacklist_period": 5,
"lockout_period": 25,
"lockout_white_list": [
"66.249.66.28",
"66.249.64.87",
"66.249.64.215",
"66.249.64.216",
"66.249.64.217",
"66.249.64.218",
"66.249.64.219",
"66.249.64.220",
"109.234.163.160",
"109.234.164.22"
],
"log_rotation": 14,
"file_log_rotation": 90,
"log_type": "file",
"log_location": "/home/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/wp-content/uploads/ithemes-security/logs",
"allow_tracking": false,
"write_files": true,
"nginx_file": "/home/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/nginx.conf",
"proxy": "automatic",
"proxy_header": "HTTP_X_FORWARDED_FOR",
"hide_admin_bar": true,
"show_error_codes": false,
"build": 4126,
"initial_build": 4112,
"activation_timestamp": 1510128238,
"cron_status": 0,
"use_cron": false,
"cron_test_time": 1671828607,
"enable_grade_report": false,
"server_ips": null,
"feature_flags": [],
"manage_group": [],
"licensed_hostname_prompt": false,
"automatic_temp_auth": true,
"onboard_complete": true,
"enabled_tools": [],
"enable_remote_help": false,
"log_info": "xxxxxxxxxxxxxxx-2yAGWsMDRmInitxQGGmdBlGoFOrXw8"
}

The server-ips is "null"…
What should I do then? Do I have to downgrade the PHP version?
Thanks, have a nice day

Hi @rezocom,

No, I don’t think you need to downgrade the PHP version.

Clearly, the global server_ips setting should not be null. No idea how it got that invalid value. Might be a remnant of the past. It probably wasn’t a problem when using PHP < 8. But as soon as you updated PHP to version 8 the null value became a problem (CRITICAL Uncaught TypeError:).

Luckily the Debug page UI (Settings section) also allows you to manually change the null value to an empty array ([]). So simply manually replace null with [] and then click on the Save button. That should take care of the issue. Be careful, don’t change anything else.

Once the null value is changed to an empty array ([]) navigate to:

Security > Settings > Tools

Click on the first tool in the list of tools => Identify Server IPs and then click on its Run button.

This should now add the correct website server IP(s) to the global server_ips setting. The tool will inform you about the result. To doublecheck you can also navigate back to the Debug page.

Ok thanks a lot for all this information anyway ! ??
Happy Christmas and Holidays

Hi @rezocom, I hope the information provided by nlpro helped resolve the issue. If you still need assistance, feel free to open a new support topic, and we’d be happy to assist. Thank you!