Sageth

Just because the post above is so large already, I commented out printing the source in table-printer again and I ran the URL check. Here’s what I see (again, nothing special to me):

Link last checked: April 10, 2024
HTTP code: 200
Response time: 0.128 seconds
Final URL: https://myalias.cloudflareaccess.com/cdn-cgi/access/login/example.com?kid=8a5d7b96f37ab8554732060a5925144cd879dcad13a6f17d989bfca07ebd985a&redirect_url=%2Fwp-login.php%3Fregistration%3Ddisabled&meta=3N1ZXJaaw
Redirect count: 1
Instance count: 1

Log shows:

Log: === HTTP code : 200 ===

Response headers
================
HTTP/2 302
date: Wed, 10 Apr 2024 01:34:22 GMT
location: https://myalias.cloudflareaccess.com/cdn-cgi/access/login/example.com?kid=8a5d7b96f37ab8554732060a5925144cd879dcad13a6f17d989bfca07ebd985a&redirect_url=%2Fwp-login.php%3Fregistration%3Ddisabled&meta=3N1ZXJaaw
set-cookie: CF_AppSession=abc123; Expires=Thu, 11 Apr 2024 01:34:22 GMT; Path=/; Secure; HttpOnly
access-control-allow-credentials: true
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utKctBn0xYlt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 871efe7bbd2e6a5f-EWR
alt-svc: h3=":443"; ma=86400

HTTP/2 200
date: Wed, 10 Apr 2024 01:34:22 GMT
content-type: text/html
content-length: 28387
access-control-allow-origin: null
set-cookie: CF_Session=nZkCXs6ZewQkrxpGG; Path=/; Secure; Expires=Wed, 10 Apr 2024 05:34:22 GMT; HttpOnly; SameSite=none
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
cf-access-domain: example.com
cf-version: 1651-0fbc2fc
content-security-policy: frame-ancestors 'none'; connect-src 'self' https://127.0.0.1:*; default-src https: 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 871efe7bd90143f4-EWR

Request headers
================
GET /cdn-cgi/access/login/example.com?kid=abcd&redirect_url=%2Fwp-login.php%3Fregistration%3Ddisabled&meta=3N1ZXJaaw HTTP/2
Host: myalias.cloudflareaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.34 Safari/537.36
Accept: */*
Referer: https://example.com
Connection: close
Range: bytes=0-2048


Link is valid.

I’m willing to give the exact URL which causes the issue so you can see how it behaves, but I would prefer not to post my URL here. Is there somewhere I can provide a few private details while we troubleshoot more publicly?

The first block printed fine, though I get the error still. I see the post contents and the ID, so I can identify the specific page now, however, I still get the wordpress error. I substantially cut this data down and only copied a bit of the post:

WP_Post Object ( [ID] => 15235 [post_author] => 1 [post_date] => 2023-11-10 14:32:11 [post_date_gmt] => 2023-11-10 19:32:11 [post_content] =>

Our Latest Posts

No posts were found.

WP_Post Object ( [ID] => 15235 [post_author] => 1 [post_date] => 2023-11-10 14:32:11 [post_date_gmt] => 2023-11-10 19:32:11 [post_content] => [post_title] => Blog Home [post_excerpt] => Displays the latest posts as either the site homepage or as the “Posts page” as defined under reading settings. If it exists, the Front Page template overrides this template when posts are shown on the homepage. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => home [to_ping] => [pinged] => [post_modified] => 2024-04-09 19:48:45 [post_modified_gmt] => 2024-04-09 23:48:45 [post_content_filtered] => [post_parent] => 0 [guid] => https://example.com/uncategorized/home [menu_order] => 0 [post_type] => wp_template [post_mime_type] => [comment_count] => 0 [filter] => raw )

There has been a critical error on this website. Please check your site admin email inbox for instructions.

Learn more about troubleshooting WordPress.

For the second, I tried removing the filter and it made no difference.

Over the weekend, I had also tried debugging further and dumping $this and $post, but nothing stuck out as particularly interesting. Whatever happens on this link, though, it prevents all other BLC links on the page from working.

My link https://example.com/wp-login.php?registration=disabled redirects to this Cloudflare product (https://www.cloudflare.com/zero-trust/products/access/). Anything that goes to wp-login.php* will redirect to a sort of an MFA page off-domain. That page is publicly accessible from everywhere and, once passing the MFA, will redirect to the correct location. The URL format is like this:

https://myalias.cloudflareaccess.com/cdn-cgi/access/login/example.com?blah=…

I have verified with curl that it returns a 200 after a 301 redirect.

Last, I enabled email debugging and the email seems to have a longer stack trace (which I haven’t looked into too deeply yet). Ultimately, I don’t know why this fails the way that it does — I have a lot of other external links with redirects

Error Details
=============
An error of type E_ERROR was caused in line 579 of the file /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php. Error message: Uncaught ArgumentCountError: 3 arguments are required, 2 given in /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php:579
Stack trace:
#0 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php(579): sprintf()
#1 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php(543): blcAnyPostContainer->get_edit_url()
#2 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/instances.php(463): blcAnyPostContainer->ui_get_source()
#3 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/admin/table-printer.php(798): blcLinkInstance->ui_get_source()
#4 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/admin/table-printer.php(490): blcTablePrinter->column_used_in()
#5 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/admin/table-printer.php(147): blcTablePrinter->link_row()
#6 /var/html/wp-content/plugins/broken-link-checker/legacy/core/core.php(1988): blcTablePrinter->print_table()
#7 /var/html/wp-content/plugins/broken-link-checker/app/admin-pages/local-submenu/class-view.php(52): wsBrokenLinkChecker->links_page()
#8 /var/html/wp-content/plugins/broken-link-checker/app/admin-pages/local-submenu/class-controller.php(189): WPMUDEV_BLC\App\Admin_Pages\Local_Submenu\View->render()
#9 /var/html/wp-includes/class-wp-hook.php(324): WPMUDEV_BLC\App\Admin_Pages\Local_Submenu\Controller->output()
#10 /var/html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()
#11 /var/html/wp-includes/plugin.php(517): WP_Hook->do_action()
#12 /var/html/wp-admin/admin.php(259): do_action()
#13 {main}
 thrown

Looks like I had missed a link, as it showed up again today in the “redirects” section of the plugin. In this case, the link goes to /wp-login.php?registration=disabled

It shows as a 200 and under source, it says:

There has been a critical error on this website. Please check your site admin email inbox for instructions.

Learn more about troubleshooting WordPress.

I am unable to interact with that row (or, in the case before, anything on that page). Following the link by manually typing it in brings me to a cloudflare zero trust error page.

I don’t know where this is coming from yet, as the source is showing the error. I will need to do more research.

Stack trace appears the same (some items edited):

2024/03/31 19:39:32 [error] 1014#1014: *5918 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught ArgumentCountError: 3 arguments are required, 2 given in /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php:579
Stack trace:
#0 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php(579): sprintf()
#1 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/any-post.php(543): blcAnyPostContainer->get_edit_url()
#2 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/instances.php(463): blcAnyPostContainer->ui_get_source()
#3 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/admin/table-printer.php(798): blcLinkInstance->ui_get_source()
#4 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/admin/table-printer.php(490): blcTablePrinter->column_used_in()
#5 /var/html/wp-content/plugins/broken-link-checker/legacy/includes/admin/table-printer.php(147): blcTablePrinter->link_row()
#6 /var/html/w" while reading upstream, client: xxx, server: xxx, request: "GET /wp-admin/admin.php?page=blc_local&filter_id=redirects HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "xxx", referrer: "https://example.com/wp-admin/admin.php?page=blc_local"

• This reply was modified 8 months ago by Sageth. Reason: clarifying

Once I did the temporary fix by commenting out that line, I was able to dismiss it and subsequently unlinked the URL as I no longer allow logins.

The error has not returned. I will post back here if I see it come up again. Thank you for researching.

The only place that this link existed is on a Page (not Post) where I had a FAQ.

The link location went to the following location (redirect_to was left empty). /wp-login.php?action=register&redirect_to=

Functionally, this worked correctly in a browser. I don’t think that there was anything special with this other than that it redirected to a login page. However, the login/admin pages are locked behind a web page for authentication (Cloudflare Zero Trust) and isn’t a basic auth login with the pop-up asking for username/password.

This is a slightly different setup and I’m not discounting that as a cause.

Confirmed that this is resolved. I have been running for ~16 hours and no errors. Thank you, and sorry I didn’t have a chance to look into this myself more.

Minor update. I was able to reproduce the error. The public page returns a critical error page. I can get to the page in admin, but I can’t make any modifications, as you initially suspected. I’m also starting to get recovery mode emails.

In my set-up, my captions are often the same as the image description and alternative text.

On one page in the admin, the image showed a few words of alt text until a (presumably unescaped/encoded) quotation mark.

On another page, there doesn’t appear to be any punctuation or special character. On that page, there is no alt text or caption.

I’m not home yet to look in more detail in the database — going mostly by logs at this point.

Quick update. I can confirm that the error occurs with featured images. Every erroring featured image I’ve checked has an alt tag of 422-460 characters.

While that isn’t something I’m willing to change right now on historical content, I will take this into consideration for the future as I wasn’t really aware that my alt tags were so long.

Thank you for the info and no problem on the fix. If I get some time, I will try to look into a patch as well, though I won’t be able to look for at least 24 hours.

Also, I tested a few URLs (PHP8) and I am definitely able to view the images with no problem on the front-end. I have some aggressive caching in place, because my site is so image heavy, so disabled that and also had no problem. I was also able to see and modify the image (metadata) in the library and on the page itself, but I did not try cropping or editing the image itself. As far as I can tell, it is not impacting the page.

I do see some 404/blank images in cases where the image was scaled and -scaled was appended to the filename, but I don’t think that’s related at first glance. All cases are legitimate 404’s due to other work I was doing.

I’ll keep digging.

Thanks, that’s ok. The native plugins (e.g. query loop) cover my use case, so I changed my site over and removed Spectra.

Here is a short video showing what I mean. Notice that once I add the tags, I am able to immediately use those tags within WordPress content. I am not able to use the new tag in the post grid block. I saved as draft, refreshed the page and it still isn’t available.

The only way to get it to show is to publish the post. I have even tried creating the tag ahead of time and then creating the post and it doesn’t show. It’s almost like there has to be an active post that uses the tag before it is available for use.

https://photos.app.goo.gl/9tqW3xVETJ9NBjUm6

• This reply was modified 1 year, 8 months ago by Sageth. Reason: Clarifying

In your case, the tag already exists. On your post, create a brand new tag. Then try to use that new tag on your post grid (including while saved as draft, before publishing).

I will try to create a short video tonight

Here is another option which also doesn’t solve the root problem, but may help in certain cases, like litespeed cache.

Create a mysql event to delete the posts hourly. This does require turning on the event scheduler, which may not be available, particularly on shared hosting. If you’re managing your own database, you can do this (change items <marked> as applicable to your own database:

SET DELIMITER ;;

CREATE EVENT wp_options_cleanup ON SCHEDULE EVERY 1 HOUR STARTS '2023-01-01 00:15:00' ON COMPLETION NOT PRESERVE ENABLE COMMENT 'Cleanup of Spectra events' DO BEGIN

-- CLEAN UP HUGE wp_options FROM SPECTRA
DELETE FROM <schema>.wp_options WHERE option_name LIKE 'wp_collect_spectra%';

END;;
SET DELIMITER ;

Then go to /etc/my.cnf (or applicable file for your system) and under the [mysqld] section, add a line like this — a reboot may be required, but I think you can just restart the sql service:

[mysqld]
event_scheduler=ON

This will delete the entries every hour and might buy some time.

Wish I had a better answer… but like you, it doesn’t matter how good the plugin is, it can’t bring so many systems to a grind and while it’s going to be a PITA, I may need to start looking at other options as well.

Random question: I have more than 8000 entries in my wp_posts table on my site. Is this happening to anyone with only a few posts for a static-ish site?

• This reply was modified 1 year, 10 months ago by Sageth. Reason: Didn't finish my question. :/
• This reply was modified 1 year, 10 months ago by Sageth. Reason: Clarifying

Fwiw, I found an alternate solution — disable stats collection. Here’s how I resolved it. It doesn’t get to the root of the issue, but it does allow me to keep things running and isn’t continuing to grow the wp_options table.

https://www.ads-software.com/support/topic/huge-wp_options-table-size/#post-16378967

Hope it helps someone.

Started for me after the last upgrade (this week). If you set spectra_blocks_count_stats to not autoload, seems to be more stable. I had to delete the option, reactivate the plugin, and then set to no.

I found this due to this post: https://www.ads-software.com/support/topic/huge-wp_options-table-size/#post-16378967