New installation using Wordpress Tool Kit fails

Operating System & Version
CL 7.9
cPanel & WHM Version
102.0.2

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
We are installing a new instance of Wordpress for a customer using the Tool Kit. The public_html was empty when starting. We get these errors (identifying info munged):

WordPress was installed with errors:
Fatal error: Uncaught Error: Call to undefined function PHPMailer\PHPMailer\mail() in /home/USER/public_html/wp-includes/PHPMailer/PHPMailer.php:874
Stack trace:
#0 /home/USER/public_html/wp-includes/PHPMailer/PHPMailer.php(1923): PHPMailer\PHPMailer\PHPMailer->mailPassthru('[email protected]', 'New WordPress S...', 'Your new WordPr...', 'Date: Tue, 15 F...', NULL)
#1 /home/USER/public_html/wp-includes/PHPMailer/PHPMailer.php(1657): PHPMailer\PHPMailer\PHPMailer->mailSend('Date: Tue, 15 F...', 'Your new WordPr...')
#2 /home/USER/public_html/wp-includes/PHPMailer/PHPMailer.php(1493): PHPMailer\PHPMailer\PHPMailer->postSend()
#3 /home/USER/public_html/wp-includes/pluggable.php(544): PHPMailer\PHPMailer\PHPMailer->send()
#4 /home/USER/public_html/wp-admin/includes/upgrade.php(624): wp_mail(Array, 'New WordPress S...', 'Your new WordPr...', Array)
#5 /home/USER/public_html/wp-admin/includes/upgrade.php(117): wp_new_blog_notification('COMPANY', 'https://WEBSITE...', 1, 'The password yo...')
#6 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/core-command/src/Core_Command.php(618): wp_install('COMPANY', 'admin', '[email protected]', true, '', 'FAKEPW')
#7 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/core-command/src/Core_Command.php(401): Core_Command->do_install(Array)
#8 [internal function]: Core_Command->install(Array, Array)
#9 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/WP_CLI/Dispatcher/CommandFactory.php(100): call_user_func(Array, Array, Array)
#10 [internal function]: WP_CLI\Dispatcher\CommandFactory::WP_CLI\Dispatcher\{closure}(Array, Array)
#11 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/WP_CLI/Dispatcher/Subcommand.php(491): call_user_func(Object(Closure), Array, Array)
#12 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/WP_CLI/Runner.php(399): WP_CLI\Dispatcher\Subcommand->invoke(Array, Array, Array)
#13 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/WP_CLI/Runner.php(422): WP_CLI\Runner->run_command(Array, Array)
#14 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/WP_CLI/Runner.php(1214): WP_CLI\Runner->run_command_and_exit()
#15 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/WP_CLI/Bootstrap/LaunchRunner.php(23): WP_CLI\Runner->start()
#16 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/bootstrap.php(77): WP_CLI\Bootstrap\LaunchRunner->process(Object(WP_CLI\Bootstrap\BootstrapState))
#17 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/wp-cli.php(27): WP_CLI\bootstrap()
#18 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/wp-cli/wp-cli/php/boot-fs.php(17): require_once('/usr/local/cpan...')
#19 /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/wpt-wp-cli.php(31): require_once('/usr/local/cpan...')
#20 Command line code(1): require('/usr/local/cpan...')
#21 {main}
thrown in /home/USER/public_html/wp-includes/PHPMailer/PHPMailer.php on line 874
Error: There has been a critical error on this website.Learn more about troubleshooting WordPress. There has been a critical error on this website.


We have successfully updated existing WP installations using the WPTK, and haven't experienced these issues. We tried twice to install, failing both times with the same errors, public_html empty both times. Anybody have any idea what is going on?
 

quietFinn

Well-Known Member
Feb 4, 2006
1,653
326
438
Finland
cPanel Access Level
Root Administrator
Here:
seems to be similar thread.
 
  • Like
Reactions: jndawson

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
Here:
seems to be similar thread.
Yup, that was it. Thanks.
 

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
And now a new issue, apparently while trying to install the WP essentials/Jetpack plugins:
Code:
Could not install the set on the WordPress website.
Could not install the set on the WordPress website.
- Unable to install plugin 'limit-login-attempts-reloaded' to 'WordPress instance #11 ('https://DOMAIN/wordpress')'. WP-CLI response: 'Fatal error: [snuffleupagus][disabled_function] Aborted execution on call of the function 'curl_setopt', because its argument '$option' content (81) matched the rule 'Please don't turn CURLOPT_SSL_VERIFYHOST off.' in /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/rmccue/requests/library/Requests/Transport/cURL.php on line 152
Error: There has been a critical error on this website.Learn more about troubleshooting WordPress. There has been a critical error on this website.
'
- Fatal error: [snuffleupagus][disabled_function] Aborted execution on call of the function 'curl_setopt', because its argument '$option' content (81) matched the rule 'Please don't turn CURLOPT_SSL_VERIFYHOST off.' in /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/rmccue/requests/library/Requests/Transport/cURL.php on line 152
Error: There has been a critical error on this website.Learn more about troubleshooting WordPress. There has been a critical error on this website.
Not sure what's going on, but we've had at least 2 other customers asking about this. It's difficult to encourage customers to maintain updated sites when they run into these issues.
 
Last edited:

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
This link explains how to fix it, but the question is, will something else break? And why isn't it already fixed?

PHP Fatal error: [snuffleupagus][disabled_function] Aborted execution on call of the function 'curl_setopt', because its argument '$option' content (81) matched the rule 'Please don't turn CURLOPT_SSL_VERIFYHOST off.' - Knowledgebase - Assistanz Networks

Basically, find the file:

/usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/rmccue/requests/library/Requests/Transport/cURL.php

Make the following changes:

Code:
From
~~~
152 curl_setopt($this->handle, CURLOPT_SSL_VERIFYHOST, 0);
153 curl_setopt($this->handle, CURLOPT_SSL_VERIFYPEER, 0);
161 curl_setopt($this->handle, CURLOPT_SSL_VERIFYHOST, 0);
~~~
To
~~~
152 curl_setopt($this->handle, CURLOPT_SSL_VERIFYHOST, 1);
153 curl_setopt($this->handle, CURLOPT_SSL_VERIFYPEER, 1);
161 curl_setopt($this->handle, CURLOPT_SSL_VERIFYHOST, 1);
~~~
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,632
363
cPanel Access Level
Root Administrator
This workaround isn't something that's part of WordPress Toolkit. The workaround is something that gets applied to the WordPress theme itself if the site disables that specific PHP something. There just isn't a way to account for this on the cPanel side of things.

I actually thought you had posted our article, but now realize that isn't the case. There are more details on this here:

 

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
This workaround isn't something that's part of WordPress Toolkit. The workaround is something that gets applied to the WordPress theme itself if the site disables that specific PHP something. There just isn't a way to account for this on the cPanel side of things.

I actually thought you had posted our article, but now realize that isn't the case. There are more details on this here:

More info on this extremely frustrating issue.

We have patched several cURL.php files as noted above. The fix worked great. Than an update over wrote the file and customers again complaining.

The suggested fix from cPRex is to tell customers to 'patch this via your theme's functions.php' which goes over well with customers who just want their website to work without having to fool with it as one would expect. And it's just not customers - we have relationships with several web spinners who host their clients' sites with us who are also frustrated and have made it clear that they have other hosting options.

The other suggested repair option is to remove snuffleupagus from EA4, which opens up security issues.

This is becoming quite the support issue. Are there any other suggestions? Will this continue to be an issue?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,632
363
cPanel Access Level
Root Administrator
@jndawson - sorry about the delay, but I wanted to reach out to some other team members and do some research on this.

Unfortunately I don't think there is anything we can do on the cPanel side here. The issue happens with either a plugin or a custom theme where they are trying to disable the SSL verification.

You mentioned the Curl file but our recommendation is to edit the value in the functions.php file for WordPress. Does an update also overwrite this file?

WordPress themselves have been made aware of the issue, and also tagged this as "won't fix" because it's not an issue with the WordPress core tools. Details on that can be found here:

 

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
[snip]
You mentioned the Curl file but our recommendation is to edit the value in the functions.php file for WordPress. Does an update also overwrite this file?
[snip]
We've referred three customers to the referenced page and the collective response has been, "wtf?" The 2 biggest complaints are (1) the instructions don't say where the line is to be inserted into (2) which of the theme's 3 functions.php files. And I would imagine that every time a theme gets updated the functions.php file gets rewritten.

So, between Wordpress, theme developers, and cPanel, there are no fixes that don't require training customers how to fix a known problem or tie up staff resources fixing somebody elses' code.

On a personal note, I'm currently wrangling system and network updates in three data centers and really am a bit chuffed we have to deal with this, and will continue to have to deal with this.
 

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
More update:
We've added the line from https://support.cpanel.net/hc/en-us...-Causes-Site-to-not-Load-due-to-CURLOPT-error to two functions.php file for 2 different sites and the errors still crop up.
Code:
[29-Mar-2022 20:12:44 UTC] PHP Notice:  curl_setopt(): CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead in /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/rmccue/requests/library/Requests/Transport/cURL.php on line 155
[29-Mar-2022 20:12:44 UTC] PHP Notice:  curl_setopt(): CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead in /usr/local/cpanel/3rdparty/wp-toolkit/plib/vendor/wp-cli/vendor/rmccue/requests/library/Requests/Transport/cURL.php on line 166
We have extremely upset customers. There has to be a permanent fix to this.
 
Last edited:

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
Just thought I'd point out that the IPs listed in WHM > Support > Grant cPanel Access...:

Info: Make sure that the following IP addresses may connect to your server:
  • 184.94.197.6 - cPanel Support
  • 184.94.197.5 - cPanel Support
  • 184.94.197.4 - cPanel Support
  • 184.94.197.3 - cPanel Support
  • 208.74.123.98 - cPanel Support
  • 69.175.106.198 - Cloud Linux Support
  • 35.161.131.175 - LiteSpeed Web Server Support
  • 184.94.197.2 - cPanel Support
... don't include the 2 IPs the CP techs were trying to use to access our server:
208.74.121.38 & 159.253.142.50
 

jndawson

Well-Known Member
Aug 27, 2014
342
37
78
Western US
cPanel Access Level
DataCenter Provider
I see you included that in the ticket too - we'll be sure to get that updated!
We also have a bunch more IPs that we've whitelisted over the years based on lists provided by cPanel that aren't listed on the page.

All this to say that we've opened numerous tickets in the past with zero issues.