Changes Cause Site to not Load due to Fatal error: CURLOPT

 

Symptoms:

 

Appears suddenly after changes are made to your hosting account or script/app.

Changes can include:

  • Moving to our (or a new) hosting service.
  • Changing your PHP version - can be done via the PHP Selector tool in your hosting control panel (cPanel).
  • Changing a Wordpress based site's theme.
  • Using an older Wordpress theme (such as Twenty Fifteen) combined with server security updates performed by an admin.

 

Error:

 

The error displayed will look similar to (for Wordpress):

*Fatal error*: [snuffleupagus][disabled_function] Aborted execution on call of the function 'curl_setopt', because its argument '$option'content (81) matched the rule 'Please don't turn CURLOPT_SSL_VERIFYHOST off.' in*/path/to/your/wp/wp-includes/Requests/Transport/cURL.php*on line 000

 

Error but not displayed, site comes up blank:

If errors are not displayed in your browser and your site comes up basically blank or with just a troubleshooting link for Wordpress, then you will need to look in the error_log for the script/app. Assuming error logging has not been turned off in a local php.ini settings file, the error log is in the same directory as the main PHP script/app is running in. You can scroll down to the bottom of the file to see the most recent files. If the file is large, you can delete it and then try to access your WP (or PHP) based site again. If a new error_log file reappears after refreshing the view of your files, then you can see what the errors were.

 

Why:

 

This comes from a plugin package that adds extra security rules to PHP. These additional rules then cause insecure CURLOPT commands to fail. Here's more from the package's description:

Snuffleupagus is a PHP7+ module designed to drastically raise the cost of
attacks against websites. This is achieved by killing entire bug classes and
providing a powerful virtual-patching system, allowing the administrator to fix
specific vulnerabilities without having to touch the PHP code.

 

Workaround:

 

You'll need to ensure your site is not disabling SSL VerifyHost through curl_setopts() in your PHP code.

 

On WordPress, you can try to patch this via your theme's functions.php by adding the following line:

 

add_filter( 'https_local_ssl_verify', '__return_true' );

 

You can add this line anywhere in the functions.php file, we recommend near the top after the initial comments which start and end with a forward slash and contain asterisks.

 

 

 

 

  • wordpress, PHP, CURLOPT, security, wordpress errors, PHP errors
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to increase PHP Memory Limit in your hosting control panel

  Why does the Memory limit error happens ? Sometimes when you execute a PHP script, you will...

How to Increase PHP Max Post Size or Upload Max Size

  How to Increase Max Sizes: First, login to your cPanel account using your cPanel username and...