Really Simple SSL

Fatal error on settings page

On some servers, we’ve seen a critical error on the settings page. The debug log showed this error:

Fatal error: [disabled_function] Aborted execution on call of the function ‘function_exists’, because its argument ‘$function_name’ content (shell_exec) matched a rule in public_html/wp-content/plugins/really-simple-ssl/lets-encrypt/functions.php on line 652

This line is causing the error:

if ( function_exists('shell_exec') || function_exists('system') || function_exists('passthru') || function_exists('exec') ) {
return true;

It appears to be triggered by security software.

The software blocks execution of the line which contains the reference to the shell_exec function.

While this function can be misused by software which has gained access to the site, there are several reasons why this specific security measure seems rather silly:

– the shell_exec function is not actually used here, the plugin only checks if the function exists.
– most providers do not load this function. This is what the function_exists function checks. In that case, blocking it would be obsolete: it’s not there anyway.
– if the hosting company has chosen to load the shell_exec function in the first place, it’s a bit strange to block it when it’s actually used.

I don’t see a use case where you would want to provide a server with the shell_exec function, then block its use.

If you have this issue, please let us know which hosting company you use. I’m very interested in getting into contact with them to discuss why they do this.

Rogier

Rogier

Related articles

Join our mailing list - 8 Tips & Tricks in your inbox over the next 8 weeks!

Integrate with Really Simple SSL

Really Simple SSL offers a Free SSL Certificate from Let’s Encrypt. Do you want to integrate with Really Simple SSL as a hosting provider? Let us know!

Choose the answer that most closely resembles your proposed integration. Additional information can be entered below.
After sending the form. The pop-up will close automatically.