WordPress: Call to undefined function wp()

By Web Design, WordPress

WASHINGTON DC WordPress development company – Herndon, Virginia

Recently, one of our clients reported that they were seeing a PHP Fatal Error when attempting to access their website. Here is the error we saw:

PHP Fatal error: Call to undefined function wp() in <WordPress path>\wp-blog-header.php on line 14

I did some research and ended up checking the wp-config.php file, which turned out to be empty. Apparently, WordPress does not know how to gracefully handle an empty config file.

After restoring the file from a backup, the website loaded correctly and no longer displayed the error.

If you find yourself in a similar situation, here are the steps I would recommend taking:

  1. Change all passwords associated with your web server and WordPress installation. If you use the same password on any other websites, you should change it on those sites as well, and I recommend using a different password on all sites (it may be beneficial to look into using a password manager, such as LastPass or KeePass).
  2. Make a backup of the current files so you can do some sniffing around for suspicious activity, and then restore your whole site from a recent backup. At the very least, restore the unmodified wp-config.php file from your backup.
  3. Set the file permissions for the wp-config.php file and, to be safe, your .htaccess file (on Apache servers) to be read-only (0444). This will at least make it more difficult for the file to be changed in the future and should prevent accidental changes as well because the permissions will need to be changed to allow writing before it can be modified again.
  4. Search for suspicious code, malware, or any more unexpected changes in the files in the backup you made before restoring from a previous backup. As a pointer, I recommend checking the Last Modified time for any changes that have occurred since the last time you know legitimate changes were made.
  5. If you find anything, you should contact your web host or server administrator so that they can investigate and remove any bad code.

I hope this post has helped you fix the issue and prevent or recover from any hacking attempt on your website.

Tagged under: