Some users may receive a fatal error when trying to Export from WordPress – “Fatal error: Cannot redeclare wp_unregister_globals() (previously declared in…)”. This error can be caused by a default setting in ModSecurity – an open source firewall (for Apache HTTP servers) which is often used on VPS and dedicated servers.
Export From WordPress – Within WordPress there is an option to Download Export File (Tools \ Export) of Posts, Pages or All content. This creates an XML backup file to save to your computer – depending on which option you choose it will download some or all of your posts, pages, comments, custom fields, categories, and tags.
In some cases (especially if trying to export All content), Export produces the fatal error – even though the rest of the WordPress site functions normally. The error is more likely to occur after migrating a WordPress site to a new hosting provider or server but could also occur after an existing site grows to a certain size.
In our case, we encountered it after migrating TechLogon to a new VPS with default ModSecurity enabled.
Error Logs – If you are able to review your VPS/dedicated server error logs (in /usr/local/apache/logs/error_log if you are using cPanel) look for the following error message at the time you tried to Export:
- “ModSecurity: Output filter: Response body too large (over limit of 524288, total not specified)”
This indicates that the backup XML file you tried to Export is larger than 512K and has therefore fallen foul of ModSecurity output filtering which, by default, sets a limit of 524288B (512K).
Fixing The Fatal Error – By default, ModSecurity limits the size of output file to 512K via ‘SecResponseBodyLimit’ – the limit is designed to protect from potential denial of service attacks. To resolve the error you could increase the value of SecResponseBodyLimit to a larger number e.g. 2097152 (2MB) and try to Export again – you may need to increase further if still not high enough for your Export file.
SecResponseBodyLimit can be found in the ModSecurity configuration file named “modsecurity_crs_10_config.conf”. If you are using a managed server, ask your hosting provider to increase the value of SecResponseBodyLimit in this configuration file for you.
If this fatal error only occurs when trying to Export from WordPress, especially if you recently switched servers, it is likely due to ModSecurity limiting the file size. Note that increasing the limit could have an adverse security impact as it may reduce your protection from potential denial of service attacks.
The alternative is to not use the Export command – employ other means to backup your WordPress installation, files and databases e.g. Cpanel Backups / phpMyAdmin / FTP etc.