Support » Everything else WordPress » Site Health Issue

  • Resolved WanderingOn

    (@wanderingon)


    Hi,

    I have encountered an issue under Tools > Site Health

    1 critical issue has been detected: “Your site is set to log errors to a potentially public file.” This has been flagged as a Security issue.

    How can I resolve this?

    Thanks

Viewing 9 replies - 1 through 9 (of 9 total)
  • Igor Radovanov

    (@igorradovanov)

    Hello @wanderingon,

    This message indicates that your WordPress debug log points to a directory that is public, usually, it is suggested to point the debug log to a directory that is not publicly accessible such as wp-content.

    Please see Debugging in WordPress article to learn more.

    WanderingOn

    (@wanderingon)

    Hi @igorradovanov

    Thanks for the quick reply.

    So, can I simply move the file to the wp-content directory?

    Will I need to update any paths or anything else after moving it?

    Thanks for your help

    Igor Radovanov

    (@igorradovanov)

    Hello again,

    Yes, it’s best to move the existing log file to the wp-content directory (make sure that wp-content is also not publicly visible, depends on the security applied to the server).

    You will also need to update the path in the wp-config file that defines the location of the debug log file. Look for a define( 'WP_DEBUG_LOG', '/path/' ); constant and remove it/comment it out since by default it points to wp-content directory 🙂

    WanderingOn

    (@wanderingon)

    Hi again @igorradovanov

    It seems that the debug log is already located in the wp-content directory. In this instance what do you recommend?

    Thanks

    Igor Radovanov

    (@igorradovanov)

    @wanderingon Thank you for the message 🙂

    Is your wp-content directory, just on its own (ie. example.com/wp-content/) publicly visible?

    WanderingOn

    (@wanderingon)

    I visited mydomain.com/wp-content/ and I got a blank page with the following error: “Error occurred: 403 – forbidden. Apache server at: xxxx”

    Does this mean that it is private?
    In this case, can I ignore the message in Site Health?
    Is there any way to remove this error message from Site Health?

    Thanks again for your help @igorradovanov – much appreciated!

    Igor Radovanov

    (@igorradovanov)

    @wanderingon

    Yes, the 403 forbidden message indicates your server permissions are properly set which is great.

    Please make sure your WP Debug is disabled, if not, disable it by setting both WP_DEBUG and WP_DEBUG_LOG constants in your wp-config file to false:

    define( ‘WP_DEBUG’, false );

    define( ‘WP_DEBUG_LOG’, false );

    WanderingOn

    (@wanderingon)

    Hi @igorradovanov

    That worked perfectly, thank you. The error has now disappeared from the Site Health report.

    Thanks again for your help.

    All the best.

    Igor Radovanov

    (@igorradovanov)

    @wanderingon Awesome – I’m glad I was able to help 🙂

Viewing 9 replies - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.