YII Framework / Error Display / Stack Trace

  • Resolved Wombat

    (@lewismedia)


    12 years, 7 months ago

    I’m a little worried about the fact that after installing this plugin, any error displayed is now shown in a verbose stack-trace format. I have display_errors set to off server-wide, but when this plugin is installed it shows everything under the hood… FAR more than I would ever want anyone to see.

    Yes, the site should be error-free, but what if a plugin update causes an error to pop up that is not caught immediately? This seems like a pretty serious security threat, one that is created by installing a plugin intended to secure my website. Please advise.

    http://wordpress.org/plugins/ose-firewall/

Viewing 1 replies (of 1 total)
  • Plugin Author Helix.L

    (@prohelix)

    12 years, 7 months ago

    Hi Wombat

    Yes, we agree that the error with stack trace format should not be shown in the frontend, though we strongly suggest a website be error free.

    We improved our codes in 2.1.4, adding an option called ‘Detect errors in the website?” in the scanning configuration section.

    Please choose Disabled for this option and the errors will not show up in the frontend.

    Best wishes
    Helix

Viewing 1 replies (of 1 total)

The topic ‘YII Framework / Error Display / Stack Trace’ is closed to new replies.