[wp-trac] [WordPress Trac] #46689: Site Health: Your site is set to log errors to a potentially public file

WordPress Trac noreply at wordpress.org
Thu Mar 28 09:21:14 UTC 2019


#46689: Site Health: Your site is set to log errors to a potentially public file
----------------------------+-----------------------------
 Reporter:  knutsp          |      Owner:  (none)
     Type:  defect (bug)    |     Status:  new
 Priority:  normal          |  Milestone:  Awaiting Review
Component:  Administration  |    Version:  trunk
 Severity:  normal          |   Keywords:
  Focuses:                  |
----------------------------+-----------------------------
 > The value, `WP_DEBUG_LOG`, has been added to this websites configuration
 file. This means any errors on the site will be written to a file which is
 potentially available to normal users.

 The value of `WP_DEBUG_LOG` in my case is a file path in the user root,
 above the `public_html` folder and should be safe as anything else there.

 I suggest, in case it's not false to begin with, then
  ` if (WP_DEBUG_LOG !== true)`
 to check if `WP_DEBUG_LOG`, treated as a path, is ''above'' `ABSPATH`
 ''and'' this folder does ''not contain'' an `index.php` file, it's ignored
 and considered safe, otherwise it fails with this warning.

 The last condition will ensure there is no (PHP based) webapp, like
 WordPress, based in that folder, which could happen when the actual site
 in a subfolder of another WordPress installation, as in my case here.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/46689>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list