[wp-trac] [WordPress Trac] #46689: Site Health: Your site is set to log errors to a potentially public file
WordPress Trac
noreply at wordpress.org
Thu Mar 28 09:21:14 UTC 2019
#46689: Site Health: Your site is set to log errors to a potentially public file
----------------------------+-----------------------------
Reporter: knutsp | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: trunk
Severity: normal | Keywords:
Focuses: |
----------------------------+-----------------------------
> The value, `WP_DEBUG_LOG`, has been added to this websites configuration
file. This means any errors on the site will be written to a file which is
potentially available to normal users.
The value of `WP_DEBUG_LOG` in my case is a file path in the user root,
above the `public_html` folder and should be safe as anything else there.
I suggest, in case it's not false to begin with, then
` if (WP_DEBUG_LOG !== true)`
to check if `WP_DEBUG_LOG`, treated as a path, is ''above'' `ABSPATH`
''and'' this folder does ''not contain'' an `index.php` file, it's ignored
and considered safe, otherwise it fails with this warning.
The last condition will ensure there is no (PHP based) webapp, like
WordPress, based in that folder, which could happen when the actual site
in a subfolder of another WordPress installation, as in my case here.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46689>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list