[wp-trac] [WordPress Trac] #47985: Site Health: log errors to public file

WordPress Trac noreply at wordpress.org
Mon Jan 13 14:31:00 UTC 2020 

#47985: Site Health: log errors to public file
------------------------------------+---------------------
 Reporter:  afragen                 |       Owner:  (none)
     Type:  enhancement             |      Status:  new
 Priority:  normal                  |   Milestone:  5.4
Component:  Site Health             |     Version:  5.2
 Severity:  normal                  |  Resolution:
 Keywords:  has-patch dev-feedback  |     Focuses:
------------------------------------+---------------------

Comment (by xkon):

 Can we discuss this "the other way around" if possible?

 I'm not sure if I'm missing anything from previous discussions but, why do
 we want to be flagging WP_DEBUG_LOG as `critical` in any case, I don't
 quite understand.

 For it to be enabled, it means that somebody altered the constant so that
 kind of puts them in a place that they are already "aware" of it being
 enabled (I'm not talking about plugin tampering I'm talking about the
 default behavior). On a case of plugin tampering, again most likely there
 would be a user action leading to that.

 The public/non-public view doesn't make a major difference in my eyes at
 least since they might also have DISPLAY on, so essentially all the errors
 could be in the wild either way. In this sense for this to be a critical
 issue then other constants should be raised as critical flags also.

 I can only agree with the part that a log might be potentially getting
 bigger and bigger and eventually cause issues regarding space. But that
 should be a fairly straightforward filesize check that we could implement
 on anything that is defined as a log ( either the debug.log or a custom ).

 From my point of view, this issue should've been under recommended
 improvements and not mentioned as a Critical one.

 Also if we do want to continue having this as a Critical issue then we
 might want to update https://wordpress.org/support/article/debugging-in-
 wordpress/ as well since there's nothing mentioned there regarding
 possible security implications or file size and other concerns :).

 Again sorry if I'm missing anything from previous chats either on other
 tickets or on slack!

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47985#comment:26>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list