Defender - Hide Error Reporting

What does this function actually do?

In addition to hiding error logs, developers often use the built-in front-end PHP and scripts error debugging feature, which displays code errors on the front-end. This provides hackers yet another way to find loopholes in your site's security.

HOW TO FIX

All PHP errors are hidden..

  • Predrag Dubajic

    Hey Rich,

    Hope you're doing well today :slight_smile:

    In your wp-config.php file there's wp_debug mode that is disabled by default but you can enable it when checking for plugin or theme issues/code errors, however it's suggested that you leave this disabled on live site and only activate it on staging site or while developing.

    Leaving this ON on your live site can make your site vulnerable since it's showing where the weak points are.
    If you want to get errors from your live site you should go to wp-config.php file and replace this line of code define('WP_DEBUG', false); with this:

    // Enable WP_DEBUG mode
    define('WP_DEBUG', true);
    
    // Enable Debug logging to the /wp-content/debug.log file
    define('WP_DEBUG_LOG', true);
    
    // Disable display of errors and warnings
    define('WP_DEBUG_DISPLAY', false);
    @ini_set( 'display_errors', 0 );

    This way you will still catch the errors but instead of showing them publicly it will be stored in debug.log file which will be created automatically in your /wp-content/ folder.

    Hope this helps :slight_smile:

    Best regards,
    Predrag

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.