Enabling logging is an excellent way to debug WordPress code when something doesn’t behave as it should in our website. There’re two options to show us the log, thou. One is by presenting warnings and errors directly in the pages and the other is saving it to a file situated in wp-content
directory, called debug.log
.
To enable logging you should add the following code to your wp-config.php
file:
define('WP_DEBUG', true); define('WP_DEBUG_LOG', true); define('WP_DEBUG_DISPLAY', false);
The first line enables logging, next line activates debug.log
file usage, and finally the third option specifies that these warnings won’t be shown on your site.
The problem is that, by default, this file is publicly accessible through http://mydomain.com/wp-content/debug.log what suppose a security risk.
But there’s a very simple way to avoid this access (if you’re using Apache webserver). You just need to create or edit your .htaccess
file and add this code:
# Block debug.log access <Files "debug.log"> Order Allow,Deny Deny from all </Files>