Tracking PHP errors is a must when troubleshooting unexpected issues, related to plugins, themes. But you don’t want to have them visible on your site, especially not your customers. Here is a tutorial how to log all PHP errors behind the scenes to a private file.
Tracking your site’s PHP errors is an excellent way to manage and troubleshoot unexpected issues related to plugins and themes. Even better, monitoring PHP errors behind the scenes via private log is far better than trying to catch them as they appear at random visits.
By default, the PHP display_errors setting is set on. You can read more about display_errors at PHP: Error Handling and Logging Functions. There are few important things that you should know about the error messages that is sent to the browser by display_errors.
Usually these error messages contains sensitive information about the web application environment that you are running and could lead to unwanted security threat. It is even stated in the manual that it is not recommended to enable this feature on a production site.
To disable or switch it off (assuming that you’re on a shared hosting which have limited super power), simply add the following lines to your .htaccess file.
;# hide php errors
;php_flag display_startup_errors off
;php_flag display_errors off
;php_flag html_errors off
With that in place, PHP errors will no longer be displayed publicly on your site. This eliminates a potential security risk, and keeps those ugly, unintelligible PHP errors from breaking your site layout and disorienting your visitors. No editing required for this code.
Now that we have hidden PHP errors from public view, let’s enable the logging of PHP errors so that we can privately keep track of them. This is done by including the following .htaccess directives to your domain’s configuration file (httpd conf) or to your site’s root (or other target directory) .htaccess file:
# enable PHP error logging
php_flag log_errors on
php_value error_log /home/public_html/iyngaran.info/PHP_errors.log
For this to work, you will need to edit the path in the last line to reflect the actual location of your PHP_errors.log file. Of course, you will need to create this file and subsequently set the file permissions to 755 or, if necessary, 777. Finally, you need to secure the log file itself by adding this final line of code to your htaccess file:
;# prevent access to PHP error log
Order allow,deny
Deny from all
Satisfy All
Then, after everything is in place, check that everything is working by triggering a few PHP errors. You may also want to verify protection of your error log by trying to access it via a browser.