Fix WordPress Debug Mode Security Warning

Fix WordPress Debug Mode Security Warning

Photo of author
Flo
73

⏲️ Estimated reading time: 2 min

πŸš€ Fix WordPress Debug Mode Security Warning

Your WordPress Site Health is warning you that WP_DEBUG_LOG is enabled, which can expose sensitive information in a publicly accessible file (/wp-content/debug.log).

βœ… How to Fix This Warning

There are two options to fix this:

1️⃣ Disable Debug Mode (Recommended for Live Sites)

If you no longer need debugging, disable it by editing your wp-config.php file.

πŸ”Ή Steps

Access your server via FTP, cPanel, or SSH.

Open wp-config.php, located in the root directory (/public_html/ or /var/www/html/).

Find these lines: 

define('WP_DEBUG', true);define('WP_DEBUG_LOG', true);define('WP_DEBUG_DISPLAY', false);

Change them to: 

define('WP_DEBUG', false);define('WP_DEBUG_LOG', false);define('WP_DEBUG_DISPLAY', false);

Save the file and refresh your WordPress Site Health page.

2️⃣ Keep Debug Mode Enabled but Secure the Log File

If you need debugging but want to protect the log file, move it to a non-public location.

πŸ”Ή Steps

  1. Move the log file outside the web-accessible directory.
    • Change this line in wp-config.php: define('WP_DEBUG_LOG', true);
    • To: define('WP_DEBUG_LOG', '/home/yourusername/logs/debug.log'); // Replace with a secure path
    • This ensures that only users with server access can see it.
  2. Prevent public access to debug.log with .htaccess (For Apache Servers)
    • Edit .htaccess in the wp-content/ directory and add: <Files "debug.log"> Order allow,deny Deny from all </Files>
  3. For Nginx Servers, block access via configuration:
    • Edit your Nginx config file (/etc/nginx/sites-available/default or similar): location ~* /wp-content/debug.log { deny all; access_log off; log_not_found off; }
    • Restart Nginx: sudo systemctl restart nginx
Debug Mode Enabled

βœ… Verify the Fix

  • Go to WordPress Dashboard > Tools > Site Health.
  • Check if the debug mode warning is gone.

πŸš€ Final Steps

Disable debug mode for live sites
Move debug logs to a non-public location if needed
Secure logs using .htaccess or Nginx rules

Now your WordPress site is secure! Let me know if you need help. πŸ”₯

Report an issue (max 5 words):

Only logged-in users can submit reports.

Discover more from HelpZone

Subscribe to get the latest posts sent to your email.

Want to support us? Let friends in on the secret and share your favorite post!

Related Posts

Photo of author

Flo

Fix WordPress Debug Mode Security Warning

Published

Update

Contact

Welcome to HelpZone.blog, your go-to hub for expert insights, practical tips, and in-depth guides across technology, lifestyle, business, entertainment, and more! Our team of passionate writers and industry experts is dedicated to bringing you the latest trends, how-to tutorials, and valuable advice to enhance your daily life. Whether you're exploring WordPress tricks, gaming insights, travel hacks, or investment strategies, HelpZone is here to empower you with knowledge. Stay informed, stay inspired because learning never stops! πŸš€

πŸ‘ Like us on Facebook!

Closing in 10 seconds

Leave a Reply

Help Zone

Β©All Rights Reserved

Bruxelles, Belgium

Copyright Β© 2016 - β„’ Help Zone β€’ BUILD with GeneratePress

Privacy Policy Terms of Service