doumanju2533 2017-10-07 22:42
浏览 38
已采纳

正在阅读wordpress错误一个好主意?

I currently run a lamp stack with wordpress, and I don't believe the wordpress errors go into my apache logs.

I could modify wp-config to read the wordpress errors somewhere, but was wondering if it's worth the trouble if all the functionality works out.

Similarly, I have a lot of try and catch areas for php pdo database functions, and the functionality works out completely, was wondering if I should bother actually reading the errors there. Is that a security hazard, or is it something most people don't bother with.

Thanks

  • 写回答

1条回答 默认 最新

  • douliang1891 2017-10-07 23:12
    关注

    I wouldn't feel safe running my site if it regularly produces real errors. If you make it a habit to ignore the errors, you won't catch those that will bite you. Turn display_errors off for production, but don't hide the errors from your logs.

    Most logged errors are easy to fix. If I find that a plugin does produce a lot of errors, I overthink using that plugin and keep my eye open for alternatives. After all, if the developer didn't invest the time and effort to get the basic right, how much do you trust the security of that plugin?

    That said, I wouldn't read the error logs from start to finish on a busy site, but use scripts to filter out what I don't want to see because I already know about it but can't fix it. This means the usual 404s by buggy clients, exploit scanners, google hitting old content again and again etc, continuing the thought that if you train yourself to skip records, you will eventually skip records that you didn't want to skip.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?