1

I have a website on WordPress.

Versions:

  • WordPress 3.3.1
  • PHP 7.2.13
  • Apache 2.4.37

My problem is that, error_log file is exposed to be viewed from url.

For example:

www.example.com/wp-content/themes/MyThemeName/error_log

Can you please help me with dealing this and restricting access to error_log ?!

MrWhite
  • 12,647
  • 4
  • 29
  • 41
nika
  • 11
  • 1

1 Answers1

3

Best is to reconfigure your website to NOT store log files in a public directory in the first place.

Adding the following to your httpd.conf (or if you must, to a .htaccess file) is one way to block access to specific files:

<Files "error_log">
  Require all denied 
</Files>
HBruijn
  • 77,029
  • 24
  • 135
  • 201
  • I tried this code into .htaccess and restarted server. url is still accessible and logs in it are visible. – nika Apr 25 '19 at 10:03