Skip to content

Site Health false positive: WP_DEBUG_LOG warning when debug.log is outside wp-content - Ticket #64071 #10684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
hbhalodia wants to merge 26 commits into
base: trunk
Choose a base branch
from
+460 −14
Open

Site Health false positive: WP_DEBUG_LOG warning when debug.log is outside wp-content - Ticket #64071 #10684

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
f99e009
CoreTrac-64071 Show different warning if debug.log is publicly access…
hbhalodia Jan 6, 2026
bcebdf8
CoreTrac-64071 Update the wordings and code structure
hbhalodia Jan 6, 2026
3749fef
CoreTrac-64071 Add the directory separator to absolute path to preven…
hbhalodia Jan 8, 2026
8636002
CoreTrac-64071 Update wordings in message to show in site-health for …
hbhalodia Jan 8, 2026
ffda9d8
CoreTrac-64071 Check the directory of log instead of checking file
hbhalodia Jan 9, 2026
b98ece6
CoreTrac-64071 Fix phpcs error
hbhalodia Jan 9, 2026
2da8e22
CoreTrac-64071 Update the debug_log_path to use error_log config
hbhalodia Jan 9, 2026
97e37bd
Merge branch 'trunk' into fix/issue-64071
hbhalodia Jan 9, 2026
ad94980
CoreTrac-64071 Fix grammetical mistake
hbhalodia Jan 12, 2026
551f125
CoreTrac-64071 Update message based on how log file is being set
hbhalodia Jan 12, 2026
825148f
Merge branch 'trunk' into fix/issue-64071
hbhalodia Jan 12, 2026
d2a8e12
CoreTrac-64071 Address copilot feedbacks
hbhalodia Jan 12, 2026
940f58a
CoreTrac-64071 Fix phpcs error
hbhalodia Jan 12, 2026
556a7ea
Fix placement of translators comments
westonruter Jan 12, 2026
c2704e9
Improve phpdoc return tag
westonruter Jan 12, 2026
205b76e
Use else case
westonruter Jan 12, 2026
8286a6c
Resolve copilot feedbacks related to ternary operator and messaging
hbhalodia Jan 13, 2026
4fee6cf
Merge branch 'trunk' into fix/issue-64071
hbhalodia Jan 13, 2026
fc6c9d9
Add private members for debug constant to work with tests
hbhalodia Jan 13, 2026
a1cc880
Remove extra variable storage space and use private member
hbhalodia Jan 13, 2026
21a27a6
Add the test cases for the function get_test_is_in_debug_mode
hbhalodia Jan 13, 2026
dac31ed
Update failing unit test cases
hbhalodia Jan 13, 2026
51a93ed
Optimise test case to use dry
hbhalodia Jan 13, 2026
afc7b60
Fix unit test failing with error
hbhalodia Jan 13, 2026
fde7a6c
Fix phpcs issue and update messaging in unit tests
hbhalodia Jan 13, 2026
0ae1b81
Update the wp_debug_display private value to be set
hbhalodia Jan 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
104 changes: 90 additions & 14 deletions src/wp-admin/includes/class-wp-site-health.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,21 @@ class WP_Site_Health {
private $timeout_missed_cron = null;
private $timeout_late_cron = null;

/**
* @var bool
*/
private $wp_debug;

/**
* @var bool|string
*/
private $wp_debug_log;

/**
* @var bool|null
*/
private $wp_debug_display;

/**
* WP_Site_Health constructor.
*
Expand All @@ -54,6 +69,10 @@ public function __construct() {
add_action( 'wp_site_health_scheduled_check', array( $this, 'wp_cron_scheduled_check' ) );

add_action( 'site_health_tab_content', array( $this, 'show_site_health_tab' ) );

$this->wp_debug = defined( 'WP_DEBUG' ) && WP_DEBUG;
$this->wp_debug_log = defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG;
$this->wp_debug_display = defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ? WP_DEBUG_DISPLAY : null;
}

/**
Expand Down Expand Up @@ -1383,7 +1402,7 @@ public function get_test_dotorg_communication() {
*
* @since 5.2.0
*
* @return array The test results.
* @return array<string, string|array<string, string>> The test results.
*/
public function get_test_is_in_debug_mode() {
$result = array(
Expand All @@ -1408,23 +1427,80 @@ public function get_test_is_in_debug_mode() {
'test' => 'is_in_debug_mode',
);

if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
$result['label'] = __( 'Your site is set to log errors to a potentially public file' );
if ( $this->wp_debug ) {
if ( ! empty( ini_get( 'error_log' ) ) ) {
$debug_log_dir = realpath( dirname( ini_get( 'error_log' ) ) );
$absolute_path = realpath( ABSPATH ) . DIRECTORY_SEPARATOR;

$result['status'] = str_starts_with( ini_get( 'error_log' ), ABSPATH ) ? 'critical' : 'recommended';
if ( false === $debug_log_dir ) {
$log_path_status = 'error';
} elseif ( str_starts_with( $debug_log_dir . DIRECTORY_SEPARATOR, $absolute_path ) ) {
$log_path_status = 'public';
} else {
$log_path_status = 'private';
}

$result['description'] .= sprintf(
'<p>%s</p>',
sprintf(
/* translators: %s: WP_DEBUG_LOG */
__( 'The value, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is potentially available to all users.' ),
'<code>WP_DEBUG_LOG</code>'
)
);
if ( 'public' === $log_path_status ) {
$result['label'] = __( 'Your site is set to log errors to a potentially public file' );
$result['status'] = 'critical';

if ( $this->wp_debug_log ) {
$result['description'] .= sprintf(
'<p>%s</p>',
sprintf(
/* translators: %s: WP_DEBUG_LOG */
__( 'The constant, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is likely publicly accessible.' ),
'<code>WP_DEBUG_LOG</code>'
)
);
} else {
$result['description'] .= sprintf(
'<p>%s</p>',
__( 'The error log path has been configured to a file within the WordPress directory. This means any errors on the site will be written to a file which is likely publicly accessible.' )
);
}
} elseif ( 'private' === $log_path_status ) {
$result['label'] = __( 'Your site is set to log errors to a file outside the document root' );
$result['status'] = 'good';

if ( $this->wp_debug_log ) {
$result['description'] .= sprintf(
'<p>%s</p>',
sprintf(
/* translators: %s: WP_DEBUG_LOG */
__( 'The configuration constant, %s, is enabled. In addition, your site is set to write errors to a file outside the WordPress directory, which is a good practice as the log file should not be publicly accessible.' ),
'<code>WP_DEBUG_LOG</code>'
)
);
} else {
$result['description'] .= sprintf(
'<p>%s</p>',
__( 'The error log path has been configured to a file outside the WordPress directory. This is a good practice as the log file should not be publicly accessible.' )
);
}
} else {
$result['label'] = __( 'Unable to determine error log file location' );
$result['status'] = 'critical';

if ( $this->wp_debug_log ) {
$result['description'] .= sprintf(
'<p>%s</p>',
sprintf(
/* translators: %s: WP_DEBUG_LOG */
__( 'The configuration constant, %s, is enabled, but the log file location could not be determined.' ),
'<code>WP_DEBUG_LOG</code>'
)
);
} else {
$result['description'] .= sprintf(
'<p>%s</p>',
__( 'The error log path could not be determined. Please check your PHP configuration.' )
);
}
}
}

if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) {
if ( $this->wp_debug_display ) {
$result['label'] = __( 'Your site is set to display errors to site visitors' );

$result['status'] = 'critical';
Expand Down
Loading
Loading