WordPress Debug Mode Vulnerabilities Detected

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Bowo

    (@qriouslad)

    2 years, 1 month ago

    The screenshot you sent is what DLM is supposed to do in wp-config.php.

    The title of your post is “Vulnerabilites Detected”…. where do you see this message?

    With DLM activated and logging enabled, you should be seeing PHP errors in the DLM dashboard and not elsewhere. Is that not the case in your site?

    Thread Starter kingbrown75

    (@kingbrown75)

    2 years, 1 month ago

    The message is seen within the GoDaddy dashboard https://prnt.sc/m3sbBcfiG1HC

    https://prnt.sc/L6cge0PHvqkT

    https://prnt.sc/KpmfzipMcmVq

    https://managewp.com/faq/general-faq#security-scan

    https://prnt.sc/YyLIrwr42nsF

    Hope this helps!!

    • This reply was modified 2 years, 1 month ago by kingbrown75.
    Plugin Author Bowo

    (@qriouslad)

    2 years, 1 month ago

    Got it. Thanks. This screenshot explains the reason: https://prnt.sc/YyLIrwr42nsF

    DLM does still place the debug log inside wp-content folder, but uses a random file name for it, e.g. siteid_20240328220751253582_debug.log which should help avoid hackers to easily find it and inspect potentially sensitive data included in the log file. This is a more secure approach than the default location wp-content/debug.log.

    If you think that is enough, you can ignore the warning on GoDaddy dashboard. If not, you probably need to find another solution/plugin to handle debugging and debug log file.

    On the flip side, it might be worth a shot to contact GoDaddy support to only show the vulnerability warning if the debug log file is in the default location, i.e. wp-content/debug.log, which is highly predictable.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘WordPress Debug Mode Vulnerabilities Detected’ is closed to new replies.