Modify php.ini to mask error messages and log
- 2020-06-12 08:46:31
- OfStack
That's because php.ini turned off the error display and wrote the error as a file, which was set artificially, display_errors =on.
It is recommended to turn it on for debugging and then off for service.
1 point of information for you:
display_errors = On
By default, php turns on the error message. We change it to:
display_errors = Off
When the error display is turned off, the php function will no longer display the error message to the user, which will prevent the attacker from learning the physical location of the script and some other useful information from the error message to a certain extent, at least making the attacker's black box detection a certain obstacle. This error message may be useful for us to write to the specified file, so modify the following:
log_errors = Off
To:
log_errors = On
And specify the file, find the following line:
;error_log = filename
Get rid of the preceding; Comments to change the filename to the specified file, such as/usr local apache/logs/php_error log
error_log = /usr/local/apache/logs/php_error.log
All errors will be written to the php_error.log file.
====================================
error_reporting
Configure the level of error messages returned.
Grammar: int error_reporting(int [level]);
Return value: Integer
Function type: PHP system function
The parameter level is a bit mask of 1 integer (bitmask), as shown in the table below.
The mask value represents the name
1 E_ERROR
2 E_WARNING
4 E_PARSE
8 E_NOTICE
16 E_CORE_ERROR
32 E_CORE_WARNING
E_NOTICE means that 1 is not recorded and is only used if there is a program error, such as trying to access a variable that does not exist, or calling the stat() function to view a file that does not exist.
E_WARNING is usually displayed but does not interrupt the execution of the program. This is good for debugging. For example: call ereg() with the problematic regular expression.
E_ERROR is usually displayed and also interrupts program execution. This mask is meant to be untraceable to memory configuration or other errors.
E_PARSE resolves errors from the syntax.
E_CORE_ERROR is similar to E_ERROR except for errors caused by the PHP core.
E_CORE_WARNING is similar to E_WARNING but does not include the PHP core error warning.
-- -- -- -- -- --
Additional:
1.
php file
error_reporting(7), where 7 is 1+2+4, returns 1 E_ERROR 2 E_WARNING 4 E_PARSE
2.
php. ini
display_errors = Off // Default is to turn off the error message
error_reporting = E_ALL // displays everything from bad coding practices to harmless tips to errors. Since the return information is too detailed to include harmless information, it is recommended to configure error_reporting = E_ALL in order to see actual tips during development & ~E_NOTICE
It is recommended to turn it on for debugging and then off for service.
1 point of information for you:
display_errors = On
By default, php turns on the error message. We change it to:
display_errors = Off
When the error display is turned off, the php function will no longer display the error message to the user, which will prevent the attacker from learning the physical location of the script and some other useful information from the error message to a certain extent, at least making the attacker's black box detection a certain obstacle. This error message may be useful for us to write to the specified file, so modify the following:
log_errors = Off
To:
log_errors = On
And specify the file, find the following line:
;error_log = filename
Get rid of the preceding; Comments to change the filename to the specified file, such as/usr local apache/logs/php_error log
error_log = /usr/local/apache/logs/php_error.log
All errors will be written to the php_error.log file.
====================================
error_reporting
Configure the level of error messages returned.
Grammar: int error_reporting(int [level]);
Return value: Integer
Function type: PHP system function
The parameter level is a bit mask of 1 integer (bitmask), as shown in the table below.
The mask value represents the name
1 E_ERROR
2 E_WARNING
4 E_PARSE
8 E_NOTICE
16 E_CORE_ERROR
32 E_CORE_WARNING
E_NOTICE means that 1 is not recorded and is only used if there is a program error, such as trying to access a variable that does not exist, or calling the stat() function to view a file that does not exist.
E_WARNING is usually displayed but does not interrupt the execution of the program. This is good for debugging. For example: call ereg() with the problematic regular expression.
E_ERROR is usually displayed and also interrupts program execution. This mask is meant to be untraceable to memory configuration or other errors.
E_PARSE resolves errors from the syntax.
E_CORE_ERROR is similar to E_ERROR except for errors caused by the PHP core.
E_CORE_WARNING is similar to E_WARNING but does not include the PHP core error warning.
-- -- -- -- -- --
Additional:
1.
php file
error_reporting(7), where 7 is 1+2+4, returns 1 E_ERROR 2 E_WARNING 4 E_PARSE
2.
php. ini
display_errors = Off // Default is to turn off the error message
error_reporting = E_ALL // displays everything from bad coding practices to harmless tips to errors. Since the return information is too detailed to include harmless information, it is recommended to configure error_reporting = E_ALL in order to see actual tips during development & ~E_NOTICE