Celebrating 20 years online :)
Web Dev + WordPress + Security

How to Enable PHP Error Logging via htaccess

In this brief tutorial, I will show Apache users how to suppress PHP errors from visitors and enable PHP error logging via htaccess.

Tracking your site’s PHP errors is an excellent way to manage and troubleshoot unexpected issues related to plugins and themes. Even better, monitoring PHP errors behind the scenes via private log is far better than trying to catch them as they appear at random visits. Thanks to the magical powers of htaccess, there is an easy way to implement this effective strategy.

Hide PHP errors from visitors

In our article, , we discuss a technique whereby PHP errors are suppressed via htaccess. This is done by including the following directives to your domain’s httpd.conf or to your site’s root (or other target directory) htaccess file:

# supress php errors
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off

With that in place, PHP errors will no longer be displayed publicly on your site. This eliminates a potential security risk, and keeps those ugly, unintelligible PHP errors from breaking your site layout and disorienting your visitors. No editing required for this code.

Enable private PHP error logging

Now that we have hidden PHP errors from public view, let’s enable the logging of PHP errors so that we can privately keep track of them. This is done by including the following htaccess directives to your domain’s httpd.conf or to your site’s root (or other target directory) htaccess file:

# enable PHP error logging
php_flag  log_errors on
php_value error_log  /home/path/public_html/domain/PHP_errors.log

For this to work, you will need to edit the path in the last line to reflect the actual location of your PHP_errors.log file. Of course, you will need to create this file and subsequently set the file permissions to 755 or, if necessary, 777. Finally, you need to secure the log file itself by adding this final line of code to your htaccess file:

# prevent access to PHP error log
<Files PHP_errors.log>
 Order allow,deny
 Deny from all
 Satisfy All

Then, after everything is in place, check that everything is working by triggering a few PHP errors. You may also want to verify protection of your error log by trying to access it via a browser.

About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
Digging Into WordPress: Take your WordPress skills to the next level.

9 responses to “How to Enable PHP Error Logging via htaccess”

  1. Yr codes let my .htaccess spoilt…

    [ Editor’s note: comment edited to remove the redundant list of PHP errors.. ]

  2. Nvm. i think i got it mix up.

  3. Perishable 2008/01/27 8:52 am

    Hopefully everything worked out for you, jonathan..

  4. Seems to cause an error 500 – Internal Server Error on my site…..

  5. Actually, it looks like they do, as the server is running under CGI:

    I’m going to contact the host and see what they can do about it. Thanks for the article, and the BLAZING fast response, keep up the great work!!


  6. Perishable 2008/04/28 3:28 pm

    Some hosts disable this feature by default.. If you have not already done so (and aren’t sure about it), I would contact your host and ask them if php error logging is enabled via htaccess. If necessary, use this article as a reference.

  7. Perishable 2008/04/28 3:35 pm

    No sweat — let me know how it goes!

  8. Works like a charm.. You just saved my day. Thanks a million.

  9. Jeff Starr 2009/05/27 7:22 am

    @JakubG: My pleasure — glad to be of service! :)

Comments are closed for this post. Something to add? Let me know.
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
.htaccess made easy: Improve site performance and security.
Crazy that we’re almost halfway thru 2024.
I live right next door to the absolute loudest car in town. And the owner loves to drive it.
8G Firewall now out of beta testing, ready for use on production sites.
It's all about that ad revenue baby.
Note to self: encrypting 500 GB of data on my iMac takes around 8 hours.
Getting back into things after a bit of a break. Currently 7° F outside. Chillz.
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.