How to disable error message output in WordPress_PHP Tutorial
I used website security detection to scan the blog and found a vulnerability. In fact, if I access the theme path directly, the get_header() function does not take effect (Call to undefined function get_header()), and my WordPress will output The complete error message exposes the directory structure of sensitive names. Although it has no impact on normal access, it will give some people an opportunity to take advantage of it. I often see many people scanning various blog paths or files in the backend of the blog. Solving as many vulnerabilities as possible will greatly enhance the security of the website. Let me show you the security of my blog. It’s 100 points and there are no loopholes. Although it’s only superficial, I will find solutions one by one!
The following is a detailed description of the problems and solutions I encountered for reference.
Environment: linux vps + lnmp
The complete error message is as follows:
Fatal error: Call to undefined function get_header() in /websiterootpath/izhangheng/wp-content/themes/twentytwelve/ on line 10
Solution:
If the WEB application comes with its own error handling/management system, please ensure that the function is turned on; otherwise, handle it separately according to language and environment. If it is a PHP application/Apache server, you can suppress the error message by modifying the php script, configuring the configuration items in php.ini and httpd.conf.
1.1. Modify the configuration line in php.ini: display_errors = off
2.2. Modify the configuration line in httpd.conf/apache2.conf: php_flag display_errors off
3.3. Modify the php script and add the line of code: ini_set(‘display_errors’, false);
For this problem, it is not perfect just not to display the error message. Jumping to the homepage after an error can avoid traffic loss. In my environment, the display of error messages is turned off by default. I only need to call the WordPress function before the source code of the vulnerable page. First, enter the appearance of the WordPress backend. For example, if you are editing the index.php home page template, change the header code to the following. Note that all symbols are in English.
| The code is as follows | |||||
|
|||||
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to adjust the wordpress article list
Apr 20, 2025 am 10:48 AM
There are four ways to adjust the WordPress article list: use theme options, use plugins (such as Post Types Order, WP Post List, Boxy Stuff), use code (add settings in the functions.php file), or modify the WordPress database directly.
What are the plugins for wordpress blocking ip
Apr 20, 2025 am 08:27 AM
WordPress IP blocking plugin selection is crucial. The following types can be considered: based on .htaccess: efficient, but complex operation; database operation: flexible, but low efficiency; firewall: high security performance, but complex configuration; self-written: highest control, but requires more technical level.
WordPress website account login
Apr 20, 2025 am 09:06 AM
To log in to a WordPress website account: Visit the login page: Enter the website URL plus "/wp-login.php". Enter your username and password. Click "Login". Verification Two-step Verification (optional). After successfully logging in, you will see the website dashboard.
What to do if there is an error in wordpress
Apr 20, 2025 am 11:57 AM
WordPress Error Resolution Guide: 500 Internal Server Error: Disable the plug-in or check the server error log. 404 Page not found: Check permalink and make sure the page link is correct. White Screen of Death: Increase the server PHP memory limit. Database connection error: Check the database server status and WordPress configuration. Other tips: enable debug mode, check error logs, and seek support. Prevent errors: regularly update WordPress, install only necessary plugins, regularly back up your website, and optimize website performance.
How to display wordpress comments
Apr 20, 2025 pm 12:06 PM
Enable comments in WordPress website: 1. Log in to the admin panel, go to "Settings" - "Discussions", and check "Allow comments"; 2. Select a location to display comments; 3. Customize comments; 4. Manage comments, approve, reject or delete; 5. Use <?php comments_template(); ?> tags to display comments; 6. Enable nested comments; 7. Adjust comment shape; 8. Use plugins and verification codes to prevent spam comments; 9. Encourage users to use Gravatar avatar; 10. Create comments to refer to
How to change the head image of the wordpress theme
Apr 20, 2025 am 10:00 AM
A step-by-step guide to replacing a header image of WordPress: Log in to the WordPress dashboard and navigate to Appearance >Theme. Select the topic you want to edit and click Customize. Open the Theme Options panel and look for the Site Header or Header Image options. Click the Select Image button and upload a new head image. Crop the image and click Save and Crop. Click the Save and Publish button to update the changes.
How to write a header of a wordpress
Apr 20, 2025 pm 12:09 PM
The steps to create a custom header in WordPress are as follows: Edit the theme file "header.php". Add your website name and description. Create a navigation menu. Add a search bar. Save changes and view your custom header.
How to build a website for wordpress host
Apr 20, 2025 am 11:12 AM
To build a website using WordPress hosting, you need to: select a reliable hosting provider. Buy a domain name. Set up a WordPress hosting account. Select a topic. Add pages and articles. Install the plug-in. Customize your website. Publish your website.
