Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on WordPress.

  1. In wp-config.php, disable debug output:

    define('WP_DEBUG', false);
define('WP_DEBUG_DISPLAY', false);
define('WP_DEBUG_LOG', false);

  2. If the site previously had WP_DEBUG enabled, ensure the debug.log file under wp-content/ is not publicly accessible (add a deny rule in .htaccess).

  3. Install a plugin such as "Query Monitor" only in development environments and never in production.

Back to top