Symphony's issue tracker has been moved to Github.

Issues are displayed here for reference only and cannot be created or edited.


Closed#360: Verbose error messages should be able to be disabled on production environments

There should be a configuration setting to disable the verbose error handler page when deploying to production environments.

I think this a very good idea! I even think that being unable to switch off those verbose errors resp. warnings should be treated as a bug.

I’m inclined to agree.

Production sites should also have php_value display_errors off in the .htaccess

Bravo, thx.

What will be visible to the visitors when an error occurs?

Depends on the error. If it’s a warning, the site will continue to render. If it’s a fatal error, they will either see the plain PHP error or see a blank page if you disabled errors.

I tried to find a way to instead kick to a Symphony generated 500 or 404, however errors are a tricky thing and I couldn’t see an easy way to do this in 2.x

In the end, the main goal became to hide all that potentially sensitive information (backtraces of code and DB) from non-authenticated vistors.

The solution looks fine for me. Thanks, Alistair.

This issue is closed.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details