Enabling PHP warnings via .htaccess file is useful when you initially developing and debugging your websites. But once website development is completed you should turn off PHP warnings.
But, why to disable PHP warning in htaccess?
Untrusted sources can see detailed web application environment error messages. In which having sensitive information that can be used for attack.
Error messages can reveal information about your website, such as path information and variables. That can be used by attacker to hack your website or web application. So you can check here and secure site by migrating HTTP to HTTPS.
Let’s see how to secure your important information by turning off PHP warning.
How to turn off PHP warning messages?
It is highly recommended to turn off PHP warnings in htaccess in order to avoid leakage of important information.
You can disable PHP warnings using display_errors from your .htaccess file.
Steps you need to follow to remove PHP warnings with .htaccess
1] Login into your cPanel account.
2] Select File Manager in File Section.
3] Click on the settings.
4] Enable check box “Show hidden files”.
5] Select .htaccess file and click on Edit option.
6] Add single a line in .htaccess file and click on Save Changes.
Code: php_flag display_errors off
We should disable PHP warning in .htaccess because,
- Common information is displayed in error massage like path location if we don’t turn off PHP warning.
- Attacker can visualize how your website is designed and structured, and make assumptions on where critical files are stored with the help of path locations.
- Path location expose Webroot path that can help attacker to gain illegal access to the site.
In this way you can turn off warning messages in PHP using .htaccess file cPanel and can protect your website from Hacker.
If you have any doubts or any problems then please let us know through your comment, we will defineatly try to solve your problems.
For additional information you can click here and learn how to secure your website from hacker.