Jump to content

Recommended Posts

Posted

hi...  i feel very happy and comforable here .... i am bringing some sites and webpages from my home server to here, step by step

however i had to adapt some pages to these conditions, nothing too serious .... but some things i noted is about php logs management DEFAULTS making debuging applications very hard and risky... i know it could be changed at runtime with ini_set().. but for every php file in the sites?, i don't think so, that is for i mean the default server wide php values

  • error_log is not defined = that means php error logs (actual errors or error_log() messages) finally got "mixed" with apache/nginx error.log, making difficult to isolate and read... i think better it should have its own <user folder>/logs file
  • display_errors is on = meaning that on some error, log messages are mixed with http body/html code, turning the responses and pages a mess making debugging very hard, and site dangerous because risk of exposing site internals

additional question: is there some "tail -f | grep" admin panel, or php script? ..  thanks

Posted

The display errors is intentionally turned on because a large number of our users use our platform for code development, and the errors are a lot more meaningful than a blank page or 500 error. We won't be turning this off either as doing so results in a a substantially higher number of support requests based on past experiences. If you don't want the errors to show, you can hide them by adding error_reporting(0); to the top of your code.

As for error_log, the old cpanel servers used to generate an error_log in the same folder as the PHP script that contained its errors, but Plesk just dumps it all in ~/logs/error_log. This might be something to consider down the road if enough people ask for the old behavior back.

 

Posted
6 hours ago, wolstech said:

The display errors is intentionally turned on because a large number of our users use our platform for code development (...)

i understand....  but could you at least give us the chance to custom this value as desired, in admin panel, per user?....  because...

 

6 hours ago, wolstech said:

If you don't want the errors to show, you can hide them by adding error_reporting(0); to the top of your code.

... that would mean in a program with, lets say, 50 php files, we must add "error_reporting(0)" in almost ALL files...  the thing gets much more complicated with third party written apps/libs that we dont know the code :( ... applications breaks layout or just show blank screens, or stuck in infinite loops.. we dont know what happens and debugging is a nightmare because code turn a mess

.... additionally, more skilled users could just disable error_reporting if they wish, and enable if they need, directly without staff intervention, releaseing your responsibility to do it (i.e. against related support requests you could simply answer "do it for yourself in admin panel")....

  in addition, i think the security (exposing site internals, increasing hacking chances) is a strong enough reason to try leave disabled by default server wide, but if you get flooded with support messages at least give us the chance to disable it by ourselves

moreover... it could be fantastic if we could customize some other php ini values per user in admin panel.. i think in a bunch of php ini options that will be very useful for us to customize, without compromising server stability ... please consider, thanks

maybe i could help with some scipt or coding (bash?, php?)

Posted

You just add it to a common include that's used by everything. For example, in Wordpress you could put this in the wp-config file and it'd apply to every PHP file in the program. It takes literally seconds for anyone with basic PHP skills to turn this off on their own. Plesk does not have a way to allow only this option to be changed by users. We'd have to allow editing of a whole bunch of options that would also allow things like changing the timeout and memory limits, which we don't want to allow to prevent overuse of resources and crashing the server.

That said, we can turn it off per domain on the admin side if you really don't want to edit your code. Do you want me to turn it off for the atesin account?

Posted

hi wolstech .....  yes i know this can be achieved with a common include amongst thousand other ways of doing, but all of these involve modifying code in many files, and many times that code is not mine ...  additionally i am not currently using wordpress, maybe in the future i will install mybb or some other (cakephp?, laravel?, drupal?, kumbiaphp?)

i am actually asking for a way to EDIT PHP.INI FILE server side trough admin panel or something, at least partially, by user (except shell_exec and critical configurations)...  that will give us a little more control, making the hosting a little better... and will release you some work

anyway... "error_reporting(0)" will disable error reporting completely, eveywhere... i instead would like to modify "display_errors", to not disable errors at all, but just hide them from output buffer, globally in my site, maybe with other variables too, from admin panel or some other way, to not having to modify too much files, even files with code i dont know

Posted
33 minutes ago, atesin said:

i am actually asking for a way to EDIT PHP.INI FILE server side trough admin panel or something,

This is intentionally prohibited. If we allowed it, users could do things like extend the script timeout or memory limits to ridiculous values, which will result in the server becoming extremely slow and/or crashing (if there was a way to allow just the error reporting setting to be changed by users, that'd be different, but Plesk's option for this is all or nothing, so we have to pick nothing). We already have enough issues keeping the servers fast, letting a user set their account so it can hog all of the RAM and CPU would just be a disaster waiting to happen.

You have to remember that you're one of many accounts on the server, and our servers aren't anywhere near as powerful as the massive paid providers. We also host many times more websites per server than large providers who have more hardware do. We can't speak to Plesk quite yet since its still new, but to give an idea, back when we ran cPanel, cPanel said the servers were good for about 300 accounts each...we managed to put over 1000 on Johnny alone, and cP support flatly told us we were the most extreme use case of their product they had ever seen. We expect Plesk to be similar.

As a result, you want the ability to change php.ini, you'll need to buy a VPS from us instead: https://heliohost.org/vps/ With that you have full root access and can configure it however you want. Otherwise, you're limited to what can be done with an .htaccess file and editing the code.

Posted
5 hours ago, atesin said:

(...) at least partially, by user (except shell_exec and critical configurations)

i never meant the ability to edit the WHOLE php.ini file, i am aware of the risks...  i mean things related with scripts and development and runtime like log system, timezones, charsets and that kind of things, mainly aimed to logging development and production... managing logs is important in development stage to "hear" what the program is saying, and in production debugging errors later if needed

for example, i think we should have these php.ini configurations in the server, at least i would like being able to configure these directives, in my admin panel:

  • log_errors = FIXED: "1": to always send error messages to file pointed in "error_log" (next directive) instead of server syslog
  • error_log = FIXED: "/home/<user-folder>/logs/php_error.log" or some file inside user logs folder, to separate from apache error.log
  • display_errors = customizable by user in admin panel, any default value (on|off)...  to print messages breaking the page, depending on development status and personal preferences (still messages will go to "error_log" (above) anyway)
  • error_reporting = customizable by user in admin panel (so some crazy user could even disable logging as you suggested if he/she wants), any default value
  • date.timezone = customizable by user in admin panel, any default.. sometimes affects logging and script behavior
Posted
20 hours ago, atesin said:

i never meant the ability to edit the WHOLE php.ini file, i am aware of the risks...  i mean things related with scripts and development and runtime like log system, timezones, charsets and that kind of things, mainly aimed to logging development and production... managing logs is important in development stage to "hear" what the program is saying, and in production debugging errors later if needed

for example, i think we should have these php.ini configurations in the server, at least i would like being able to configure these directives, in my admin panel:

  • log_errors = FIXED: "1": to always send error messages to file pointed in "error_log" (next directive) instead of server syslog
  • error_log = FIXED: "/home/<user-folder>/logs/php_error.log" or some file inside user logs folder, to separate from apache error.log
  • display_errors = customizable by user in admin panel, any default value (on|off)...  to print messages breaking the page, depending on development status and personal preferences (still messages will go to "error_log" (above) anyway)
  • error_reporting = customizable by user in admin panel (so some crazy user could even disable logging as you suggested if he/she wants), any default value
  • date.timezone = customizable by user in admin panel, any default.. sometimes affects logging and script behavior

Unfortunately, Plesk does not provide that level of configuration to the hosting accounts.

To allow those PHP directives we would have to also allow other that may lead to security or performance issues.

Now that it is explained why we cannot allow users to change them, let's analyze your list:

  • log_errors: Its default is already set to "On".
  • error_log: That one has no default set. I'll take your suggestion to our root admins so they can check if it is desired to add it to all servers/user accounts.
  • display_errors: Its default is set to "On". As wolstech said, it is possible for our root admins to change it per domain if a user requests it.
  • error_reporting: Its default is set to "22519", which is equivalent to "error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED);". I believe it is also possible for a root admin to change it per domain if a user requests it, but only them can guarantee if it is possible.
  • date.timezone: That one also has no default set. But considering our servers default time zone is set to "UTC" (which is a good practice when dealing with different, multiple or even unknown time zones) I do not see what would be the problem here.
Posted

really?? ...  could you please also disable "display_errors" just for me at least? ..  which is the formal procedure to request it???

to see errors in both places is redundant... i would prefer not to see errors printed on page if they are already shown on logs, is cleaner

another huge complication with "display_errors = on" is for example ajax... some ajax pages take the response in json, xml, csv, text or whatever format or api, in background, parse it and you see result in page accordingly....  if some unexpected error occurs, error messages will be inserted between the response that will break the entire parsing, turning pages and apps a disaster

thanks for your diligence

Posted

could be 2? ...  "al-anon.cl" and "officenet.cl" ... the one of my organization (i am currently wotking on it) and the one of mine (later i will work on it)

thank you so much

  • wolstech changed the title to [Solved] php error_log

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...