atesin Posted March 10, 2023 Posted March 10, 2023 hi... i feel very happy and comforable here .... i am bringing some sites and webpages from my home server to here, step by step however i had to adapt some pages to these conditions, nothing too serious .... but some things i noted is about php logs management DEFAULTS making debuging applications very hard and risky... i know it could be changed at runtime with ini_set().. but for every php file in the sites?, i don't think so, that is for i mean the default server wide php values error_log is not defined = that means php error logs (actual errors or error_log() messages) finally got "mixed" with apache/nginx error.log, making difficult to isolate and read... i think better it should have its own <user folder>/logs file display_errors is on = meaning that on some error, log messages are mixed with http body/html code, turning the responses and pages a mess making debugging very hard, and site dangerous because risk of exposing site internals additional question: is there some "tail -f | grep" admin panel, or php script? .. thanks
wolstech Posted March 10, 2023 Posted March 10, 2023 The display errors is intentionally turned on because a large number of our users use our platform for code development, and the errors are a lot more meaningful than a blank page or 500 error. We won't be turning this off either as doing so results in a a substantially higher number of support requests based on past experiences. If you don't want the errors to show, you can hide them by adding error_reporting(0); to the top of your code. As for error_log, the old cpanel servers used to generate an error_log in the same folder as the PHP script that contained its errors, but Plesk just dumps it all in ~/logs/error_log. This might be something to consider down the road if enough people ask for the old behavior back.
atesin Posted March 11, 2023 Author Posted March 11, 2023 6 hours ago, wolstech said: The display errors is intentionally turned on because a large number of our users use our platform for code development (...) i understand.... but could you at least give us the chance to custom this value as desired, in admin panel, per user?.... because... 6 hours ago, wolstech said: If you don't want the errors to show, you can hide them by adding error_reporting(0); to the top of your code. ... that would mean in a program with, lets say, 50 php files, we must add "error_reporting(0)" in almost ALL files... the thing gets much more complicated with third party written apps/libs that we dont know the code ... applications breaks layout or just show blank screens, or stuck in infinite loops.. we dont know what happens and debugging is a nightmare because code turn a mess .... additionally, more skilled users could just disable error_reporting if they wish, and enable if they need, directly without staff intervention, releaseing your responsibility to do it (i.e. against related support requests you could simply answer "do it for yourself in admin panel").... in addition, i think the security (exposing site internals, increasing hacking chances) is a strong enough reason to try leave disabled by default server wide, but if you get flooded with support messages at least give us the chance to disable it by ourselves moreover... it could be fantastic if we could customize some other php ini values per user in admin panel.. i think in a bunch of php ini options that will be very useful for us to customize, without compromising server stability ... please consider, thanks maybe i could help with some scipt or coding (bash?, php?)
wolstech Posted March 11, 2023 Posted March 11, 2023 You just add it to a common include that's used by everything. For example, in Wordpress you could put this in the wp-config file and it'd apply to every PHP file in the program. It takes literally seconds for anyone with basic PHP skills to turn this off on their own. Plesk does not have a way to allow only this option to be changed by users. We'd have to allow editing of a whole bunch of options that would also allow things like changing the timeout and memory limits, which we don't want to allow to prevent overuse of resources and crashing the server. That said, we can turn it off per domain on the admin side if you really don't want to edit your code. Do you want me to turn it off for the atesin account?
atesin Posted March 11, 2023 Author Posted March 11, 2023 hi wolstech ..... yes i know this can be achieved with a common include amongst thousand other ways of doing, but all of these involve modifying code in many files, and many times that code is not mine ... additionally i am not currently using wordpress, maybe in the future i will install mybb or some other (cakephp?, laravel?, drupal?, kumbiaphp?) i am actually asking for a way to EDIT PHP.INI FILE server side trough admin panel or something, at least partially, by user (except shell_exec and critical configurations)... that will give us a little more control, making the hosting a little better... and will release you some work anyway... "error_reporting(0)" will disable error reporting completely, eveywhere... i instead would like to modify "display_errors", to not disable errors at all, but just hide them from output buffer, globally in my site, maybe with other variables too, from admin panel or some other way, to not having to modify too much files, even files with code i dont know
wolstech Posted March 12, 2023 Posted March 12, 2023 33 minutes ago, atesin said: i am actually asking for a way to EDIT PHP.INI FILE server side trough admin panel or something, This is intentionally prohibited. If we allowed it, users could do things like extend the script timeout or memory limits to ridiculous values, which will result in the server becoming extremely slow and/or crashing (if there was a way to allow just the error reporting setting to be changed by users, that'd be different, but Plesk's option for this is all or nothing, so we have to pick nothing). We already have enough issues keeping the servers fast, letting a user set their account so it can hog all of the RAM and CPU would just be a disaster waiting to happen. You have to remember that you're one of many accounts on the server, and our servers aren't anywhere near as powerful as the massive paid providers. We also host many times more websites per server than large providers who have more hardware do. We can't speak to Plesk quite yet since its still new, but to give an idea, back when we ran cPanel, cPanel said the servers were good for about 300 accounts each...we managed to put over 1000 on Johnny alone, and cP support flatly told us we were the most extreme use case of their product they had ever seen. We expect Plesk to be similar. As a result, you want the ability to change php.ini, you'll need to buy a VPS from us instead: https://heliohost.org/vps/ With that you have full root access and can configure it however you want. Otherwise, you're limited to what can be done with an .htaccess file and editing the code.
atesin Posted March 12, 2023 Author Posted March 12, 2023 5 hours ago, atesin said: (...) at least partially, by user (except shell_exec and critical configurations) i never meant the ability to edit the WHOLE php.ini file, i am aware of the risks... i mean things related with scripts and development and runtime like log system, timezones, charsets and that kind of things, mainly aimed to logging development and production... managing logs is important in development stage to "hear" what the program is saying, and in production debugging errors later if needed for example, i think we should have these php.ini configurations in the server, at least i would like being able to configure these directives, in my admin panel: log_errors = FIXED: "1": to always send error messages to file pointed in "error_log" (next directive) instead of server syslog error_log = FIXED: "/home/<user-folder>/logs/php_error.log" or some file inside user logs folder, to separate from apache error.log display_errors = customizable by user in admin panel, any default value (on|off)... to print messages breaking the page, depending on development status and personal preferences (still messages will go to "error_log" (above) anyway) error_reporting = customizable by user in admin panel (so some crazy user could even disable logging as you suggested if he/she wants), any default value date.timezone = customizable by user in admin panel, any default.. sometimes affects logging and script behavior
Kairion Posted March 13, 2023 Posted March 13, 2023 20 hours ago, atesin said: i never meant the ability to edit the WHOLE php.ini file, i am aware of the risks... i mean things related with scripts and development and runtime like log system, timezones, charsets and that kind of things, mainly aimed to logging development and production... managing logs is important in development stage to "hear" what the program is saying, and in production debugging errors later if needed for example, i think we should have these php.ini configurations in the server, at least i would like being able to configure these directives, in my admin panel: log_errors = FIXED: "1": to always send error messages to file pointed in "error_log" (next directive) instead of server syslog error_log = FIXED: "/home/<user-folder>/logs/php_error.log" or some file inside user logs folder, to separate from apache error.log display_errors = customizable by user in admin panel, any default value (on|off)... to print messages breaking the page, depending on development status and personal preferences (still messages will go to "error_log" (above) anyway) error_reporting = customizable by user in admin panel (so some crazy user could even disable logging as you suggested if he/she wants), any default value date.timezone = customizable by user in admin panel, any default.. sometimes affects logging and script behavior Unfortunately, Plesk does not provide that level of configuration to the hosting accounts. To allow those PHP directives we would have to also allow other that may lead to security or performance issues. Now that it is explained why we cannot allow users to change them, let's analyze your list: log_errors: Its default is already set to "On". error_log: That one has no default set. I'll take your suggestion to our root admins so they can check if it is desired to add it to all servers/user accounts. display_errors: Its default is set to "On". As wolstech said, it is possible for our root admins to change it per domain if a user requests it. error_reporting: Its default is set to "22519", which is equivalent to "error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED);". I believe it is also possible for a root admin to change it per domain if a user requests it, but only them can guarantee if it is possible. date.timezone: That one also has no default set. But considering our servers default time zone is set to "UTC" (which is a good practice when dealing with different, multiple or even unknown time zones) I do not see what would be the problem here.
atesin Posted March 13, 2023 Author Posted March 13, 2023 really?? ... could you please also disable "display_errors" just for me at least? .. which is the formal procedure to request it??? to see errors in both places is redundant... i would prefer not to see errors printed on page if they are already shown on logs, is cleaner another huge complication with "display_errors = on" is for example ajax... some ajax pages take the response in json, xml, csv, text or whatever format or api, in background, parse it and you see result in page accordingly.... if some unexpected error occurs, error messages will be inserted between the response that will break the entire parsing, turning pages and apps a disaster thanks for your diligence
atesin Posted March 13, 2023 Author Posted March 13, 2023 could be 2? ... "al-anon.cl" and "officenet.cl" ... the one of my organization (i am currently wotking on it) and the one of mine (later i will work on it) thank you so much
wolstech Posted March 13, 2023 Posted March 13, 2023 Display_errors has been turned off for the specified domains. It can take up to 2 hours for it take effect.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now