Production site error reporting

[eluser]jules123[/eluser]
Hello,

I read some posts which recommend to turn off error reporting and db debug options for a production site. So the following -

Code:

error_reporting(0);
ini_set('display_errors', 0);
config/database.php - db_debug=FALSE

If I understand this correctly, with this, the users will not see the error, but may not have a clue that something went wrong. This seemed a bit restrictive, so I tried the following. I would like to have your comments on whether this seems ok or whether it will pose any security problems on a production site.

Code:

1. error_reporting(E_ERROR | E_WARNING); // note I haven't included E_PARSE
2. ini_set('display_errors', 1);
3. config/database.php - db_debug=TRUE

4. Added a parameter in a configuration file that identifies whether a site is production or not.
5. Modified the following views from application/errors folder that check if the site is production and if so, hide the detailed messages. So for a production site -
- error_404 - shows a line such as "The page you requested could not be located".
- error_general - shows the general message
- error_db - shows a line such as "A database error occured". Does NOT display the
actual db error.
- error_php - shows only a line such as "A script error occured". Does NOT display
severity, message, filename, line number etc.
All views show the standard site header/footer, the time of the error and ask the users to contact the sysadmin with the error.
6. I also plan to have config/config.php - $config['log_threshold'] = 2;
so all errors and details will be logged.

Comments/suggestions appreciated!

[eluser]jules123[/eluser]
Trying to give a bump! Anybody, any thoughts? Would be helpful!

[eluser]TheFuzzy0ne[/eluser]
Is there a specific question hiding in there somewhere? I read it, and everything sounded fine to me, so I'd guess that everyone who read your post agrees with what you're doing. If you have a specific question, please ask it.

[eluser]jules123[/eluser]
Sorry! The question as from my initial post is: "I would like to have your comments on whether this seems ok or whether it will pose any security problems on a production site.".

So I take it then that this seems ok and I am not completely off here. Thanks!

[eluser]TheFuzzy0ne[/eluser]
I think it's quite acceptable, so long as you're happy that if there is an error, your users may see the file name and line number where the error is.

One alternative might be to create your own error handler. The user could see the error on the page, with no file name or line number, and the full error information could be logged for you to see (perhaps with Email integration to let you know of the error).

With db_debug however, I don't think I'd have that enabled on a production site. Then again, I use active record, which makes it next to impossible to exploit my database anyway. However, it's still wise to just not show the information to begin with.

In a nutshell, I think you've done fine, although you've got me thinking that perhaps CodeIgniter should support a "developement" and "production" mode.

[eluser]jules123[/eluser]
Thanks for the reply TheFuzzyOne. Yes, it will be great if CI supports development and production mode.

Please note that I am setting the "mode" as a configuration option and depending on the mode, the views (that show the errors) display less or more info. Thus I am making sure that the production users do not see detailed db messages or filename, line numbers etc. Everything gets logged though in the log files.


For example (as mentioned in my original post) - for production site:
- error_db - shows a line such as “A database error occured”. Does NOT display the actual db error.
- error_php - shows only a line such as “A script error occured”. Does NOT display severity, message, filename, line number etc.

[eluser]Samuel Wan[/eluser]
Thanks for posting your solution!

I'm new to Code Igniter, and wondered which file should contain your code in order to affect all controllers in the application?

Code:

error_reporting(0);
ini_set('display_errors', 0);
config/database.php - db_debug=FALSE

[eluser]TheFuzzy0ne[/eluser]
Can you be more specific? What code exactly? Settings? Functions?

[eluser]Samuel Wan[/eluser]
Specifically, the three commands to set error_reporting(0), setting display_errors=0, and setting db_debug to false.

Code:

error_reporting(0);
ini_set('display_errors', 0);
config/database.php - db_debug=FALSE

Do you put the first two commands in the config/config.php file and the third command in the config/database.php file?

Is there a place to put PHP code that will execute before any controller is loaded and executed?

Thanks!

[eluser]TheFuzzy0ne[/eluser]
error_reporting() is set within the index.php, before anything else.

db_debug is set from within ./system/application/config/database.php.

It's up to you whether you want to put the call to ini_set() in the index.php or in an individual script that's loaded every time a request is made. Personally, I think that a config file might be the wrong place to put it, as config.php contains an array of settings, however, others may disagree.

I'd probably stick it into the index.php file if it was something I wanted to set for every request. Especially if it's something that needs to be set before any code even starts running.