Nginx – Prevent Access to Debug file [closed]

I’ve frequently seen this used in Apache 2.2:

<Files "debug.log">
    Order allow,deny
    Deny from all
</Files>

but that’s deprecated in Apache 2.4:

The Allow, Deny, and Order directives, provided by mod_access_compat,
are deprecated and will go away in a future version. You should avoid
using them, and avoid outdated tutorials recommending their use.

I just tested with the Require directive in Apache 2.4:

Require all denied
Access is denied unconditionally.

with:

<Files "debug.log">
   Require all denied
</Files>

and it seems to block it with 403 forbidden.

Note that it will block access from example.tld/debug.log, example.tld/wp-content/debug.log etc.

Update

I just noticed that you mentioned NginX, so I tested various location patterns and this seems to work:

location ~* /debug\.log$
{
    deny  all;
}

where the ~* modifier is for case insensitive regular expression matching.

Related Posts:

  1. Is it possible to change the log file location for WP_DEBUG_LOG?
  2. Define WP_DEBUG conditionally / for admins only / log errors (append query arg for all links?)
  3. How do I find the version of WordPress I have from the source code?
  4. Control verbosity level of WP DEBUG?
  5. How to check if debug is true and can I use it for my own code? [duplicate]
  6. Suppress deprecated notices
  7. Debugging in WordPress
  8. Debug.log file is never created?
  9. Debugging WordPress themes with Xdebug, real time html output
  10. Easy code troubleshooting in wordpress
  11. Tutorials for Unit-Testing in WordPress and for unit-test.svn.wordpress.org?
  12. How to make debug.log timestamps local time?
  13. How to debug when error_log not working as expected
  14. How can I determine what php files are being called by a given WP page?
  15. Where should I tell WordPress where error_log messages should be written?
  16. How to set up plugin project with XDebug remote debugging in PhpStorm
  17. Disable Debug Log Programmatically
  18. How to empty debug.log when file size is above xyMB?
  19. Intercepting wp_mail() to view contents
  20. Where’s The Best Place to use Register_Shutdown_Function()?
  21. Is it possible to set another language for debugging messages?
  22. Send specific users an email when posts are published
  23. Super WordPress debugging toolkit and triage procedures? [duplicate]
  24. if(!is_user_logged_in()) returns true when 404
  25. How to dump/log default values that are passed to hooks/filter functions?
  26. xdebug connects but won’t break in WordPress with vvv
  27. Using debug log in production, is that a security concern?
  28. The plugin generated xx characters of unexpected output. How to solve?
  29. debugging wordpress
  30. Enable WordPress Debug only for Admin
  31. wp-includes/comment-template.php:26 – Trying to get property of non-object
  32. PHP-FPM WordPress Debug
  33. Debugging preview not working problem
  34. Wordress debug log is not working
  35. Always keep a parameter in URL?
  36. How can I understand what is the cause of WP death (white screen)?
  37. Why does WordPress keep showing me error messages?
  38. Debug Notice: X is deprecated since version 4.5! Use Y instead
  39. Debug 500 Internal Server Error on WordPress blog
  40. “… logged-in …” seems top of my website
  41. PHP Notice – Custom Function
  42. Suddenly lots of bugs in my WP installation? [closed]
  43. Why does WP_DEBUG only work after wp_debug_mode() is called? [closed]
  44. Notice: Undefined index [closed]
  45. Notice: attribute_escape is deprecated
  46. How to disable JS? info windows from WP-FirePHP
  47. How do I acquire all the meta-information for a particular page I am on?
  48. How to find line of code causing wordpress deprecation notices
  49. Best location for a debugging script
  50. Debug Errors, site health
  51. problem with size of debug.log file
  52. What is debug.log.old? It seems to take up a lot of space
  53. Comment WP_DEBUG in wp-config file
  54. How can I remove text above the header? [closed]
  55. what are WP_DEBUG conditions?
  56. Best place to call xdebug helper functions?
  57. Cannot Modify Header Information – While trying logging in
  58. Running xDebug and NPM at the same time?
  59. 3,840 cronjobs with no action!
  60. Solution to White Screen of Death that does not require Web Server access?
  61. strange characters in debug file
  62. Notice on core function
  63. Step debug wp cron run – ideas how to get this working in PHPStorm with Xdebug?
  64. There is no any line related the error but it says critical error
  65. Display Custom Taxonomy Dropdown posts
  66. Correct my shortcode for displaying a category?
  67. error log is going to the wrong location, WP_DEBUG_LOG is ignored
  68. A bug happens in the Footer and the code keeps appearing
  69. debug.log is not created
  70. Error on add_submenu_page() declaration
  71. Debug info from request handler
  72. Debugging Mysterious PHP Addition
  73. WordPress seems broken when logged of
  74. Finding which functions were called
  75. Error on debug.log PHP Stric Standards and PHP notice
  76. Unable to load Posts list & Getting error 500 error
  77. Weird bug regarding the_excerpt()
  78. Debugging conundrum with a problem fixed by enabling WP_DEBUG
  79. Can’t show debug even after modifying wp-config
  80. how to error_log(wp_login_url())
  81. How do I issue a warning in a wordpress plugin?
  82. Method ‘post_title’ not found in class.
  83. How can I turn off WP_DEBUG_LOG messages coming from a specific plugin or theme?
  84. Theme parts path location dump
  85. Changes to WordPress database using phpMyAdmin not reflected on blog
  86. WP Debug set to true but still wsod
  87. How do you get the docroot directory?
  88. How to solve the fopen error?
  89. Why debug.log doesn’t work?
  90. debug notice on my WordPress site [closed]
  91. TGM plugin error in Theme Check Plugin
  92. How to check whether functions is deprecated or not?
  93. Why does my site generate .bt files?
  94. Any wordpress development tool to query its functions?
  95. WordPress not available to file using wp-env for xdebug requests
  96. when I Try to Create new Post or Page it goes Draft(I can’t post Anything)
  97. Error Function is_tax was called incorrectly
  98. How can I debug the TTFB in WP?
  99. Nginx WordPress and another Web app URL structure
  100. Possible to reverse proxy WP multisite to a separate server with NGINX?

Leave a Comment