Skip to content

Chris' Laboratory

chrislee.kr – Personal blog as bookshelves

Menu
  • Home
  • Github
  • Contact Me
Menu

Magento Commerce: Fixing “Exception printing is disabled by default for security reasons”

Posted on 18/03/201109/04/2011 by Chris Lee
Read Time:1 Minute, 52 Second

Original Article: http://screencastworld.com/2010/04/articles/magento-commerce-exception-printing-is-disabled-by-default-for-security-reasons

Whenever Magento 1.4.0.1 encounters an error condition you’re likely to see the message

There has been an error processing your request
Exception printing is disabled by default for security reasons
Error log record number: XXXXXXXXXXXXXXX

There has been an error processing your request

Unlike previous versions of Magento where it used to dump out the error report for the world to see, 1.4.0.1 now keeps the data private and accessible only for the administrators and instead we get “Exception printing is disabled by default for security reasons”.  This is because there’s information in the error reports which hackers may find useful, so it’s great to see Magento improving security.  This change in behaviour came in with 1.4.0.1 as is documented in the Release Notes:

Release Notes – Magento 1.4.0.1 stable (February 19, 2010)

Changes

  • The error report exception printing is disabled by default for security reasons. To print the error report, copy the errors/local.xml.sample to errors/local.xml

Varien appear to have gone a bit too far down the security road and disabled notifications when an error occurs.  It would have been better to have notifications enabled and used the admin email address configured in the admin area.  Better yet, add these options to the System -> Configuration -> Admin area of the backoffice.  Perhaps this will come in future releases.

It is very important for store owners and administrators to be made aware of any issues within the store.  If you check for error report directory on a regular basis you’ll probably pick these up, if not, you have no idea customers are unable to use certain areas of your site.  This leads to lost customers, lost repeat visitors, and lost money.  The ideal scenario is to have the error report emailed to the administrator but not display the error contents to a customer.  To do that we need to follow the instruction in the Release Notes and edit the configuration file.

Step 1

Rename or copy the sample configuration file errors/local/xml/sample to errors/local.xml within your Magento installation directory

Share

Facebook
Twitter
LinkedIn
Email

Related

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories

  • Databases (11)
    • MongoDB (4)
    • MS-SQL (1)
    • MySQL (6)
  • E-Commerce (8)
    • Magento (8)
  • Finance (2)
  • Frameworks (84)
    • Adobe Flex (1)
    • Angular (ngx) (3)
    • Codeigniter (6)
    • CSS (5)
    • Django (2)
    • Javascript (13)
    • Node.js (6)
    • PHP (17)
    • React Native (4)
    • React.js (1)
    • Sencha Touch (4)
    • Terraform (1)
    • Vue.js (1)
    • WordPress (4)
    • Yii2 (3)
  • General Documents (15)
  • Marketing (3)
  • Mobile Development (33)
    • Android (20)
    • iPhone (13)
  • Platforms (21)
    • Arduino (2)
    • Docker (5)
    • Google App Engine (5)
    • Raspberry Pi (5)
    • Samsung Smart TV (4)
  • Security (17)
  • Server (30)
    • Linux (12)
  • Tools (14)
    • SVN (7)
  • Uncategorized (2)

Search

Recent Posts

  • Taint all resources in the one module
  • Alpine – Plugin caching_sha2_password could not be loaded
  • npm link with peerDependencies
  • How to setup Gitlab runner with KVM enabled
  • Failed to transform bcprov-jdk15on-1.68.jar

Recent Comments

  • Obayed on Binance Auto Trading Bot – Buy low/Sell high with stop loss limit/Trade multiple coins
  • Ari on How to install memcache.so/memcached.so for MAMP Pro (Mac)
  • Mida ali on Binance Auto Trading Bot – Buy low/Sell high with stop loss limit/Trade multiple coins
  • Chris Lee on How to install memcache.so/memcached.so for MAMP Pro (Mac)
  • Chris Lee on Setting Up A VPN Server On OSX 10.6

Tags

1 ajax amazon android android-addpart browser chrislee-kr codeigniter codeigniter-tcpdf com-apple-net-racoon CSS CSS history hack delpaigmail-com entity-addpart-double exception-printing-is-disabled-by-default-for-security-reasons ext-plugins-listpagingplugin ext-plugins-listpagingplugin-example f iphone javascript jquery-defaultchecked jquery-samsung-smart-tv listpagingplugin mac magento-exception-printing-is-disabled-by-default-for-security-reasons magento-sample-data-exception-printing-is-disabled-by-default-for-security-reasons nu-vot null-core-errors-confignotfound-config-mk9engine-ini php samsung-smart-tv-jquery samsung-smart-tv-sdk-ajax samsung-smart-tv-sdk-jquery samsung-tv-sdk samsung-tv-sdk-jquery samsung tv sencha-smart-tv sencha-touch-list-paging smart-tv-jquery sqlite subversion svn tcedook tcpdf-codeigniter uilinebreakmodecharacterwrap-is-deprecated unknown-column-link-area

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
© 2023 Chris' Laboratory | Powered by Minimalist Blog WordPress Theme