Placeholder canvas

The trilogy to safely and effectively debugging WordPress

Incorporating debug code as an integral part of the development process is crucial. This practice significantly enhances the overall quality of the final product and enhances compatibility with the broader WordPress ecosystem, encompassing the core, relevant plugins, and the active theme in use.

Why do you need to debug your WordPress Website? 

It’s common knowledge that each WordPress installation comes bundled with a plethora of plugins that introduce numerous functionalities, along with a theme designed for public engagement. This diversity brings along a multitude of coding styles, standards, and potential challenges.

Therefore, it’s advisable to embark on your development projects with an active debugging process in place, continually reviewed to identify and rectify hidden errors, warnings, alerts, and deprecated code. Without this proactive approach, debugging left unattended can result in compromised quality and security. Regrettably, this can lead to the production of subpar, vulnerable, and error-prone code that can adversely affect the performance of your WordPress website.

Debug safely the three constants and two functions

Natively, we have a debug system that, by default, is disabled. Besides the possibility of activation, we have hidden capabilities for power and greater security mechanisms. For these reasons, we need to debug three constants and two functions as mentioned below: 

  1. The constant WP_DEBUG

WordPress provides a built-in debugging mode that helps you identify PHP errors and warnings. To enable it, add the following line to your wp-config.php file:

  1. define( ‘WP_DEBUG’, false ); // By default is disabled
  2. define( ‘WP_DEBUG’, true ); // Consider the true value to enable

This setting will display error messages on your site, aiding in pinpointing issues. However, remember to disable it on your production site to prevent exposing sensitive information to visitors.

Check Your Error Logs

Your server maintains error logs that record PHP errors and other issues. Access these logs via your hosting provider’s control panel or FTP. Look for any error messages that can guide you to the root cause of the problem.

Disable Plugins and Themes

Sometimes, conflicts between plugins or themes can lead to issues. Temporarily deactivate all your plugins and switch to a default WordPress theme like Twenty Twenty-One. If the problem disappears, reactivate each component one by one to identify the culprit.

The other configuration options are listed below:

  1. define( ‘WP_DEBUG_LOG’, true );
  2. define( ‘WP_DEBUG_DISPLAY’, false );

2. The constant WP_DEBUG_LOG

By consistently using the WP_DEBUG_LOG feature, we can capture and log all warnings, alerts, errors, and notifications, saving them into a designated file known as debug.log. This file can typically be found in the /wp-content/ directory.

It is imperative to regularly review this debug.log file. By doing so, we can identify any inconsistencies or issues within the application’s codebase. Once these issues are pinpointed, they should be thoroughly analyzed, and the necessary steps for resolution should be taken. This process is crucial for maintaining the overall health and functionality of the application.

Furthermore, this practice proves to be a valuable asset when dealing with scenarios that occur off-screen. It is particularly useful for analyzing situations where processing occurs through AJAX requests or the Cron features of WordPress, among other instances. By having a detailed log of events in the debug.log file, troubleshooting and debugging become more efficient and effective, enabling the development team to reply as soon as possible to any potential problems.

  1. The constant WP_DEBUG_DISPLAY
debugging WordPress

The value of true and/or false can and should be considered for constant WP_DEBUG_DISPLAY. Its default value is true, which means that errors are displayed on the screen – the same value should be considered in development environments.

Production environments should be kept constant with a value of false, thereby preventing the display of the screen where error implementation details are exposed.

We advise the use of false values for all environments, but in conjunction with the true value to the constant WP_DEBUG_LOG. Thus, we will not have the errors on the screen, avoiding environmental exposure and, in some cases, compromising the implementation of the interface and forcing the team to review the debug.log file for analysis and correction of inconsistencies.

The values of the constants are aligned in the PHP settings.

  1. define( ‘WP_DEBUG’, true );
  2. define( ‘WP_DEBUG_LOG’, true );
  3. @ini_set(‘log_errors’, ‘On’);
  4. define( ‘WP_DEBUG_DISPLAY’, false );
  5. @ini_set(‘display_errors’, ‘Off’);

With this combination of constants and values, we guarantee an ideal setting for safe and effective debugging in WordPress, recording and storing the inconsistencies but avoiding their exposure.

Attention is drawn to the use of ini_set PHP, used to define the value of a setting. It is important to them, in addition to the constant WP, to make sure that the desired behavior for the application is aligned with the PHP behavior configured on the server.

Imagine that PHP was configured to display errors, and the display_errors directive in the php.ini file with the On value and the constant WP_DEBUG_DISPLAY is the false value to not display errors. The behavior set in PHP will override the WP, so both align and avoid surprises.

In addition to the hidden errors, warnings and alerts and warnings codes:

By combining a set of constants and values, we ensure the establishment of an optimal configuration for secure and efficient debugging within the WordPress environment. This configuration allows us to capture and retain discrepancies without exposing them.

It’s worth noting the significance of utilizing the ini_set function in PHP, which enables us to specify the value of a particular setting. It is imperative to ensure that, apart from the WP constant, the desired behavior of the application is harmonized with the PHP configuration on the server.

To illustrate this, consider a scenario where PHP is configured to display errors, and the php.ini file has the display_errors directive set to ‘On,’ while the constant WP_DEBUG_DISPLAY is set to ‘false’ to suppress error displays. In such a situation, the PHP-defined behavior takes precedence over WP, ensuring alignment and averting unexpected outcomes.


Location and protection of debug.log file

As reported, the debug.log file is located in the / wp-content; this file in any way must be public, and, therefore, we need to protect it.

The correct permission for the file

Consider allowing 600 to debug.log file that allows reading and recording the core of WordPress and its plugins to the file.

A contribution to .htaccess

Besides the correct permission, those using Apache consider extra protection to the file through directives in .htaccess and block external access to the file through the web browser – for example, when someone tries to access the / wp-content / debug.log.

  1. <Files debug.log>
  2. Order allow, deny
  3. Deny from all
  4. </Files>

Consider using the standard WordPress debug mechanism, but make safe use of the constant and correct functions for this. Ensure safety and better quality of developed and updated code of the platform.

Best Practices for Effective Debugging

  • Create a Staging Environment

Never debug on your live site. Set up a staging environment that mirrors your production site. Debug and test changes there before implementing them on your live site to avoid disruptions.

  • Keep Regular Backups

Always backup your website before making any significant modifications. In the event that something goes wrong when debugging, you may rapidly restore your site to its prior condition thanks to this.

  • Document Your Debugging Process

Maintain a log of your debugging efforts. This documentation can be invaluable if you encounter similar issues in the future or need to collaborate with other developers. Consider using a tool like Evernote or a simple text document for this purpose.

  • Stay Informed and Seek Help

WordPress is a dynamic platform, and best practices evolve. Stay up to date with the latest debugging techniques, plugins, and tools. Don’t hesitate to seek help from forum developer communities or even hire a professional when needed.+


In the world of WordPress development, the ability to debug effectively is an indispensable skill. This trilogy of debugging methods, consisting of Basic Debugging, Advanced Debugging, and Best Practices, equips you with the tools and knowledge to tackle issues efficiently and safely.

By mastering basic techniques like enabling WordPress debugging mode, checking error logs, and disabling plugins and themes, you can quickly identify and address common issues. When faced with more complex problems, advanced debugging methods, such as using debugging plugins or custom code, provide deeper insights into the inner workings of your WordPress site.


If you are looking for Managed WordPress Hosting that is isolated from other users on the server, we provide you with everything for which you have been waiting. Our hosting is built on a blazing-fast SSD latest hardware that’s highly tuned for optimum performance. The hosting includes daily backups, anytime money back, 99.97% uptime, and 24×7 support.

FAQs on Safely and effectively debug WordPress

Is it safe to enable WordPress debugging on a live site?

No, it is not safe to enable WordPress debugging on a live site. While it can be a valuable debugging tool, it exposes error messages that can compromise your site’s security and reveal sensitive information to visitors. Always use debugging mode in a staging environment and disable it on your live site.

What should I do if I can’t identify the source of an issue using basic debugging methods?

If basic debugging methods do not yield results, consider using advanced debugging techniques such as debugging plugins or custom code snippets. Additionally, seek Help from WordPress forums or developer communities where experienced developers can provide guidance.

How can I prevent future issues on my WordPress site?

To prevent future issues, follow best practices such as maintaining regular backups, keeping your plugins and themes updated, and staying informed about WordPress security and development trends. Implementing a strong security strategy is also essential to safeguard your site.

Want faster WordPress?

WordPress Speed Optimization

Try our AWS powered WordPress hosting for free and see the difference for yourself.

No Credit Card Required.

Whitelabel Web Hosting Portal Demo

Launching WordPress on AWS takes just one minute with Nestify.

Launching WooCommerce on AWS takes just one minute with Nestify.