A really important thing that you can do is to disable PHP Error Reporting or Error Reporting in WordPress. Now, this is where there is a site error, and the server reports the error. And helpfully it's trying to be helpful to the website owner and gives him or her more information about the error. However, this is also very helpful to hackers and attackers, because it gives them information about the website that you don't want them to know. Now I've done a Google image search here on WordPress, PHP error reporting. And here is one saying that there's an error in the theme index php file on line one, but look, it shows the file path to the websites.

The user name of the websites is in there. You don't want people to see that. Again, they've got half of the information to be able to access your site's back end. You might have seen many of these while surfing around the web. This is not what you want people to see. It is handy, but I can show you how to turn it on and turn it off.

And this is another edit that you need to do in the WP hyphen config dot php file. And I'll show you how to do that now. So again, I have cPanel and that's how I'm going to access my WP config file. You can use an FTP program such as file Zilla to do this, but I'm going to be using cPanel so let's go into file manager and in public underscore HTML, this is where your WP config dot php file lives. You go edit that and you want to put this right at the top after The opening PHP tag and in there just put error underscore reporting open brackets zero, closed brackets colon. Now, if you have an error with any PHP, any plug in any theme in your site, nobody can see the site's username, or get any other valuable information in order to hack your site.

So we'll save changes. Now the first thing you should do after you have disabled Error Reporting in WordPress is to find out if there isn't any error reporting on the actual server itself. Maybe your host has error reporting. So the best way to do this is to test it. So the way to test if your error reporting is disabled, is to get rid of the index. php.

We would like to access our files via the FTP manager file Zilla. This is the safest way as long as You connect with your address usually the IP address username and password via SFTP that is secure File Transfer Protocol. That's the way to access your files. So we've accessed the files and here is the root of the server. Remember we get those three folders WP admin WP content WP includes and all the other familiar WP PHP files. So in amongst that we will find the index dot php.

And what we want to do is, of course, we want to copy it or download it first to our computer before we delete it. And remember, don't do this, if you're not absolutely sure what you're doing. If you're not sure what you're doing, then just contact the host and ask them if error reporting is disabled. So we'll go to the website now and refresh. And this is what we want to see. It isn't an error report.

As such, it's saying you don't have permission to access this server. And additionally, a forbidden error was encountered while trying to use an error document to handle the request. That's exactly what we want to see. There is no interesting information helpful information on this page to know why we can't access this site. And the reason for this is Error Reporting has been correctly disabled on this site, due to me performing that WordPress function as well as my host doing what they did at their end. So remember to disable Error Reporting in WordPress test and make sure your host has Error Reporting disabled.

My name is Rob carbon. I'll see you in the next video.