≡ Menu


PHP offers simple but effective solution to log all errors to a log fiie.
On all production web server you must turn off displaying error to end users via a web browser. Remember PHP gives out lots of information about path, database schema and all other sort of sensitive information. You are strongly advised to use error logging in place of error displaying on production web sites. The idea is quite simple -only developer should see php error log.

How do I log all php errors to a log fiie?

Just add following line to /etc/php.ini to log errors to specified file – /var/log/php-scripts.log
# vi /etc/php.ini
Modify error_log directive
error_log = /var/log/php-scripts.log

Make sure display_errors set to Off (no errors to end users)
display_errors = Off

Save and close the file. Restart web server:
# /etc/init.d/httpd restart

How do I log errors to syslog or Windows Server Event Log?

Modify error_log as follows :
error_log = syslog

How do I see logs?

Login using ssh or download a log file /var/log/php-scripts.log using sftp:
$ sudo tail -f /var/log/php-scripts.log

Updated for accuracy!

You can provide each user or domain its own php.ini file. There are two basic ways to provide each user a php.ini file:

a) Setup chrooted jail for each domain and user will get /etc/php.ini inside each jail
b) Setup individual fastcgi instance for each domain along with php.ini

Let us say you have two domains as follows

  1. theos.in php.ini location /home/lighttpd/theos.in/php.ini
  2. cyberciti.biz php.ini location /home/lighttpd/cyberciti.biz/php.ini
  3. /etc/php.ini - generic file for the rest of all domains

You need to add following directives to lighttpd.conf file:

$HTTP["host"]  =~ "(^|\.)theos\.in$" {
  server.document-root = "/home/lighttpd/theos.in/http/"
  accesslog.filename         = "/var/log/lighttpd/theos.in/access.log"
  server.error-handler-404 = "/index.php?error=404"
  fastcgi.server    = ( ".php" =>
                "bin-path" => "/usr/bin/php-cgi -c /home/lighttpd/theos.in/php.ini",
                "socket" => "/home/lighttpd/theos.in/php-cgi.socket",
$HTTP["host"]  =~ "(^|\.)cyberciti\.biz$" {
  server.document-root = "/home/lighttpd/cyberciti.biz/http/"
  accesslog.filename         = "/var/log/lighttpd/theos.in/access.log"
  server.error-handler-404 = "/index.php?error=404"
  fastcgi.server    = ( ".php" =>
                "bin-path" => "/usr/bin/php-cgi -c /home/lighttpd/cyberciti.biz/php.ini",
                "socket" => "/home/lighttpd/cyberciti.biz/php-cgi.socket",

Note option -c /path/to/my/custom/php.ini passed to /usr/bin/php-cgi. It will force php to Look for php.ini file in the directory path specified by us.

Now end users can modify php.ini as per requirements.


  • Although a user can make changes to php.ini file, you still need to restart a web server using root or equivalent privileges
  • This may also open your box to new security issue such as wrong php.ini settings or user can load any custom php modules

You can apply same settings to Apache web server using jail or lighttpd fastcgi as a proxy.