Contradictory messages about log files

Hi guys, I see that logging is now disabled by default.. From the Log Files (Debug) screen, it says this:

“However, it is VERY IMPORTANT to disable logging once you go live. Log files may contain personally identifiable information, credit card numbers, secret API credentials, passwords and/or other sensitive information. We STRONGLY suggest that logging be disabled on a live site (for security reasons).”

So that makes sense, but when I disable the log directory by changing its permissions, I get this warning:

“Permissions error. The security-enabled logs directory (/wp-content/plugins/s2member-logs) is not writable. Please make this directory writable (chmod 777).”

So my question: is it safe to ignore this contradictory message? Or for some reason does the directory need to be writable even when logging is disabled?

Thanks for any help or clues about this.

Hello Jeff,

I can understand where the confusion comes from.

Just a question, are you trying to disable logging by changing the permissions on the folder? Or by telling s2Member to no longer log?

– Eduan

Hi Eduan,

Thank you for your reply.

Please, let us hear your response for both of the two scenarios you mention. Both scenarios are likely to be encountered by s2 users, and thus both will be valuable to help the community.

Thank you!

Jeff

I see that makes sense.

Well in the first case, where you disable logging by changing the folder permissions. I wouldn’t be surprised if you get errors when you do it this way. s2Member is still trying to log, but it can’t so it throws errors at you, like the ones you’re receiving.

In the second case, you disable logging through s2Member. In other words tell s2Member to stop logging, instead of not allowing it to (see the difference?). You accomplish this under Dashboard -› s2Member® -› Log Files (Debug) -› Logging Configuration.

If it’s the second one you shouldn’t be getting any errors, if it’s the first one then it’s no wonder you’re getting errors. :)

Does that explain it well?

– Eduan

Yes, that is very helpful, thank you.

To further clarify, I have disabled logging via s2member, but I also want to restrict permissions on the server. Unfortunately doing so results in s2member displaying this warning:

Permissions error. The security-enabled logs directory (/wp-content/plugins/s2member-logs) is not writable. Please make this directory writable (chmod 777).

So I guess it’s normal that s2member needs write access even if logging is explicitly disabled..? It seems that it would make more sense to not display that warning when logging is disabled.

In other words, users should be able to lock down permissions on the log directory when it’s not being used for anything. Seeing that warning implies that some log activity is still happening even when it’s explicitly disabled. If not, then why is s2member concerned about the permissions of the log directory?

Thank you for any further insight into this :)

Yes I see your point… I’ll ask Jason about this, it’s possible that it’s a bug.

– Eduan

Thanks Eduan. I had posted the same question in another forum and Jason helped to clarify things. I appreciate all the work you guys do with s2member, thank you for your continued support.

Oh OK, glad your answer is answered then. :)

– Eduan