Most hosting provider correctly block the access to debug.log that WordPress generates and that's a great idea because log files can expose important information about the site or its users.
you can test if your debug.log file is accessible by vising https://USE-YOUR-SITE.com/wp-content/debug.log
If the file exists and you can see some errors then you need to contact your hosting provider immediately to let them know about this so they can fix it for all the users. In the meantime you can use the following rules to block access to that file.
Add this to your .htaccess file if you're running Apache web server or a compatible one.
# Protect sensitive files (simple version)
<FilesMatch "(\.log(\.[\w]+)?|\.env(\.[\w]+)?|composer\.(json|lock))$">
Require all denied
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</FilesMatch>
Referral Note: When you purchase through a referral link (if any) on this page, we may earn a commission.
If you're feeling thankful, you can buy me a coffee or a beer
