Displaying any kind of debug info or similar information is extremely bad for WordPress Security. If any PHP errors happen on your site they should be logged in a safe place and not displayed to visitors or potential attackers.
Open wp-config.php and place the following code just above the require_once function at the end of the file:
If you are concerned about WordPress security on your site, we encourage you to follow the full set of tips on our WordPress Security page. And get in touch if you need help with protecting your site from hackers.