WordPress Security Tips: Check if JavaScript debug mode is enabled

Hack Attacker WordPress Security Check

Having any kind of debug mode (WP JavaScript debug mode in this case) or error reporting mode enabled on a production server is extremely bad for WordPress Security. Not only will it slow down your site, confuse your visitors with weird messages it will also give the potential attacker valuable information about your system.

WordPress JavaScript debugging mode is enabled/disabled by a constant defined in wp-config.php open your config file and look for a line similar to:

define('SCRIPT_DEBUG', true);

Comment it out, delete it or replace with the following to disable debugging:

define('SCRIPT_DEBUG', false);

If your blog still fails on this test after you made the change it means some plugin is enabling debug mode. Disable plugins one by one to find out which one is doing it.

If you are concerned about WordPress security on your site, we encourage you to follow the full set of tips on our WordPress Security page. And get in touch if you need help with protecting your site from hackers.