How to Find and Read Error Logs in cPanel
Half the support tickets we see start with "my site is broken" and nothing else. The fastest way to stop guessing and start fixing is the error log — cPanel keeps several, and most people never open them. Here's where they live and what to actually do with them.
Where cPanel Keeps Your Error Logs
There isn't one single log file. cPanel and the server underneath it write to a few different places depending on what went wrong:
- Errors page — cPanel > Metrics > Errors. This shows the last 300 lines of your domain's Apache/PHP error log, no file access needed.
- PHP error log — usually
/home/username/public_html/error_log(or in the specific subdirectory where the error happened). This is where uncaught PHP errors, warnings, and notices land once logging is turned on. - Raw access logs — cPanel > Metrics > Raw Access, or files under
/home/username/access-logs/. Every single HTTP request to your domain, including the ones that returned 404s and 500s. - WordPress debug log —
/home/username/public_html/wp-content/debug.log, only exists if you've turned onWP_DEBUG_LOG.
Start with the Errors page. It's the quickest read and covers most day-to-day breakage.
Reading the Errors Page
Log in to cPanel, go to Metrics > Errors, and pick the domain from the dropdown if you have more than one. You'll see entries that look like this:
[Tue Jul 15 09:12:04.221944 2026] [php7:error] [pid 28471] [client 103.21.244.10:0] PHP Fatal error: Uncaught Error: Call to undefined function wc_get_product() in /home/username/public_html/wp-content/themes/mytheme/functions.php:112Break it down left to right: timestamp, module (php7:error means this came from PHP, not Apache), the visitor's IP, then the actual error. In this example, a theme function is calling a WooCommerce function on a site where WooCommerce is deactivated — that's the fix, right there in one line.
The Errors page only shows the most recent lines and doesn't retain history long-term, so if you're chasing an intermittent issue, you need it turned into a proper log file.
Turning On Full PHP Error Logging
If the Errors page is empty or too thin to be useful, PHP logging is probably set to a low verbosity. Fix that from MultiPHP INI Editor in cPanel:
- Go to Home > Software > MultiPHP INI Editor.
- Select your domain, switch to Editor Mode.
- Set
display_errors = Off(never show raw errors to visitors),log_errors = On, anderror_reporting = E_ALL. - Set
error_logto a path you control, e.g./home/username/public_html/error_log. - Save. No restart needed — PHP-FPM/suPHP picks it up on the next request.
For WordPress specifically, you get a cleaner, WP-aware log by editing wp-config.php instead:
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', false );
@ini_set( 'display_errors', 0 );Reproduce the problem, then check wp-content/debug.log. Turn WP_DEBUG back off once you've got what you need — it's noisy and slightly slows things down if left on permanently.
Tailing the Log Instead of Reloading a Page
If you have SSH access, don't refresh cPanel's Errors page fifty times — just tail the file and reproduce the issue once:
tail -f /home/username/public_html/error_logOr filter for one keyword across everything:
grep -i "fatal" /home/username/public_html/error_log | tail -30This is the single biggest time-saver for anyone debugging a live site — you see the exact moment the error fires instead of hunting through hundreds of unrelated lines afterward.
Raw Access Logs: When There's No PHP Error at All
Sometimes the problem isn't PHP throwing an error — it's a 403, a 404 on assets, or a bot hammering your site. That's what raw access logs are for. Go to Metrics > Raw Access, download the current log for your domain, and grep it:
grep " 500 " access-log | tail -20
grep " 403 " access-log | awk '{print $1}' | sort | uniq -c | sort -rnThe second command counts how many requests each IP made that got a 403 — useful for spotting a single abusive IP versus a broken permission on a specific file.
Common Entries and What They Actually Mean
| Log line contains | What it means | Where to look next |
|---|---|---|
| PHP Fatal error: Uncaught Error | Code called something that doesn't exist — missing plugin, wrong PHP version, bad update | Deactivate the plugin/theme named in the file path |
| PHP Warning: Cannot modify header information | Something (usually whitespace before <?php) sent output before headers | Check the file/line named for stray characters before the PHP tag |
| Permission denied | File/folder ownership or chmod is wrong | Should be owned by your cPanel user, folders 755, files 644 |
| MySQL server has gone away | A query timed out or hit max_allowed_packet | Check MySQL Too Many Connections troubleshooting or increase timeout |
| No such file or directory | Code is referencing a path that moved or was deleted | Confirm the file exists at that exact path, case-sensitive |
If You're on a VPS Instead of Shared cPanel
Without cPanel's UI, the logs are just files on disk. For Apache: /var/log/apache2/error.log (Debian/Ubuntu) or /usr/local/apache/logs/error_log (CloudLinux/cPanel-based VPS). For Nginx: /var/log/nginx/error.log. PHP-FPM has its own pool log too, usually under /var/log/php8.1-fpm.log — check the version number matches what you're actually running.
Prevention: Keep Logging On, Just Not Loud
Leave log_errors = On permanently — it costs you nothing in performance and saves hours the next time something breaks. What you shouldn't leave on is display_errors, which prints raw PHP errors (including file paths and sometimes database details) straight to visitors. That's a security leak, not just an ugly page. Log quietly, display nothing, check the file when something's wrong.
Frequently asked questions
Why is my cPanel error log empty even though the site is clearly broken?
Usually because log_errors is off or error_reporting is set too low in php.ini. Open MultiPHP INI Editor, set log_errors to On and error_reporting to E_ALL, then reproduce the issue — it should show up within seconds.
How long does cPanel keep error logs?
The Errors page under Metrics only shows the most recent lines and rotates frequently. For anything you need to keep, point error_log at a file in your own home directory so it persists until you delete it or logrotate cleans it up.
Is it safe to leave WP_DEBUG_LOG on all the time?
It's low-risk since it only writes to a file, not the browser, but the debug.log file can grow large fast on a busy site. Turn it off once you've diagnosed the issue, or set up a cron job to trim it periodically.
I see 'Permission denied' in the log but the file permissions look fine. What else could it be?
Check ownership, not just permissions — run ls -la and confirm the file/folder is owned by your cPanel username, not root or a different account. A wrong owner blocks access even with correct chmod values.
Can I read error logs without SSH access?
Yes — cPanel's Metrics > Errors page and File Manager both work over the browser. You lose the convenience of tail -f and grep, but File Manager lets you open and search error_log directly, and you can download raw access logs from Metrics > Raw Access.