Information disclosure in error messages not a weakness

Ihr Suchbegriff

Drupal core provides a feature to show error messages to site visitors. By default this feature is enabled which is very helpful while building a site because the visitor can quickly see the error messages.
Once a site has entered "production" mode this feature should be disabled to avoid information disclosure such as the full filesystem path on the server or the structure of tables in a SQL error message.

Disabling display of error messages in Drupal 7

As an administrator, navigate to Home » Administration » Configuration » Development » Logging and errors. Set the "Error messages to display" option to "None."
read more: