Fatals To Browser
Last night, came across this error message visiting a well-known site:
Microsoft OLE DB Provider for SQL Server error ’80004005′
The log file for database ‘xxx’ is full. Back up the transaction log for the database to free up some log space.
/XXXX.asp, line 2208
Try as much as possible never to send internal error messages to the browser. Write them to internal logs. Such public disclosures can provide hackers helpful information to attack your site. More on web security for online retailers