diff --git a/src/wp-admin/includes/class-wp-site-health.php b/src/wp-admin/includes/class-wp-site-health.php
index dd537296a8655..512b3f406905d 100644
--- a/src/wp-admin/includes/class-wp-site-health.php
+++ b/src/wp-admin/includes/class-wp-site-health.php
@@ -1409,19 +1409,39 @@ public function get_test_is_in_debug_mode() {
 		);
 
 		if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
-			if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
-				$result['label'] = __( 'Your site is set to log errors to a potentially public file' );
-
-				$result['status'] = str_starts_with( ini_get( 'error_log' ), ABSPATH ) ? 'critical' : 'recommended';
+			if ( ! empty( ini_get( 'error_log' ) ) ) {
+				$debug_log_path  = realpath( dirname( ini_get( 'error_log' ) ) ) . DIRECTORY_SEPARATOR;
+				$absolute_path   = realpath( ABSPATH ) . DIRECTORY_SEPARATOR;
+				$is_public_log   = $debug_log_path && $absolute_path && str_starts_with( $debug_log_path, $absolute_path );
+				$is_wp_debug_log = defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG;
+
+				if ( $is_public_log ) {
+					$result['label'] = __( 'Your site is set to log errors to a potentially public file' );
+					$result['status'] = 'critical';
+				} else {
+					$result['label'] = __( 'Your site is set to log errors to a file outside the document root' );
+					$result['status'] = 'good';
+				}
 
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					sprintf(
-						/* translators: %s: WP_DEBUG_LOG */
-						__( 'The value, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is potentially available to all users.' ),
-						'<code>WP_DEBUG_LOG</code>'
-					)
-				);
+				if ( $is_wp_debug_log ) {
+					$result['description'] .= sprintf(
+						'<p>%s</p>',
+						sprintf(
+							/* translators: %s: WP_DEBUG_LOG */
+							$is_public_log
+								? __( 'The constant, %s, has been added to this website&#8217;s configuration file. This means any errors on the site will be written to a file which is likely publicly accessible.' )
+								: __( 'The configuration constant, %s, has been set to write errors to a file outside the WordPress directory. This is a good practice as the log file should not be publicly accessible.' ),
+							'<code>WP_DEBUG_LOG</code>'
+						)
+					);
+				} else {
+					$result['description'] .= sprintf(
+						'<p>%s</p>',
+						$is_public_log
+							? __( 'The error log path has been configured to a file within your WordPress directory. This means any errors on the site will be written to a file which is likely publicly accessible.' )
+							: __( 'The error log path has been configured to a file outside your WordPress directory. This is a good practice as the log file should not be publicly accessible.' )
+					);
+				}
 			}
 
 			if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) {