Looks like it is designed to be like this so you can see the error file by clicking 'View Error Log' in Help, Troubleshooting.

I would ask Gary where the error.err location is defined and change it so it is at the same level as /public_html/ or /httpdocs/ so only accessible by ftp

From Sellerdeck Support - with permission

Thanks for contacting SellerDeck software support.
There is only one condition where details described are added to the error.err log and that is when a Sellerdeck agent has requested that ‘debugging’ mode mode be activated by editing one of the scripts. This then writes every action to the error log including PSP codes etc.

This gives us far greater information for troubleshooting. Once the immediate requirement for testing is completed, there is normally a request to revert the script to it’s original state via replacing it or re-editing it and the log cleared.
It would not prove to be particularly handy for us, as we would then require the customer to recover the file if capable or to supply the ftp details so that we can retrieve it as many times as is required. We would then need to notify our GDPR officer that we have live FTP details from a customer and ensure that they are deleted at the end of the process, and send a recommendation to the customer to change their FTP details.
I will need to contact our development team to request this information.

I have had a response from the developer assigned this issue. They have informed me that there is already an existing usability issue for this (SD-7561). A field report for this ticket has been recorded against it.

The file (error log) is referenced by virtually all of the Perl scripts used by the software so would require changing in each file. From that point onwards the option within the software to view or remove the file, will not work because there is now a changed path.

This is dependant upon the developer finding a safe way to change the path. The concern is that something might be changed in the Perl files that will cause issues later on.

The developer tried to change the file permissions, which works fine for a while, then once it writes to the file it changes the permissions back again, so Perl changes would be needed to write to this file, which again we are not sure if it will be that safe having to test all aspects of online feature.

The developer assigned this issue is checking further, but currently it is looking like there would need to be quite a bit of work to enable this.

While we have not been able to supply a workaround for changing the target destination for the error log, we can however supply coding to stop the file being accessed.

The code below will need to be added to a second .htaccess file, and this then needs to be uploaded to the ‘acatalog’ directory (or whatever directory the site directory has been renamed to.