WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] [Plugin: Better WP Security] Site Lockout Notifications, errors 404 & robots visits (12 posts)

  1. Agnes
    Member
    Posted 2 years ago #

    I installed the plugin after my server had reported some malicious activity. Now I feel I am safer!
    I have enabled the 404 module and got my 3rd 'Site Lockout Notification' in a weeek. So I visit the log and find a number of 404 errors. Many of them are on google translated pages, which are not true errors. However, I also see a large number of 404 errors on slugs like
    '/category/hot/'
    and other blog categories, that indeed do not exist, since my blog base is 'blog' se the related content is under
    '/blog/latest-news/hot' and alike.
    I also check my Google Webmaster tools reports and do not have 404 errors on such slugs.
    So I wonder, does that mean these are malicioous agents trying to guess these slugs because they are normal wordpress ones?

    Also, I wonder, is there a way to make sure that I do not lock out robots agents?

    http://wordpress.org/extend/plugins/better-wp-security/

  2. It's hard to say for sure. More than likely it is bots traversing your site however whether or not they are malicious is not as easy to determine however usually malicious bots will scan for specific files in wp-content.

  3. Agnes
    Member
    Posted 2 years ago #

    OK thanks...
    I ve cleant out all my 404 from google webmaster tools,, put a few more redirects... Will see if any more lockout!
    Thanks, Agnes

  4. Thanks Agnes! Please keep me posted.

  5. Agnes
    Member
    Posted 2 years ago #

    Hey Bit51, you know it feels very nice to have a plugin author checking and helping its pals... and uyou have a number of users here!
    so Thanks are for you :)

  6. Agnes
    Member
    Posted 2 years ago #

    I got a new lockout notification but these last 2 times are for bad logins, so I believe real attacks.
    I am amazed at the logs,, this is brilliant product!

    2 things though:
    - I dont see the tab for bad logins logs, is there one? It seems I can only delete the entries...
    - most of my modified / deleted files are from WP super cche and global translator. Any way to exclude those?

  7. Agnes
    Member
    Posted 2 years ago #

    oup, ssorry, I see there is a exclude function. Briliant!

  8. Glad you found it. And you're welcome. I only can check these forums about once a day but it does help.

    Cheers!

  9. UTLIBOURNE
    Member
    Posted 2 years ago #

    Hello from France, so the writing is poor ...

    I installed the plugin Better WP Security after my browser had reported some malicious malware or virus i.e : Trojan.js.Iframe , etc ...

    After new install of WP, new database, ( keeping anyway the old one in place ), new pswd, .... on wednesday 17 july and Better WP Security installed this thursday 18 july morning, i've looked at the logs :
    And !!! :
    " Your database contains 92 404 errors."

    Last Found URI Referrer Count
    Last Found URI Referrer Count
    2012-07-18 19:16:50 /Index.php?page_id=40&wpmp_switcher=mobile&wpmp_tp=1 1
    2012-07-18 19:21:19 /Index.php?p=981&wpmp_switcher=mobile&wpmp_tp=1

    etc ....

    "
    In the "old" version, say last week, the plugin " WordPress Mobile Pack " was running . But not now the the current new install !

    So my questions are :
    a) Does Better WP Security control all the bases looking around with WordPress ?
    b) Should i erase all the databases not usefull anymore to avoid all these 404 errors ?

    Thanks for your great job,
    Merci pour votre superbe travail !

    Didier

  10. Hi Didier,

    First, the 404s could very easily be found for quite a while after a plugin is removed. That isn't necessarily something to worry about and is in fact normal in many cases.

    Now for the other questions:

    a.) I'm afraid I don't know exactly what you mean here. It will look for changes in any file, block almost all bots, etc. It can't however protect against every attack. Nothing can be 100% attack-proof
    b.) No, I wouldn't erase the database. The 404 errors will work themselves out over time and even cleaning the db won't remove them from the sites that are linking to them.

  11. Agnes
    Member
    Posted 1 year ago #

    Hello Bit51

    I still have issues with the 404 logs and this (plus possibly other things) actually seems to have created so much CPU usage last Sunday that my host locked me out for a while! So i am trying to dig deeper and find out... I'll appreciate your help.

    For info: I am with latest versions of WP & the plugin.
    I have used some external service to check my 404 and solved them, yet on a development site there may always be a few leftovers...
    I also use DB Cache Reloaded Fix for caching DB requests, Hypercache for caching page requests, and BWP minify to minify scripts. I use Yoast SEO plugin too.

    0> Main problem:
    What locked me out is an anormal number of hits on wp-cron.php and sitemap_index.xml, as well as /wp-admin/admin-ajax.php.
    I wonder if the logging of 404 errors by BWP security may add a lot of database activity and CPU...?
    I might desactivate that function but like to understand what happens first, if possibel.

    Strange things:

    1> I have cleant out the 404 logs several times, and now have 5 pages only in the DB table, yet the plugin tells me 'Your database contains 174 404 errors.' I guess it keeps counting those deleted...?

    2> I get '/wp-admin/admin-ajax.php' as 404 error (44 times) referred by '/wp-admin/post.php?post=999&action=edit'. How is that possible? I think my ajax.php is there...

    3> I also get '/wp-admin/post.php' as 404 referred by '/wp-admin/post.php?post=999&action=edit'

    4> I get '/sitemap-index.xml' (with no referrer) few times - though that file exists...

    Any suggestion?
    Thanks, Agnes

  12. Zak Chapman
    Member
    Posted 1 year ago #

    FUNNY I love the plugin but today he lock me out for 3 days even i`m administrator....

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.