WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Would love a way to disable logging (4 posts)

  1. Trionic Labs
    Member
    Posted 1 year ago #

    I do support work and have several clients that use BPS - great plugin, does things very well for the most part. However, the logging feature is problematic for two reasons:

    1. The log entries are very verbose so they take lots of space.
    2. The BPS control panel loads the log file which can be inefficient.

    I see that you are trying to keep things clean with the log file too large message, but I've got clients who are not under attack, but just have enough 403s that their log file exceeds the threshold and they start seeing the message within 5 minutes after clearing it. (And for some people, that message causes severe panic and emergency calls to me.)

    I guess what I think would be a huge improvement would be:

    1. A way to turn logging on and off. Logging is useful when you are looking at what is attacking, but for the most part it is a list of things that were successfully blocked. What is more important to me is a log of things that actually made it through. Being able to turn them on and off gives me the ability to take a look at what is happening if I want, but saving the disk i/o if I think I'm in good shape.

    2. Don't load the log file into the control panel - at least initially. Most of the access to the control panel is not to simply view the log file so loading it is a waste of time and resources. There is a button to refresh it already which is good, if someone wants to view their log in the browser - they can press that. And if you don't load it automatically, then you have no need for the alarming log file too big messages.

    Again, keep up the great work. Hope those suggestions help.

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Verbose? Logging has been intentionally limited to only logging the essential things that you would use to diagnose an HTTP error / problem or log a hacking attempt. What part of the logged criteria would recommend be removed? If you would like to change what criteria is logged then you would change that in this file - /bulletproof-security/403.php. If you would like to disable error logging entirely then just comment out this line of code in the root .htaccess file - ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php by adding a pound sign # in front of that line of code.

    >>>>>>>>>>> 403 Error Logged [11/05/2012 6:22 PM] <<<<<<<<<<<
    REMOTE_ADDR: 75.22.36.93
    Host Name: adsl-75-22-36-93.dsl.irvnca.sbcglobal.net
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://forum.ait-pro.com/wp-admin/edit.php?post_type=topic
    REQUEST_URI: /wp-admin/post.php?post=17&action=trash&_wpnonce=3b38e54689&_wp_http_referer=http://forum.ait-pro.com/wp-admin/edit.php?post_type=topic
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 AlexaToolbar/alxg-3.1

    2. Where would you suggest the log file be loaded from? Another BPS menu page?

    1. Yep I held off adding logging to BPS for over 2 years for this exact reason. Most folks panic when they see hacking attempts being logged. BPS has been blocking these hacking attempts in previous versions quietly so no one was aware that BPS was doing its job. A lot of folks feel they need to do something about logged events. This is ONLY true for an HTTP Error indicating a problem with a plugin or some other coding on the website and logged hacking attempts should just be ignored.

    I think your suggestion is a very good idea and I will add the ability to turn error logging on or off in BPS .47.9.

    My sites log 1,500+ hacking attempts and other bad activity on a daily basis. This is just the way the Internet world is unfortunately.

    2. Using your suggestion of adding the ability to turn error logging on or off accomplishes this same goal and actually takes care of all other things that you have mentioned/suggested. Problem solved.

    Thanks for the great suggestions!

    Personally I think error logging should only be turned on to check for any plugin problems or other coding problems. It is a silly waste of time to look at logged blocked hacking attempts or bots sniffing around etc. ;)

    http://forum.ait-pro.com/forums/topic/security-log-security-log-403-errors/#post-1694

  3. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    New erorr logging on / off option will be added in BPS .47.9. Resolving.

  4. Trionic Labs
    Member
    Posted 1 year ago #

    Thanks - I think that will be a help for some sites and situations.

    As far as verbosity goes, I guess the line of thought I was going down was something like using csv format, so you don't need all the headers for every field in every record. I know that is a tradeoff - less human readable, more machine readable. Just makes it possible to reduce the number of characters per error (so less i/o, slower file size growth).

    Thanks for being open to the logging toggle option!

    Ed

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic