What does this plugin really do?

  • ivanbayross

    (@ivanbayross)


    10 years, 1 month ago

    Whenever I install and configure this plugin on my WP website, my error.log gets filled very rapidly with what I think are attempts to hack in to the Admin section on my website.

    Within a day or so, I get a website admin message indicating that my website is exceding its domain size limits.

    If I diable / delete this plugin then this stops immediately and all seems well.

    Here is one record within the error.log that I’m sharing.

    [26-Mar-2014 08:42:44 UTC] WordPress database error Got a packet bigger than ‘max_allowed_packet’ bytes for query UPDATE ibmb_options SET option_value = ‘a:8516:{i:0;a:3:{s:2:\”ip\”;s:12:\”31.210.96.90\”;s:8:\”username\”;s:5:\”admin\”;s:4:\”time\”;s:19:\”2013-09-10 12:23:39\”;}i:1;a:3:{s:2:\”ip\”;s:13:\”213.60.51.127\”;s:8:\”username\”;s:5:\”Admin\”;s:4:\”time\”;s:19:\”2013-09-11 08:10:56\”;}i:2;a:3:{s:2:\”ip\”;s:13:\”213.60.51.127\”;s:8:\”username\”;s:5:\”Admin\”;s:4:\”time\”;s:19:\”2013-09-11 08:10:56\”;}i:3;a:3:{s:2:\”ip\”;s:13:\”213.60.51.127\”;s:8:\”username\”;s:5:\”Admin\”;s:4:\”time\”;s:19:\”2013-09-11 08:10:57\”;}i:4;a:3:{s:2:\”ip\”;s:13:\”213.60.51.127\”;s:8:\”username\”;s:5:\”Admin\”;s:4:\”time\”;s:19:\”2013-09-11 08:10:58\”;}i:5;a:3:{s:2:\”ip\”;s:13:\”213.60.51.127\”;s:8:\”username\”;s:5:\”Admin\”;s:4:\”time\”;s:19:\”2013-09-11 08:10:59\”;}i:6;a:3:{s:2:\”ip\”;s:13:\”213.238.175.8\”;s:8:\”username\”;s:5:\”admin\”;s:4:\”time\”;s:19:\”2013-09-11 12:46:11\”;}i:7;a:3:{s:2:\”ip\”;s:12:\”146.0.74.170\”;s:8:\”username\”;s:5:\”admin\”;s:4:\”time\”;s:19:\”2013-09-11 13:37:39\”;}i:8;a:3:{s:2:\”ip\”;s:11:\”5.39.219.27\”;s:8:\”username\”;s:5:\”admin\”;s:4:\”time\”;s:19:\”2013-09-11 14:29:53\”;}i:9;a:3:{s:2:\”ip\”;s:12:\”146.0.74.204\”;s:8:\”username\”;s:5:\”admin\”;s:4:\”time\”;s:19:\”2013-09-11 \”;}}’ WHERE option_name = ‘wp_ultimate_security_checker_failed_login_attempts_log’ made by wp_signon, wp_authenticate, do_action(‘wp_login_failed’), call_user_func_array, wp_ultimate_security_checker_failed_login_logger, update_option

    Im sharing this because I’m concerned about this plugins functionality.

    https://wordpress.org/plugins/ultimate-security-checker/

Viewing 4 replies - 1 through 4 (of 4 total)
  • carlyblack

    (@carlyblack)

    10 years ago

    Hi there, I’m getting this same issue too. Within a week I need to delete the error log because it has grown to nearly 800mb!

    is there a way to turn this off?

    thanks
    Carly

    Thread Starter ivanbayross

    (@ivanbayross)

    10 years ago

    What I’m most concerned about is that it appears that this plugin, which is supposed to protect the WordPress site, for one reason or the other seems to be mounting an attack against the website.

    This is what disturbs me the most.

    Anyone else experienced this kind of problem when using this Plugin?

    Please do share your experiences here.

    JohnChandlerEdmonton

    (@johnchandleredmonton)

    10 years ago

    Our sites seem to be getting lots of attempts to log in with the userid “admin” and other guesses.

    Deactivating the plugin and only activating it when I want to use it is my plan.

    Also we can install the “Limit Login Attempts” plugin.

    P.S. For completeness sake one could also do this:

    At the bottom of “\wp-content\plugins\ultimate-security-checker\wp-ultimate-security.php” change this line from:

    add_action(‘wp_login_failed’, ‘wp_ultimate_security_checker_failed_login_logger’);

    to

    // add_action(‘wp_login_failed’, ‘wp_ultimate_security_checker_failed_login_logger’);

    thereby commenting it out. This will stop it from tracking the failed logins.

    Fred Chapman

    (@fwchapman)

    9 years, 8 months ago

    I didn’t know this plugin kept a log of failed login attempts until I noticed the WordPress database on one site was bloated. When I investigated, I discovered that the log took up 2.5 MB in the database! Deactivating and deleting the plugin didn’t clean up the database, either. I had to manually delete the log from the database.

    Wordfence Security looks very promising. It blocks repeated failed login attempts and also includes a built-in cache:

    https://wordpress.org/plugins/wordfence/

    I’m going to look into Wordfence to supplement or replace Ultimate Security Checker.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘What does this plugin really do?’ is closed to new replies.