Plugin Author
AITpro
(@aitpro)
The Security Log file is automatically zipped, emailed to you and replaced with a new blank Security Log file based on the size setting that you choose. Basically the whole process is automated. The BPS Security Log is a plain text log file just like your server’s plain text log file, which logs events as they occur. Anyway there is no need to try to block anyone from your site completely. When an attack, probe or whatever is blocked by BPS it is logged as a 403 error, which means they are blocked/forbidden. So you do not need to do anything else and can let the Security Log automated process do what it does.
Plugin Author
AITpro
(@aitpro)
And most importantly the Security Log is a primary troubleshooting tool. ie if something legitimate is being blocked that needs to be whitelisted then the Security Log entry will show what needs to be whitelisted in the logged entry.
Plugin Author
AITpro
(@aitpro)
Assuming all questions have been answered – thread has been resolved. If you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.
Thread Start Date: 8-27-2015 to 8-28-2015
Thread Resolved/Current Date: 8-29-2015
I have a large number of client sites that have your BPS plugin installed and we are getting a large amount of load on our server due to the 403.php file that processes logging. I’ve turned off logging multiple times on these sites, but everytime there is an update the logging seems to get turned back on and our server load increases. Is there something I can do to make turning off logging more permanent?
Thanks!
Plugin Author
AITpro
(@aitpro)
BPS Security logging is using the same exact logging method your server uses for logging. ie successive writes to a plain text file (no DB Queries or anything else that “costs” high amounts of resources). BPS Security logging should not cause any noticeable load or resource usage even when Brute force attacks are occurring at 1,000 login attempts|attacks per second – 60,000 attacks per minute – 360,000 attacks per hour – causes a .1 second load speed increase when 1,000 attacks per second are occurring. If you are seeing noticeable load increases with BPS Security logging then there is some sort of logging conflict going on with your server or something else you have installed since that is not normal.
BPS Security Logging does not need to be turned on all the time and can be selectively turned on or off for troubleshooting. When our sites are under attack by large brute force attacks, which happens about twice a week, we turn off Security Logging since there is no point in logging all the blocked attacks.
To permanently turn off Security Logging/error logging – add/copy your BPS Security Logging code to BPS Custom Code.
1. Turn Off Security Logging on the BPS Security Log page if it is not already turned Off.
2. Go to the htaccess File Editor tab page > Your Current Root htaccess File tab > Copy and paste the entire ERROR LOGGING AND TRACKING section of code from your root .htaccess file into this text box: CUSTOM CODE ERROR LOGGING AND TRACKING.
3. Click the Save Root Custom Code button to save your Root custom code.
4. Go to the Security Modes page and click the Create secure.htaccess File AutoMagic button.
5. Select the Activate Root Folder BulletProof Mode Radio button and click the Activate|Deactivate button.
Thank you for the details. We were missing the PHP Zip module which may have been a factor, however it does seem to draw some load still after enabling the module. Appreciate the tip on how to permanently block logging. My techsupport have been advising me to delete the plugin because of the 403.php load, but I’d rather not as I rely on it for a lot of htacesss protections.
Plugin Author
AITpro
(@aitpro)
So what you are telling me is that your tech support is not able to figure out and tell you what and where the problem/issue/conflict is occurring with BPS and your/their particular server. Since this is not something that normally happens then there is a specific problem/issue/conflict with your/their server.
If ErrorDocument logging redirects are causing some kind of issue on your particular server then this code below would also logically be a problem for your server configuration:
1. Copy this modified code below to this BPS Root Custom Code text box: CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
# DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs
#RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$
2. Click the Save Root Custom Code button to save your Root custom code.
3. Go to the Security Modes page, click the Create secure.htaccess File AutoMagic button, select the Activate Root Folder BulletProof Mode Radio button and click the Activate|Deactivate button.
