Support » Plugin: iThemes Security (formerly Better WP Security) » Log shows database errors and changes

Viewing 2 replies - 1 through 2 (of 2 total)
  • Handoko



    This Better WP Security is a good security plugin, but many people not really fully understand how to use it effectively. Because the author is very busy can’t provide much time for answering questions here in this forum, so lets me try to explain what I know.

    Bad login entries, what are they?

    Normally, there are 2 possibilities: hackers try to login to your website or, you (or your clients) type wrong information on the login page.

    My suggestion are, you need to study the patterns, if it happens frequently and you know that is not you nor clients faults (typing errors), in other words it means those are hacking attempts, you should put those IPs in your ban list.

    Me, get bad login entries almost everyday. The more famous your website (higher Google PR) is, the more hackers are interested to login to your website.

    404 Errors, it sounds serious, but it might not be so serious as you think.

    404 errors (this plugin calls it: intrusion detection), can be an indication of your website is under attack, hacker is trying scanning your website vulnerability, and blablabla … whatever bad things you can think about. And yes, it can be a very serious security issue.

    But it also can caused by any small mistake, even not a mistake but intentionally action, for example you simply moved or deleted a post or an image. The web crawlers (also Google) will come back looking for the old post/image/link even after months. It is a good practice (for SEO reason) to avoid deletion or renaming anything you have publicized on the web.

    Sometimes the 404 errors may occur if one of the plugin/theme you’re using does not support wp-content folder renaming. I have several such cases. I contacted the authors, and yes they improved the plugin to support wp-content folder name change and the problem solved.

    But some authors are busy. For example here is one of the case I reported to the author:

    Recently, there are many 404 errors caused by apple device users. It is generated because Apple users (iPad, iPhone, etc) are visiting your website. Apple created new standard for their web browsing experience which does not follow the standard now widely used. You can find more information here:

    Changed file records

    This feature is good for monitoring file being altered by hackers. But many of the files in your website are supposed to change. For example plugin that auto generate captcha pictures. So you may need to whitelist the directories which the contents are supposed to change.

    This plugin may report anything that it thinks might be harmful. Some warnings can be serious, but others are simply small mistakes. You need to study the warning information, doing some researches on the web, understand what and why it happens, so you can effectively use this plugin to improve your website’s security. No one can be sure to tell you what the warnings really are, without studying to message.



    You mentioned:
    Log shows database errors

    Actually, your database is okay without any problem, but it does contain some error messages.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Log shows database errors and changes’ is closed to new replies.