Loggin in Wordfence

  • Resolved the_lar

    (@the_lar)


    7 years, 3 months ago

    Hi,

    I’ve been given a big security checklist by my client and I need to see whether the features of Wordfence meet this criteria, this particular point relates to the logging of sensitive security events. The criteria I’ve been given is as follows:

    A minimum set of logs (enough to detect suspicious activities as soon as possible) must be produced by the web application.

    • Authentication (success and failure)
    • Password changes
    • Password reset
    • Writing operation performed by users
    • Access failure (security or error)
    • Input rejected by filters

    However, some elements must not be logged:

    • Passwords and password hashes
    • Payment information (credit card numbers and CVV)
    • Fullname of users

    Could anyone give me some steer as to whether this kind of information is logged by Wordfence and how I can access it? I have looked under ‘Live traffic’ and while that shows logins and logouts, it doesn’t seem to show authentication failures, password resets.

    Many thanks
    Kevin

Viewing 1 replies (of 1 total)
  • Plugin Support wfphil

    (@wfphil)

    7 years, 3 months ago

    Hi,

    The Live Traffic filter Logins and Logouts does display failed login attempts.

    You can use the advanced filter below to see password reset requests – as long as the default password reset page is used, otherwise you will have to update the URL filter:

    URL contains lostpassword

    Thanks.

Viewing 1 replies (of 1 total)

The topic ‘Loggin in Wordfence’ is closed to new replies.

Tags