Support » Plugin: Sucuri Security - Auditing, Malware Scanner and Security Hardening » Post Update Notifications for Wphb_minify_group

  • Resolved mboverhof

    (@mboverhof)


    I have been getting tones of these notifications and I don’t know what they mean, can you provide some insight?

    Email Text
    Subject: Post Update

    Login Info:
    Time: March 15, 2017 11:19 am

    Website Info:
    Site: http://siteaddresshere.com
    IP Address: 112.198.70.188

    Notification:
    Wphb_minify_group (private to published); identifier: 748; name: 2199baa6ce941cae8b75dd9cfc16ce3a-scripts

Viewing 10 replies - 1 through 10 (of 10 total)
  • The same happens to me.

    Hi there,

    Are you running a performance plugin? That looks to be ‘cache minification’ actions. You would need to validate the activity with the plugin author.

    Regards,
    Eve

    Yes, I was thinking it was the case but why do it all the time?

    I use a plugin called Hummingbird by WPMUDEV.

    Hi there,

    You would need to ask the author about the behavior. The Sucuri plugin is just the messenger. 🙂 You can always adjust your alert settings to change and/or limit the number of alerts you receive.

    Eve

    Like many other plugins, HB simply stores it’s data in an internal post type to avoid creating extra db tables (a best practice). Any audit plugin could pick those changes up as post updates, if they don’t configure them to ignore that post type or internal post types.

    It seems like your plugin could avoid creating unnecessary audit logs by skipping internal post types by default.
    $args = array(
    ‘labels’ => $labels,
    ‘description’ => ‘WPHB Minify Groups (internal use)’,
    ‘public’ => false,
    ‘publicly_queryable’ => false,
    ‘show_ui’ => false,
    ‘show_in_menu’ => false,
    ‘query_var’ => false,
    ‘rewrite’ => false,
    ‘capability_type’ => ‘post’,
    ‘has_archive’ => false,
    ‘hierarchical’ => false,
    ‘supports’ => array()
    );

    Hey WPMU DEV!

    Thanks for the feedback. However, skipping those internal post types could leave a security hole for database entries to be created with that post type in order to evade the Sucuri notifications.

    So, in this case, we recommend disabling notifications from Wphb_minify_group in Settings -> Ignore Alerts.

    I hope that helps!

    Thanks,
    Eve

    Thank you very much for your answers. I will disable that in my Sucuri alerts.

    Thanks for the replies everyone 🙂

    I will disable Sucuri alerts for notifications from Wphb_minify_group.

    • This reply was modified 3 years, 8 months ago by mboverhof.

    @evahost

    I’m Ignacio, Hummingbird developer. I would like to know more details about your response as I don’t fully understand it.

    “skipping those internal post types could leave a security hole for database entries to be created with that post type in order to evade the Sucuri notifications.”

    Why could it leave a security hole?

    It is just an internal post type that is not public at all.

    Thanks

    Hi Ignacio,

    We prefer not to ignore by default any activity that could allow a malicious user to create entries in the database.

    But we understand that some plugins create temporary data in the posts table, that’s why we’ve made it possible to ignore or whitelist specific activity.

    Kind regards,
    Eve

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Post Update Notifications for Wphb_minify_group’ is closed to new replies.