WordPress.org

Forums

WP Security Audit Log
[resolved] quick questions: who can view alerts; & "unknown error" box (4 posts)

  1. Consciousness
    Member
    Posted 10 months ago #

    Just installed this.
    Two quick questions:

    (1) under Settings, if I leave the "can view alerts" and "can manage plugin" boxes BLANK, will all authorized Users be able to do those things?

    (2) under Enable/Disable Alerts, why is the top "0000 unknown error" box not automatically checked? Is there a particular reason I should not enable that?

    https://wordpress.org/plugins/wp-security-audit-log/

  2. WPWhiteSecurity
    Member
    Plugin Author

    Posted 10 months ago #

    HI Consciousness,

    Thank you for using our plugin. Below are the answers to your queries:

    1. If you leave them blank only users with the Administrator role can view the alerts or manage the plugin.

    2. Monitoring of errors is disabled by default. They should only be enabled on development and staging websites and not on live websites since they might slow the site's performance. They are typically used by developers so I wouldn't bother much about them.

    While I trust the above answers your queries, do not hesitate to get in touch should you have any further queries.

  3. Consciousness
    Member
    Posted 10 months ago #

    Thank you.

    On a different audit plugin, "Audit Trail," when a failed login attempt happens, there is a designation as to what the username tried was, for example, "admin" or a different username. It appears on Audit Log there is only the register of the failed login attempt, not the specificed username it was tried with. Is it possible to know what username attempted - i.e., basically, was or was it not an actual username? (Since of course that impacts security).

  4. WPWhiteSecurity
    Member
    Plugin Author

    Posted 10 months ago #

    Hi Consciousness,

    Very good question indeed. As explained in another ticket we used to report the username before though with the new update, to be able to support better high traffic website we TEMPORARILY stopped reporting of the username when failed logins are detected.

    This is something we are working on and an improved version should be available in the near future.

Reply

You must log in to post.

About this Plugin

  • WP Security Audit Log
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic