Support » Plugin: WP Cerber Security, Anti-spam & Malware Scan » Tips on analyzing results in the “Activity” section

  • Resolved hotboxprintstudio

    (@hotboxprintstudio)


    Hey Gioni
    I was curious if you can give some tips on how to better analyze the results in the activity section. For the most part its pretty self-explanatory however, sometimes the paths that it shows that are in question are confusing and Im trying to figure out if its actually blocking a “malicious attempt” vs a potential customer trying to fill out my caldera form, for example. As far as I can tell it all looks like stuff unrelated to legitimate visitors on my site, but I wanted to make sure Im not keeping interested parties in my services out by accident.. so any tips on how to look at the results would be super appreciated. – I already stopped by your website and searched the blog but was unable to find what I was looking for so sorry if this is a redundant question.

    For example, these particular ones are a little confusing:

    URL: hotboxprintstudio.com/get-quote/wordpress/wp-config.php

    Or

    URL: hotboxprintstudio.com/wp-json/oembed/1.0/embed

    Or

    URL: hotboxprintstudio.com/wp-json/cf-api/v2/tokens/form

    Thanks for your time,
    Shaun

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author gioni

    (@gioni)

    Hi!

    The first one is malicious. Nobody is permitted to request wp-config.php at all.
    The second is a simple, not harmful request from another WP instance if someone made a link to your site. Also sometimes search engines try to crawl those links if they present in the HTML document HEAD section.
    The third is a Caldera Forms API request, probably a form submission. If you use Caldera Forms and have disabled REST API, you need to whitelist cf-api namespace: https://wpcerber.com/restrict-access-to-wordpress-rest-api/

    Thread Starter hotboxprintstudio

    (@hotboxprintstudio)

    Gioni,

    Thanks!
    This might sound like a stupid question but, with the new algorithm more thoroughly scanning all uploaded files to the website – will that impend any issues with a form like mine where I explicitly allow PSD, AI, and PDF files to be uploaded to my caldera form?

    *I will add Caldera Forms to my whitelist for REST API, thank you for that.

    Gioni, I just wanna say thank you. You’ve been a great help clarifying things when folks like myself need help and your plugin is a must have! Thanks again.

    Plugin Author gioni

    (@gioni)

    No worries. The algorithms scan uploading files for malicious PHP code and SQL statements. Since normal PSD, AI and PDF files don’t contain a piece of such code, the plugin doesn’t block them. Anyway, you always can check the Actvity tab for “Malicious request denied” if you suspect that a legitimate request or an attemt to upload a normal file was blocked by the plugin.

    Thread Starter hotboxprintstudio

    (@hotboxprintstudio)

    Excellent! Thanks again.
    -Shaun

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Tips on analyzing results in the “Activity” section’ is closed to new replies.