Plugin Author
AITpro
(@aitpro)
Is the issue/problem still occurring or is it resolved?
Thread Starter
Anonymous User 9269003
(@anonymized-9269003)
Problem is still occuring.
Plugin Author
AITpro
(@aitpro)
Ok what did you host support folks say?
Thread Starter
Anonymous User 9269003
(@anonymized-9269003)
They say, it may be related to bots wanted to hack website.
Plugin Author
AITpro
(@aitpro)
Ok well that answer is not really helpful. So my recommendation is just to ignore the Security Log entries since BPS Security Log file handling is completely automated. Your BPS Security Log file is automatically zipped, emailed to you and replaced with a new blank Security Log file when it reaches the size limit (500KB is the default size limit) specified in your Security Log file settings.
Plugin Author
AITpro
(@aitpro)
Or of course turn off BPS Security Logging since something on your host server interferes with BPS Security logging. π
Thread Starter
Anonymous User 9269003
(@anonymized-9269003)
Hosting provider said, it may be attack because there are REMOTE_ADDRes.
Plugin Author
AITpro
(@aitpro)
Hmm I looked at your wp forum post history and came across this forum topic that you posted: https://wordpress.org/support/topic/redirection-change-permalinks/ Are you still using the html permalink hack on your website? If so, that could very likely could be causing the Security logging problem.
-
This reply was modified 6 years, 12 months ago by AITpro.
Thread Starter
Anonymous User 9269003
(@anonymized-9269003)
Yes, I am using it.
However, If you are right, why do I have REMOTE_ADDR IPs from around the world?
Plugin Author
AITpro
(@aitpro)
The Security Log just logs fields such as Request URI, IP addresses, etc. Example: something is causing the problem for BPS Security logging and the Security Log just does what it does – logs things. The only forum topic where we have looked at the “dreaded WP html permalink hack” is here: https://forum.ait-pro.com/forums/topic/adding-html-to-pages-created-by-plugin-in-a-new-folder-like-portal/ Note: the forum topic is 4 years old. I doesn’t look like there is any information in the forum topic like the problems you are experiencing on your website. The forum topic does state that the WP html permalink hack can cause 404 errors. So what could be happening is the WP html permalink hack is causing a 404 error and sending all requests to the BPS 403.php logging template. The BPS 403.php logging template only logs errors as 403 errors explicitly. Normally the Security Logging functionality works like this: a 403 error occurs, the BPS ErrorDocument htaccess directive code processes the 403 error and redirects to the BPS 403.php logging template. So if the WP html permalink hack is breaking that functionality then I assume all 404 errors will be sent to the BPS 403.php logging template instead of normal BPS Security logging functionality occurring. Seems logical to me anyway. π
Thread Starter
Anonymous User 9269003
(@anonymized-9269003)
I changed the permalink to .html long time ago and have no traffic for older (non-existing) links.
Besides, I have no traffic from around the world at all, but Security Log indicates 403.php from RemoteAddrs worldwide.
so, What to do?
Plugin Author
AITpro
(@aitpro)
Well I’m not sure what is breaking BPS Security Logging. If BPS Security Logging is not being broken by something on your website (another plugin, etc) then your web host server is breaking BPS Security Logging. So you could install a new test WordPress site and only install the BPS plugin and see if the same problem occurs or not.
If the same problem does NOT occur on your test WordPress site then something on your other Live site is breaking BPS Security Logging.
If the same problem DOES occur on your test WordPress site then something on your web host server is breaking BPS Security Logging.
-
This reply was modified 6 years, 12 months ago by AITpro.
Plugin Author
AITpro
(@aitpro)
Or of course you can just turn off BPS Security Logging since something on your website (another plugin, etc.) or your web host server is breaking BPS Security Logging. π
Thread Starter
Anonymous User 9269003
(@anonymized-9269003)
The Mobile Support Setting in WP Super Cache is deactivated and weird logs has been stopped.
It may be wrong Mobile Support Setting setup, which caused the problem.
Not sure yet, but probably.