Hi everyone keeping in WordPress security log is a great tool to identify and stop an attack you can also use it to identify and assess the damage after a breach and they can also aid you in cleaning your site after a hack in this video we’re going to cover four types of activity you should record in your security.
Logs and how they can help you secure.
Your site the easiest way to start a security along is to install a wordpress security plugin like a theme security Pro that will automatically track your site.
And user activity the first thing you’ll want to record is brute force activity brute force attacks refer to the trial and error method used to discover usernames and passwords in order to hack into a.
Website WordPress doesn’t track any user login activity so there isn’t anything built into WordPress to protect you from a brute force attack it is up to you to monitor your login security to protect your site you’ll need to record the username and IEP that is attempting to log in and whether or not the.
Logon was successful if you see a single user name or IP that has consecutive failed login attempts the chances are you’re under brute-force attack now that you can spot a brute-force attack you can take action and stop the attacker from making any more login attempts you should also keep track of any file changes that occur on your site so you can identify any unexpected changes there are several legitimate reasons you would see a new file change activity in your log if you see a.
Change made to a plug-in at the same time that you updated a plug-in there’d be no reason to investigate but if the changes made were unexpected you should take the time to ensure the changes weren’t malicious if you spot an unexpected change.
To a plug-in you should download the latest version of the plug-in to compare with the modified version on your site you can easily compare the difference of the two files using your favorite text editor it’s not only important to run malware scans you should also be recording the results of every malware scan and your WordPress security logs.
Not recording failed scans could result and you thinking your site is being checked daily for malware but in reality you may have gone without a malware scan keeping a record of user activity in your WordPress security logs can be your saving grace after a successful attack if you.
Are monitoring the correct user activity and can guide you.
Through the timeline of a hack and show you everything the hacker change from adding new users to adding unwanted Pharma ads on your site the first type of user activity you should track is when a user logs in or out of your site and also from we’re monitoring time and location of a user’s logon can.
Help you spot a user that is compromised that user login at an unusual time or from a new place if so you may want to start your investigation with them if a user becomes compromised you’ll also want to know.
If they’ve added or removed any plugins or themes have they modified any existing posts or pages if so you’ll have a record of what you need to go and remove from your site as you can see your WordPress security logs can help you prevent attacks and if your site does become compromised the logs can be your guide to.
Identify the damage and age you and repairing your site I’m including a link in the description to a blog post that covers the same topic but in greater detail.
Don’t forget to subscribe to see more videos and tutorials about all things WordPress.