Rejestrowanie ruchu dla WordPress
WP Cerber’s Traffic Inspector not only analyzes and blocks suspicious HTTP requests but also can optionally log them with request details, enabling you to inspect them manually. It uses a thoroughly designed high-performance logging engine. All logged requests are displayed on the Live Traffic page.
The logging settings are located on the Traffic Inspector settings page.
The most optimal and recommended logging mode is Smart.
What requests are logged when the Smart logging mode is enabled?
- All logged in (authorized) users requests
- If a particular activity has been detected and logged to the Activity log.
- Requests with non-default, WordPress GET parameters
- Form submissions (POST requests)
- XML-RPC and REST API requests
- Any request that generates an error HTTP code (400 and higher)
- Search requests
- Requests to a PHP script that doesn’t exist or loads the WP environment programmatically.
Note: the plugin doesn’t log standard admin dashboard requests including scheduled tasks (/wp-cron.php) and AJAX requests (/wp-admin/admin-ajax.php).
Is it possible that the logging slows down website performance? In rare circumstances, it’s possible on a free hosting with limited resources if the logging All traffic and Saving requests fields are enabled, Ignore search engine crawlers is disabled.
How to exclude passwords and other sensitive information from being logged
The Cerber Security plugin always masks the password field on the default WordPress login form and the following form fields: ‘pwd’, ‘pass’, ‘password’.
If you’ve enabled saving form fields to the log (Save request fields is enabled) and you use a plugin that generates a login form like some membership or pop-up login form plugins do, you should add the name of the password form field to the Mask these form fields field. Otherwise, passwords will be saved to the website database in unencrypted form. To specify multiple form fields, use commas to separate items.
Before saving to the WordPress DB all specified fields are filled with asterisks symbol ( masked) and so sensitive data are not saved. That prevents user passwords or any other sensitive data from compromising in case of any data leakage.
How to delete all log records
To completely delete all Traffic Inspector log records, follow this guide: Clearing Activity and Live Traffic Logs
Read also: Managing Log Tables for a Healthy WordPress Database
How to be in compliance with data privacy laws
The features below give you full control of personal data if it was logged by WP Cerber and help your organization to be in compliance with data privacy laws such as GDPR in Europe or CCPA in California.
Exporting personal data
Deleting personal data
Have any questions?
If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered here: G2.COM/WPCerber.
WP Cerber Security 8.6.3
Co to jest RID i jak z niego korzystać
I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.