Security How To

Traffic Inspector and logging how to


Quick recipes for Cerber Security Traffic Inspector.

How to disable traffic logging

To completely turn off the logging:  go to the Traffic Inspector page, click the Settings tab and set Logging mode to Logging disabled.

How to disable Traffic Inspector

To completely turn off the inspection go to the Traffic Inspector Settings page and disable Enable traffic inspection. Note: it’s not recommended. If you come across some issue with some php script, use the Request whitelist setting as described below.

How to exclude passwords and other sensitive information from logging

The Cerber Security plugin always masks the password field on the default WordPress login form and the following form fields: ‘pwd’, ‘pass’, ‘password’. If you’ve enabled saving form fields to the log (Save request fields is enabled) and you use a plugin that generates a login form like some membership or pop-up login form plugins do, you have to add the name of the password form field(s) to the Mask these form fields field on the Traffic Inspector settings page. To specify multiple fields use comma to separate items.

Before saving to the WordPress DB these fields are filled with asterisks symbol and sensitive data are not saved. That prevents user passwords from compromising in case of any data leaking.

How to exclude a request from inspection

Use the Request whitelist setting which is located on the Traffic Inspector Settings admin page. To exclude a particular request from inspection specify a request string without the website domain and query string (GET parameters). In other words, you need to take a part of the URL that starts right after the domain name and ends on a question mark if it’s present.

Take a look at this example. You need to exclude from inspection all requests with legitimate URL like this: https://wpcerber.com/some-path/some-script.php?do=action. In the Request whitelist setting you need to specify the following string: /some-path/some-script.php

Alternatively, you can exclude all requests from a specific IP by adding it to the White Access list.

How to delete all Traffic Inspector log records

To completely delete all Traffic Inspector log records you need to manually clean up just one table in the WordPress DB. That’s easy. Go to the Cerber Security Tools admin page and click the Diagnostic tab. In the Database info section find the following title: Table: cerber_traffic, rows: xxxx. Click the Delete all rows button next to it. Note: this operation cannot be rolled back.

Last posts from WordPress security blog


I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments
There are currently no comments.