WordPress Security How To

Traffic Inspector and logging how to

Quick recipes for Cerber Security Traffic Inspector.

How to disable traffic logging

To completely turn off the logging:  go to the Traffic Inspector page, click the Settings tab and set Logging mode to Logging disabled.

How to disable Traffic Inspector

To completely turn off the inspection go to the Traffic Inspector Settings page and disable Enable traffic inspection. Note: it’s not recommended. If you come across some an issue with some php script, use the Request whitelist setting as described below.

How to exclude passwords and other sensitive information from logging

The Cerber Security plugin always masks the password field on the default WordPress login form and the following form fields: ‘pwd’, ‘pass’, ‘password’. If you’ve enabled saving form fields to the log (Save request fields is enabled) and you use a plugin that generates a login form like some membership or pop-up login form plugins do, you have to add the name of the password form field(s) to the Mask these form fields field on the Traffic Inspector settings page. To specify multiple fields use comma to separate items.

Before saving to the WordPress DB these fields are filled with asterisks symbol and sensitive data are not saved. That prevents user passwords from compromising in case of any data leaking.

How to exclude specific requests from inspection

To exclude all requests to a specific URL from inspection, use the Request whitelist setting field that is located on the Traffic Inspector Settings admin page. You have to specify a request string without the website domain and query string (GET parameters). In other words, you need to take a part of the URL that starts right after the domain name and ends on a question mark if it’s present. You can specify as many exceptions (one per line) as you need.

Take a look at this example. You need to exclude from inspection all requests with a legitimate URL like this: https://wpcerber.com/some-path/some-script.php?do=action. In this case, you need to add the following string: /some-path/some-script.php

Request whitelist supports regular expressions, one pattern per line. To specify a REGEX pattern, enclose a whole line in two { } braces. For instance to exclude requests to any page with the .shtml extension use this string: {.+\.shtml$}

Note: to specify the slash / character in a REGEX expression, you need to escape it with a backslash \ this way: \/

Request whitelist in the WordPress dashboard

Request whitelist in the WordPress dashboard

How to exclude requests from specific IP addresses from inspection

You can exclude all requests from a specific IP or network by following these two steps:

  1. Enable Use White IP Access List in the Traffic Inspector settings.
  2. Add an IP address or a network to the White IP Access List.

How to delete all Traffic Inspector log records

To completely delete all Traffic Inspector log records you need to manually clean up just one table in the WordPress DB. That’s easy. Go to the Cerber Security Tools admin page and click the Diagnostic tab. In the Database Info section find the following title: Table: cerber_traffic, rows: xxxx. Click the Delete all rows button next to it. Note: this operation cannot be rolled back.

See also: Traffic Inspector in a nutshell

Last posts from WordPress security blog

I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments
There are currently no comments.