Traffic Inspector and logging how to
Quick recipes for Cerber Security Traffic Inspector.
How to disable traffic logging
To completely turn off the logging: go to the Traffic Inspector page, click the Settings tab and set Logging mode to Logging disabled.
How to disable Traffic Inspector
To completely turn off the inspection go to the Traffic Inspector Settings page and disable Enable traffic inspection. Note: it’s not recommended. If you come across some issue with some php script, use the Request whitelist setting as described below.
How to exclude passwords and other sensitive information from logging
The Cerber Security plugin always masks the password field on the default WordPress login form and the following form fields: ‘pwd’, ‘pass’, ‘password’. If you’ve enabled saving form fields to the log (Save request fields is enabled) and you use a plugin that generates a login form like some membership or pop-up login form plugins do, you have to add the name of the password form field(s) to the Mask these form fields field on the Traffic Inspector settings page. To specify multiple fields use comma to separate items.
Before saving to the WordPress DB these fields are filled with asterisks symbol and sensitive data are not saved. That prevents user passwords from compromising in case of any data leaking.
How to exclude a request from inspection
Use the Request whitelist setting which is located on the Traffic Inspector Settings admin page. To exclude a particular request from inspection specify a request string without the website domain and query string (GET parameters). In other words, you need to take a part of the URL that starts right after the domain name and ends on a question mark if it’s present.
Take a look at this example. You need to exclude from inspection all requests with legitimate URL like this:
https://wpcerber.com/some-path/some-script.php?do=action. In the Request whitelist setting you need to specify the following string:
Alternatively, you can exclude all requests from a specific IP by adding it to the White Access list.
How to delete all Traffic Inspector log records
To completely delete all Traffic Inspector log records you need to manually clean up just one table in the WordPress DB. That’s easy. Go to the Cerber Security Tools admin page and click the Diagnostic tab. In the Database info section find the following title: Table: cerber_traffic, rows: xxxx. Click the Delete all rows button next to it. Note: this operation cannot be rolled back.
Last posts from WordPress security blog
- How to clean up activity and live traffic logs February 16, 2018
- How to protect WordPress against CVE-2018-6389 DoS attacks February 11, 2018
- WP Cerber Security 6.2 February 7, 2018
- Traffic Inspector and logging how to February 5, 2018
- Development version 6.1.3 February 1, 2018