How to Decipher Sucuri Security Alerts

  • Resolved riverofwind

    (@riverofwind)


    6 years, 8 months ago

    Is there anywhere I can learn how to make sense of the security alerts sent by Sucuri Security? For example:
    Message: Jp_sitemap status has been changed; details: ID: 2151,Old status: new,New status: draft,Title: sitemap-1.xml
    Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

  • There is no documentation at the moment.

    I will pass your inquiry as a feature request to my project manager. Building a database of changes that can be correlated against these alerts to have a better understanding of what is happening. I will work on this feature if they agree to implement it, but be aware that this will take a lot of time because there are many post-types, and they can change without previous notice, the database will be huge and will be outdated most of the time.

    For now, I will answer your question…

    The post-type jp_sitemap seems to be used by JetPack to store the content of your website XML map [1] and because the data is stored in the same table as the WordPress posts, every modification is reported the same way. These changes include, new entries in the sitemap, entries being marked as draft, entries being marked as published, entries being marked as trashed, entries being marked as deleted and so on.

    You can opt-out from receiving these alerts using the “Alert Settings” section located in the alerts panel found in the plugin’ settings page. There you will find all the post-types registered by the plugins installed in your website, you can disable and enable one or more of them at any time.

    [1] https://en.wikipedia.org/wiki/Site_map

    Thread Starter riverofwind

    (@riverofwind)

    One more question – I’ve been looking for a solution that would notify me if my website’s pages or other content has changed, in case I get hacked and malicious content is put on the website in which case I need to be notified. Does Sucuri monitor such changes?

    Yes, there is an option in the settings page called “Receive email alerts for changes in the post status”. Once enabled, you can configure which changes you want to receive alerts about using the panel “Ignore Posts Changes” located in the same page.

    Currently, the plugin reports the changes in the post. I have an item in my TODO list to implement a diff checker to report the differences between the old and new content the same way the WordPress integrity checker works. This feature will be released in the next version of the plugin.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘How to Decipher Sucuri Security Alerts’ is closed to new replies.