BPS Security log

The Email Alerting & Log File Options Form is identical on the Login Security, Security Log & DB Backup Log pages in BPS free. You can change and save your email alerting and log file options on any of these pages.

What is normal is that BPS will automatically zip and email log files to you based on your saved setting choices: size setting (256KB, 500KB 1MB), Email Log & Then Delete Log File or Delete Log File.

I am not sure why the zip files were not attached in the 5 emails during the 8 hour period, but zip files that are sent to you from your own website are safe to open.

Thank you for your response.
Anyway it’s strange I didn’t receive any email from BPS (or my website) in several months and today “something changed” (I didn’t do any changes or upgrades to my website in the last 6 days) and I received several e-mails.

Making some logical guesses:

Maybe another plugin or theme that does something with emailing is interfering with the BPS automated emails?

Maybe a pre-existing problem with emailing existed before and now no longer exists. Could have been a host server configuration issue or maybe another plugin or theme that you have installed on your site.

Maybe your website is under a large scale Brute Force attack. Typically what we see during large scale Brute Force attacks are these things:
Brute Force attacks can last for a few hours up to a few days.
Depending on the scale of the attack the Security Log file can reach 500KB in minutes or an hour.
Security Log zip files will be emailed with the zipped Security Log file every hour until the Brute Force attack stops.

As far as BPS code and automatic emailing functionality goes it has been the same for at least a year and probably more so the issue/problem would not be due to anything being done differently or something that changed in the current versions of BPS.

BPS automated zipping and emailing uses WordPress Crons so if Crons were previously not working and are now working that would explain why you are now getting emails. It still does not explain why the zip file was not attached in some emails. Logically if the zip file is too large (host’s maximum size limit for email attachments) to be attached to an email by your host mail server then it will not be attached to the email.

29 Kb zip file…
Thank you.

Yes. That is correct. 500KB zipped is around 29KB.

Now here is a logical guess, but I have no way of knowing whether it is correct or not or if the issue had anything at all to do with this guess. Let’s say your site was being attacked at a rate where the log file reached an extremely large size within 1 hour and the size of the zipped log file exceeded your host mail attachment limitation. A zip file would not be attached and BPS would automatically delete and replace the Security Log file. This is a built-in safeguard that needs to happen otherwise having a Security Log file that is extremely large will cause website performance problems so BPS assumes that either something is not working correctly on your website or mail is not setup correctly or working correctly or something is interfering with emails or the log file is too large to zip and send or other miscellaneous problems are occurring on your website. The most important thing is that if things are not working correctly on your site then instead of creating another problem BPS takes the correct necessary action to avoid creating a problem.

Example hypothetical scenario:
Host mail server email attachment size limitation of 20MB.
Site under attack for 8 hours.
BPS Cron automated zip and email checks and sends emails and log file attachments once per hour based on your option settings.
Blocked attacks were being logged in your Security Log in excess of 20MB per hour.
Due to the host mail server size limitation/restriction of 20MB email attachment the zip files would not be allowed to be attached to emails by your host mail server.
BPS would then take the correct action to prevent a problem from occurring – automatically delete and replace the Security Log file to prevent it from continuing to grow excessively large.
The email you recieved with a zip attachment would have been the end of the attack and the log file size was under the size limitation/restriction for email attachments that your host mail server has.

Just some general FYI info to give you a general idea about Brute Force Login Attacks.
We see Brute Force Login attacks on average on our forum site about every other day.
small scale attack: 4 login attempts per second|240 per minute|negative impact:none.
larger scale attacks: 40 login attempts per second|2,400 per minute|negative impact:none.

Assuming all questions have been answered – thread has been resolved. If you have additional questions about this specific thread topic then you can post them at any time.

Thread Start Date: 3-2-2015 to 3-3-2015
Thread Resolved/Current Date: 3-9-2015