Question about the Logs

  • Resolved IslandWoman

    (@islandwoman)


    8 years, 7 months ago

    This Morning I noticed an entry in the logs like this:
    ==================================================================
    July 22, 2016 5:46 am system 50.62.110.1 WordPress version detected 4.5.3
    ==================================================================
    ‘system’ appears under the username culumn. Normally the ip address after the system in the log entry is 127.0.0.1

    Can I get a clarification on what July 22, 2016 5:46 am entry points to?

    Thank you in advance.

    IW

    https://www.ads-software.com/plugins/sucuri-scanner/

Viewing 2 replies - 1 through 2 (of 2 total)

  • Most of the events reported by the plugin are triggered by an action started by an user account or by a website visitor. However, there are times when the plugin detects the execution of an action that is triggered by WordPress itself, this is, during an automatic update of the core files, a plugin, or a theme.

    When the plugin is installed for the first time it reports the version number of the installation for future references, if the number changes in the future it reports it again. Considering that the report is sent by the plugin itself, without human interaction (because this is part of an automatic scheduled task) it displays “system” as the username, and the IP address “127.0.0.1” which is technically called a “loopback” [1] the address refers to the network node pointing to the same computer.

    For short, this is not a malicious report.

    [1] https://en.wikipedia.org/wiki/Localhost

    Thread Starter IslandWoman

    (@islandwoman)

    Hi Yorman,

    Thank you for the reply.

    IW

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Question about the Logs’ is closed to new replies.