understanding security log data

  • My site recently underwent a brute force attack. When I finally got back online, I installed iThemes Security.

    I also upgraded to the latest stable version of WP.

    I have managed to resolve a number of the 404s that were caused by old coding but there are still a few 404s listed in the security log data section.

    The ones like `/my-wordpress/comment-page-1/
    ` with IPs from China or Russia do not concern me (or rather, they do but not in the same way).

    It’s the 404 error URLs like: /my-wordpress/title-on-post/br
    and /my-wordpress/2006/onsiet-folder-outside-wp/pages/moreinfofile.html that are giving me grief. The host IP listed on those is mine (I think…). I’m guessing that these are my errors and can be easily fixed.

    There is nothing at all listed in the “details” column. How do I find where the errors actually are?

    I hope this makes sense. Thank you for any light you can shed.

    E Morris

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 6 replies - 1 through 6 (of 6 total)

  • How about scanning your site with: https://www.brokenlinkcheck.com

    Thread Starter ejm

    (@llizard)

    Good idea, Barnez. I’ll try that.

    Thread Starter ejm

    (@llizard)

    Scanning the site helped somewhat. But I’m guessing that iThemes Security is causing 500 errors for any redirects from default permalinks to named permalinks

    There are still 404 errors appearing in the iThemes Security log that I cannot tell have been caused by my error or not. The IPs trying to access the files are generally benign.

    /myWPfolder/2006/05/recipes/photopages/breaddough.html

    I’ve tried to find these errors on my WP but do not know where to look (aside from going to that page and not finding the offending link).

    Another 404 that really confuses me is this one:

    /myWPfolder/2014/12/

    Of course, there are no entries for December yet. So, am I correct to assume that there is nothing I can do about this?

    Thank you for any help you can offer.

    -E Morris (Since starting this thread, I have updated from WP4.0 to WP4.01)

    Sounds strange. If you have checked on the site and with the link checker that there is nothing on-page generating those dead links, then maybe this is random urls being targeted at your site rather than anything being wrong specifically with your embedded site links.

    Maybe it would be worth installing the redirection plugin. This would give you a second opinion on the 404 errors that iThemes is logging, and the opportunity to redirect any genuine 404s you think might be affecting your SEO.

    Thread Starter ejm

    (@llizard)

    Please excuse the delay in replying. Thank you, Barnez. I do know that there are still some tenacious bots that won’t give up. I’ll try adding the plugin and hope it works.

    Thread Starter ejm

    (@llizard)

    Over the course of the last few months, I have struggled with finding exactly where some of these errors are and have blundered onto them. It turns out that many were from my misunderstanding of cite= on blockquotes in my early posts (I didn’t always know that cite was for URLs rather than the name of the author or book being cited…).

    However, I’m still seeing a number of 404s that don’t make any sense. They are coming from plugins that have been deleted. This is an example of one of them:

    ../wp-content/plugins/event-calendar/ec_load.gif

    As far as I know I have removed all instances of anything to do with the event-calendar.

    Other removed plugins also seem to be generating 404s.

    Any ideas?

    -E Morris – since first posting this question, I have upgraded WP to 4.3.1 and of course, iThemes Security plugin is also at the most recent level

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘understanding security log data’ is closed to new replies.