kjc041056

Great – look forward to it !

Thanks for looking at this. It would have been a nice feature to have. WP Cerber does list the name of unattended files that are added or altered, as I have verified with testing. That is a useful feature. For deleted files, I do see that the total file count has gone down correspondingly, so that is an indicator of deletion.

Hello – no not deleted by WP Cerber.

Situation is that we have found that after a major or minor upgrade of WordPress, a key file for Mediavine that is stored in the root directory is somehow deleted. Not sure how and that is the subject of another investigation.

When I run a full scan, I see that the number of files has been decremented by 1. But WP Cerber does not list the deleted file name. Conversely, If I add or modify a file, WP Cerber does list the file name – which is good. We have 40,000 plus files so knowing which file is deleted would be helpful.

This ticket is to ask if WP Cerber can list any files deleted between Full Scans ?.

Hope that makes sense.

Thanks,
Keith.

Having researched this more, clearly it seems that our hosted WordPress IP address has somehow been made public. This means that the proxy/security features of Cloudflare can be bypassed. I can blacklist offending IP addresses in WP Cerber and also I can block IP addresses in our hosting – BigScoots. But this is reactive and not proactive as I can only do this after the intrusion. Many of the requests get rejected with a 403 or 404. But not all – some suspicious PHP debug requests get a 200 response. Currently I am blocking all offending IP addresses.

By the way – very happy with WP Cerber. We upgraded to a Pro license today.

Pierre – I remembered something that may be a factor. We use Jetpack and the setting “Allow users to log into this site using WordPress.com accounts” was in use. I am not sure if this was a factor but it had been set some years ago and it is not a feature we want to use going forward. Without really being clear on what it was doing, my wife had been using it when logging in. I did not however use it.
So now that is disabled plus we have a new session duration set and all seems to be working fine.

Thanks,
Keith.

• This reply was modified 4 years, 1 month ago by kjc041056.

Thanks for getting back to me. I have temporarily stopped working on this due to other issues but intend to get back next week.

This will be the first CSP I have developed, so I am still in learning mode. We are hosted on BigScoots which uses NGINX. Are there any specific considerations I should be aware of ?. I believe that the CSP is not stored in the htaccess file but in NGINX config files ???

Thanks,
Keith.

Hello Pierre,
Thanks for your reply. After I posted the support request, I cleared out all of the old sessions and as you suggest, logged out of the active sessions and back in. We now have a small set of sessions that are in use on our various devices. I also now see that not logging out of a session but just closing the browser window leads to dormant sessions being left without practical use.

I have also increased cookie duration to 28 days and that is working OK. Going forward and with your plugin, I intend to track sessions more closely. I like the fact that the active session for a login blinks.

The 365 day sessions have now all gone. There were two and I cannot see how they were set that way. As you say, it could be another Plugin but I have not found it yet. If I do, I will let you know.

Thanks,
Keith.

• This reply was modified 4 years, 1 month ago by kjc041056.