Log only security related activity.

  • Resolved Sean

    (@sean-h)


    1 year, 4 months ago

    In my (our) never ending quest for performance enhancements, while maintaining security, will there soon be a possibility to choose to log only security related activity, such as attempted/successful logins, bot traffic, etc etc, as logging/writing every single hit to the database will cause performance issues on high traffic sites, which is why you say to turn it all off on such, but then that kinda defeats the object of the plugin.

    Something similar to what Wordfence offers. They recommend to set it (WF) to log only security related traffic, on any type of site, otherwise they have their real-time live traffic monitoring which should only really be used when there is a suspected attack, in other words, you should not leave your browser window open too long on a busy site once you have the info you need.

    No, I don’t use Wordfence, anymore, but I am hoping you could implement similar logging features in SG Sec. Other than that, I can’t really think of anything else I’d like to see at the moment.

    • This topic was modified 1 year, 4 months ago by Sean. Reason: Added more
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support daniellaivanova

    (@daniellaivanova)

    Hello @sean-h,

    Thank you for your feedback and for the suggestion. I have already passed it to the plugin developers so they can consider adding it to one of the upcoming versions of the plugin.

    Best regards,
    Daniela Ivanova

    Thread Starter Sean

    (@sean-h)

    Hi @daniellaivanova,

    Just one, or maybe 3 more questions. How can I delete all data? What if I drop the 2 tables? Will they just be re-created, then start collecting from scratch?

    Edit: I just answered my own question while writing this.

    I tried it, on a staging site. This staging site was created from a live site with SG Sec activity enabled, so naturally all that (12 days worth of) data came with. However, I thought I’d like to clear all that data from the staging database, but considering cron doesn’t run on staging, even if I set it to 1 day, the other 11 days won’t be cleared. No new data is being or needs to be collected on a staging site, if it is url protected.

    So, I dropped both tables, sgs_log_events and sgs_log_visitors, and while the plugin did initially freak out and showed me a red warning banner about the WordPress API, simply deactivating and re-activating the plugin re-created the database tables, and gained me a few extra MB’s.

    Pointless endeavour? Maybe, but just thought to put this out there in case anyone else is considering what I just did. Unless the authors can consider a ‘clear all data’ tab?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Log only security related activity.’ is closed to new replies.