New status: auto-draft

  • Resolved Sam Kent

    (@oxocube)


    7 years, 5 months ago

    I have notifications switched on for when admin or an editor posts anything new or makes any changes.

    Today an editor on one of my sites created a new post. I received the following via email which I would normally expect:

    Event: Post Update
    Website: https://www.domain.com
    RemoveAddr: 00.000.000.000
    Date/Time: 27th June 2017 6:25 pm
    User: Editor (Editor)

    Message: Productions status has been changed; details: ID: 538,Old status: new,New status: auto-draft,Title: Auto Draft

    I then received the following email which I was not expecting:

    Event: Post Update
    Website: https://www.domain.com
    RemoveAddr: 00.000.0.000
    Date/Time: 27th June 2017 7:18 pm
    User: Admin (Admin)

    Message: Post status has been changed; details: ID: 539,Old status: new,New status: auto-draft,Title: Auto Draft

    The second email has worried me because it has come from the admin account. I did not action this. It also reads “Post status” (instead of productions status) and has a different ID.

    I noticed that you upgraded the plugin today. Is the admin email I’ve received related to the new post that the editor has posted or is this a separate alert which I should investigate further?

    It’s also worth noting that when I go to the posts within WP admin (https://www.domain.com/wp-admin/post.php?post=539&action=edit), the posts are completely blank.

    • This topic was modified 7 years, 5 months ago by Sam Kent.
    • This topic was modified 7 years, 5 months ago by Sam Kent.
Viewing 6 replies - 1 through 6 (of 6 total)

  • Similar. I have a new small site with only 3 posts, no drafta. Yet I got the same Auto Draft email as mentioned above. Just logged in to the site and no evidence of anything unusual in posts.
    —-

    I have also been getting similar Sucuri emails for one of my well established sites although these are concerned with sitemaps

    Event: Emailsubject.post_update
    Website: https://ocad.com.au
    IP Address: 101.0.113.164
    Alert Time: 27 June 2017 12:17

    Notification: Jp_sitemap status has been changed; details: ID: 4106,Old status: draft,New status: draft,Title: sitemap-1.xml

    Coincidentally, I am unable to login to that site (times out for the last 15 hours so far) and the reputable hoster is so far unable to determine the reason. Yet I can visit the wiste no problem.

    The message that @oxocube received looks okay to me because the old status is different than the new status, we could blame WordPress for being so verbose with the way they save temporary changes in a post as a draft and then convert to other status when you hit the publish button.

    The message that @kennythemap received is the one with the bug, we notice that the old status is the same as the new status. We addressed this issue with an update a couple of minutes ago, you can see the commit here [1].

    It is difficult to determine if a modification in the post is dangerous or not, that is why we just send an alert instead of a warning because it is up to the user to decide if the suspicious change is legitimate. I have marked other tickets like this as resolved, but will leave this one open while I discuss with the Sucuri development team ways to improve the detection of changes in the posts.

    [1] https://github.com/cixtor/sucuri-wordpress-plugin/commit/c22cea2#diff-4ce5a29e1ad2ae18118fee2a2cb99462

    Update; My last ‘auto draft’ message was 28 June 1124 Aus EST so it seems to have stopped.
    However am still receiving the ‘sitemap’ messages as advised above although now also from another of my 3 sites.

    btw the login issue came right the same day as the auto draft issue disappeared. Although the host could not determine the cause I rather think it was coincidence that the auto draft issue occurred just during that that time.

    Hello @oxocube@kennythemap I have implemented an option to allow you to disable the email alerts for specific post transitions, so you can force the plugin to stop sending the alerts when the post status changes from “draft” to “publish”, from “private” to “trash”, etc.

    Here is the commit [1] it hasn’t been merged to upstream but you are free to download the alpha version of the code from here [2]. You can find the option in the “Post-Type Alerts” section of the “Alerts” panel in the plugin’ settings page. Notice that the plugin will keep reporting these changes to the API for security reasons, you will just not receive the email alerts.

    I will mark this as resolved, feel free to re-open if you need more information.

    [1] https://github.com/cixtor/sucuri-wordpress-plugin/commit/1699714
    [2] https://github.com/cixtor/sucuri-wordpress-plugin/archive/master.zip

    Thank you @yorman, much appreciated. I’m not into code at that level so will await the plugin update.

    Regards, Kenny

    Hello,

    I received an email about success login which is normal, one minute later I got another email with:

    Event: Post Update
    Website: https://www.b.com
    IP Address: 1.1.1.1
    Date/Time: July 4, 2017 10:57 pm
    User: b(a)

    Message: Post status has been changed; details: ID: 1270,Old status: new,New status: auto-draft,Title: Auto Draft

    But, I didn’t updated anything. Also nothing as ID 1270 doesn’t exist in the database.

    What is going on?

    Thanks,
    Boris

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘New status: auto-draft’ is closed to new replies.