Log report explanation

  • Resolved useramina

    (@useramina)


    6 years, 4 months ago

    Hi,
    I’ve newly installed the stop spammers plugin and when I checked its log report to see the blocked users and the users who were allowed to submit the contact form I didn’t understand the report because there are lots of unclear resons:
    1)SFS last seen=2019-12-21, frequency=2032
    2)Author Too Long: \\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\
    3)Bad Cache: 188.213.49.212
    4)404 on Exploit Attempt /uploadify/uploadify.php?folder=/ uploadify/uploadify.php

    so how can I know what does these reasons mean and if this user was actully allowed to contact me or was blocked and detected as a spammer?

    thanks.

Viewing 1 replies (of 1 total)
  • Trumani

    (@trumani)

    6 years, 4 months ago

    Hi @useramina,

    Thank you for your questions! I am thinking it would be helpful to have tooltips or links back to the explanation of the reason. I will look into that. In the meantime, here’s an answer for the ones you have listed:

    1. Checking the IP address against the StopForumSpam service. You can disable this option from this screen: /wp-admin/admin.php?page=ss_webservices_settings
    2. A long name or email is often the sign of a spammer. The option blocks anything over 64 characters. That name you reference is 76 characters long. You can disable the “Check for Long Emails, Author Name, or Password” option from this page: /wp-admin/admin.php?page=ss_options
    3. A rejected IP address that has been stored in the cache. It’s not recommended, but you can disable (add it to block list, allow, discard) from this screen: /wp-admin/admin.php?page=ss_cache. I recommend searching StopForumSpam to see if it’s on their list and if so, adding the IP address to your block list.
    4. A bot tried to exploit your site through the file you referenced and was therefore added to the block list. It’s not recommended, you can disable the “Deny 404 Exploit Probing” from this screen: /wp-admin/admin.php?page=ss_cache

    Scenarios 1,2, and 4 are almost certainly bots. 3 could be a bot or real user. But if you have the “Allow Users to Add to the Allow Request List” option enabled, real users can send you an email to be granted access if they are mistakenly seen as bots.

    Kind regards,

    Ryan

Viewing 1 replies (of 1 total)

The topic ‘Log report explanation’ is closed to new replies.