Title: Security log question Last modified: August 21, 2016 --- # Security log question * Resolved [wpconvert](https://wordpress.org/support/users/wpconvert/) * (@wpconvert) * [12 years, 7 months ago](https://wordpress.org/support/topic/security-log-question/) * Hi AITpro. * Just a query regarding my security log entries. The log is getting full of these kinds of entries: * ``` REMOTE_ADDR: 192.99.6.109 Host Name: ns4010158.ip-192-99-6.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 192.99.6.109 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.mysite.com/ REQUEST_URI: /?x=0&y=0&s=Search+in+site... QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1 REMOTE_ADDR: 27.150.210.56 Host Name: 27.150.210.56 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 27.150.210.56 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.mysite.com/wp-signup.php REQUEST_URI: /?x=0&y=0&s=Search+in+site... QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1 ``` * Note the request URI: /?x=0&y=0&s=Search+in+site… It’s clear that I don’t want this kind of traffic – looks dodgy to me? * I do seem to be getting a significant number of failed login entries (as reported by better WP Security – sorry, I don’t use Bulletproof for that at this point). 100’s a day now… * Have you seen this before? Should I just block the IP’s in .htaccess file? * Thanks * [http://wordpress.org/plugins/bulletproof-security/](http://wordpress.org/plugins/bulletproof-security/) Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 7 months ago](https://wordpress.org/support/topic/security-log-question/#post-4311346) * Yes, the Query String is dodgy / not legit. * [http://www.stopforumspam.com/search](http://www.stopforumspam.com/search) * 192.99.6.109 – known Canadian Spammer 27.150.210.56 – known Chinese Spammer * Blocking IP addresses is not a practical or smart approach to handling spammers. We spent months researching this and came to the conclusion that the most effective method to handle spammers is to use a CAPTCHA. We created JTC Anti-Spam / Anti- Hacker in BPS Pro to stop spammers. I believe the best free plugin for this is the SI CAPTCHA Anti-Spam plugin. * I can’t really offer any help regarding Better WP Security since we do not use it. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 7 months ago](https://wordpress.org/support/topic/security-log-question/#post-4311347) * Also since the Spammers are already being blocked and logged in the Security Log then you really do not need to do anything else. BPS is just letting you know that these spammers were already blocked. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 6 months ago](https://wordpress.org/support/topic/security-log-question/#post-4311453) * I assume this answered all questions. Resolving. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Security log question’ is closed to new replies. * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938) * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/) * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/) * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/) ## Tags * [security log](https://wordpress.org/support/topic-tag/security-log/) * 3 replies * 2 participants * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/) * Last activity: [12 years, 6 months ago](https://wordpress.org/support/topic/security-log-question/#post-4311453) * Status: resolved