Jeepers Peepers: WP Syslog
详情介绍:
- Content:
wp_die()triggered; - Content: attachment deleted;
- Content: attachment sideloaded;
- Content: attachment uploaded;
- Content: post deleted;
- Content: post published;
- Network: GET, HEAD, POST, etc., requests;
- Plugin: activated;
- Plugin: deactivated;
- Plugin: upgraded;
- User: deleted;
- User: login banned (via Apocalypse Meow);
- User: login failed;
- User: login succeeded;
- User: new user;
- User: password reset;
- UTC timestamp;
- Severity level;
- User IP address (or
127.0.0.1if automated); - Logged in username (if applicable);
- Event message;
WordPressAudit 2017-05-24 16:35:45 [warning] yourdomain.com 68.256.55.123 "tiffany" "Deactivated plugin: look-see-security-scanner"
安装:
jeepers-peepers folder to your plugins directory via FTP.
To install this plugin as Must-Use, download, extract, and upload the jeepers-peepers folder to your mu-plugins directory via FTP. Please note: MU Plugins are removed from the usual update-checking process, so you will need to handle future updates manually.常见问题:
Is this compatible with Multi-Site?
Sorry, no. This plugin can only be added to standard (single-site) WordPress installations.
The log isn't updating...
- Make sure the log file exists. The default location is
/var/log/wordpress/{YOUR_SITE_DOMAIN}.log, but this can be overridden by defining a constant in yourwp-config.phpfile (see the relevant FAQ section below). - Make sure WordPress/PHP can reach the file. For PHP sites with
open_basedirrestrictions, this means whitelisting the path to the log file. If the hosting environment is chrooted or jailed, the log location will need to be within the same boundaries. - Make sure the log file's ownership/permissions allow PHP to write changes to it. This varies by environment, but a good place to start is assigning the same owner:group to the log file used by your WordPress files.
Does this require any theme or config changes?
By default, the log is written to /var/log/wordpress/{YOUR_SITE_DOMAIN}.log. If this path exists and works for you, then no, logging will happen without any intervention.
To modify the default behavior, you will need to define a couple constants in your wp-config.php file. See the relevant FAQ section below.
List of configuration constants
The following constants can be defined in your wp-config.php file to override the default behaviors.
- (string) BLOBAUDIT_SITE_URL Your site's domain, for logging purposes. By default, this will be your site's domain name, lowercased, and without a leading
www.subdomain. - (string) BLOBAUDIT_LOG_PATH The absolute path to the log file. Default:
/var/log/wordpress/{YOUR_SITE_DOMAIN}.log - (bool) BLOBAUDIT_LOG_UTC Record datetimes in UTC rather than the site's timezone. Default:
true
Logging custom events
The plugin includes action callbacks you can trigger in your code to record a custom event.
// In order of severity... do_action('syslog_debug', $message, $internal); do_action('syslog_notice', $message, $internal); do_action('syslog_info', $message, $internal); do_action('syslog_warning', $message, $internal); do_action('syslog_error', $message, $internal); do_action('syslog_critical', $message, $internal);
All actions accept the following:
- (string) $message The event message.
- (bool) (optional) $internal Prefix the severity with an
@to mark it as "internal". Default:FALSE
更新日志:
- [New]
BLOBAUDIT_LOG_UTCconstant for toggling between UTC/site-time for event dates.
- [New] Log network requests.
- [Improve] Minor code optimizations.
- [New] Add privacy policy hook for GDPR compliance.
- [New] Initial launch!