Authentication and xmlrpc log writer
Wordpress plugin
App Details
This plugin writes the log of failed access attempts (brute force attack) and invalids pingbacks requests ( by xmlrpc.php ). Very useful to process data via fail2ban.
You can activate the log for each pingback request feature and stop the user enumeration method (by redirecting to the home) with log.
If activated it remove the wordpress version number and meta generator in the head section of your site.
If activated it disable xmlrpc methods that require authentication, in order to avoid brute force attack by xmlrpc. Use this feature if you don’t need these xmlrpc methods.
If activated can kill multiple requests in a single xmlrpc call returning a 401 code on xmlrpc login error. This feature may be useful to prevent server overloading on brute force attack by xmlrpc.
You can also view your CUSTOM error log in the admin panel.
You can write error by
- SYSLOG
- APACHE ERROR_LOG
- CUSTOM a custom error log file (the used path need to be writable or APACHE ERROR LOG wil be used)
Log examples
-
SYSLOG
Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: Authentication failure on [`WORDPRESS_SITE_NAME`] for `USED_LOGIN` from `111.222.333.444` Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: Pingback error `IXR_ERROR_CODE` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: Pingback requested for `PINGBACK_URL` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: User enumeration attempt generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`
-
APACHE
[Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) Authentication failure on [`WORDPRESS_SITE_NAME`] for `USED_LOGIN` from `111.222.333.444`, referer: SITE_ADDRESS/wp-login.php [Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) Pingback error `IXR_ERROR_CODE` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`, referer: SITE_ADDRESS/xmlrpc.php [Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) Pingback requested for `PINGBACK_URL` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`, referer: SITE_ADDRESS/xmlrpc.php [Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) User enumeration attempt generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`
-
CUSTOM
[Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) Authentication failure on [`WORDPRESS_SITE_NAME`] for `USED_LOGIN` from `111.222.333.444` [Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) Pingback error `IXR_ERROR_CODE` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` [Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) Pingback requested for `PINGBACK_URL` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` [Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) User enumeration attempt generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`
fail2ban configuration
See the FAQ section
Log viewer
Log viewer is available only in CUSTOM mode. Note: the log path and the file must exist.
Localization
- English (default) – always included
- Italian – since 1.1.3 version
Translations
- English – default, always included
- Italiano – disponibile dalla versione 1.1.3
Note: Feel free to translate this plugin in your language. This is very important for all users worldwide. So please contribute your language to the plugin to make it even more useful. For translating I recommend the “Poedit Editor”.
Pricing
Starting from $0 per month.
App Info
Rating
Reviewers
1 reviews
Tags
Developed By
Federico Rota
Quick & Easy
Find the Best Wordpress plugins for you
Common Ninja has a large selection of powerful Wordpress plugins that are easy to use, fully customizable, mobile-friendly and rich with features — so be sure to check them out!
Testimonial
Testimonial plugins for Wordpress
Galleries
Galleries plugins for Wordpress
SEO
SEO plugins for Wordpress
Contact Form
Contact Form plugins for Wordpress
Forms
Forms plugins for Wordpress
Social Feeds
Social Feeds plugins for Wordpress
Social Sharing
Social Sharing plugins for Wordpress
Events Calendar
Events Calendar plugins for Wordpress
Sliders
Sliders plugins for Wordpress
Analytics
Analytics plugins for Wordpress
Reviews
Reviews plugins for Wordpress
Comments
Comments plugins for Wordpress
Portfolio
Portfolio plugins for Wordpress
Maps
Maps plugins for Wordpress
Security
Security plugins for Wordpress
Translation
Translation plugins for Wordpress
Ads
Ads plugins for Wordpress
Video Player
Video Player plugins for Wordpress
Music Player
Music Player plugins for Wordpress
Backup
Backup plugins for Wordpress
Privacy
Privacy plugins for Wordpress
Optimize
Optimize plugins for Wordpress
Chat
Chat plugins for Wordpress
Countdown
Countdown plugins for Wordpress
Email Marketing
Email Marketing plugins for Wordpress
Tabs
Tabs plugins for Wordpress
Membership
Membership plugins for Wordpress
popup
popup plugins for Wordpress
SiteMap
SiteMap plugins for Wordpress
Payment
Payment plugins for Wordpress
Coming Soon
Coming Soon plugins for Wordpress
Ecommerce
Ecommerce plugins for Wordpress
Customer Support
Customer Support plugins for Wordpress
Inventory
Inventory plugins for Wordpress
Video Player
Video Player plugins for Wordpress
Testimonials
Testimonials plugins for Wordpress
Tabs
Tabs plugins for Wordpress
Social Sharing
Social Sharing plugins for Wordpress
Social Feeds
Social Feeds plugins for Wordpress
Slider
Slider plugins for Wordpress
Reviews
Reviews plugins for Wordpress
Portfolio
Portfolio plugins for Wordpress
Membership
Membership plugins for Wordpress
Forms
Forms plugins for Wordpress
Events Calendar
Events Calendar plugins for Wordpress
Contact
Contact plugins for Wordpress
Comments
Comments plugins for Wordpress
Analytics
Analytics plugins for Wordpress
Common Ninja Apps
Some of the best Common Ninja plugins for Wordpress
Browse our extensive collection of compatible plugins, and easily embed them on any website, blog, online store, e-commerce platform, or site builder.
Contact Form
Use a contact form so visitors can send messages, submit inquiries, and help you collect leads and improve user experience.
Size Chart
Add a flexible size chart with visual guides and category tabs to help users choose accurate measurements while shopping.
Telegram Chat
Add Telegram Chat to your site to communicate with visitors, deliver instant support, and provide a smoother, more reliable user experience.
Email Subscription Form
Capture email leads with an email subscription form that collects addresses, saves entries, sends notifications, and helps grow your audience.
LinkedIn Feed Carousel
Show LinkedIn posts with a LinkedIn feed carousel that auto updates, presents content in a smooth layout, and keeps visitors engaged.
Pricing Slider
Use a pricing slider to show dynamic prices by quantity, help visitors compare options, and support confident purchases.
Etsy Reviews
Show Etsy reviews to build trust, strengthen credibility, and help visitors make confident purchase decisions that support higher sales.
Airbnb Reviews
Show Airbnb reviews to build trust, improve credibility, and help visitors make confident booking decisions that support higher property sales.
Wake Up Notifications
Use wake up notifications to re engage visitors with custom alerts that capture attention, boost interaction, and help increase conversions across your site.
AdBlocker Detector
Detect ad blockers on your site to maintain visibility into user behavior and support sustainable ad-based monetization.
Glossary
Create an interactive glossary that displays clear definitions, images, and search options to help visitors learn terms quickly and navigate complex topics with ease.
Feedback Form
Collect user insights with a feedback form that gathers valuable input, improves user experience, and helps you understand visitor needs more clearly.
More plugins
plugins You Might Like
Discover Apps By Platform
Discover the best apps for your website
Common Ninja Search Engine
The Common Ninja Search Engine platform helps website builders find the best site widgets, apps, plugins, tools, add-ons, and extensions! Compatible with all major website building platforms - big or small - and updated regularly, our Search Engine tool provides you with the business tools your site needs!
