- Posts: 28
- Thank you received: 1
Do you really need this? You can see when the last integrity was launched from File integrity screen -> Integrity check summary:
There should be an option to download the latest hash database on demand and I should also be able to see when the last update occurred.
Yes, you're right. I added the "close" button but only during the session. i will check how to solve this.
the green and red message/alert about translations and the necessary pro version on remote websites go not away *permanently*. But they should once I clicked them away.
Yes, I designed the main page as a resume. I will try to show that info too.
Manage Websites list shows time of last contact and last backup, but not date of last integrity and permissions check. These are only in details, I should be able to view these in the overview. What does the time of last contact help me if I don't know when the checks actually ran? Could be months ago. I know there are restraints in showing all of that in the table, but if I look at the table there's enough space for improvements in width, so that you can show more details for single tasks.
I haven't found a secure way to do this yet; I'm still investigating how to add this feature.
I should be able to view *all* new firewall entries in a single list in pro center. e.g. list all new entries for *all* sites in one table. And once checked have a single button have them deleted remotely, all of them on all sites.
Well, alerts are not designed only to notify you about an attack. When you receive an attack the offensive IP is added to dynamic blacklist; this is, is blocked during a certain period of time. So you should add it to blacklist. Some customers of mine have 1000 log entries and don't pay attention to mails/alerts. I told them: "Ey, you should check your logs at least once per day".
Basically, I should be able to view all relevant security information with one single login, otherwise the "pro center" doesn't help very much to manage sites. An option to mail me this information after contact would also be helpful. There's already an option on each single installation, but it's only a confirmation that the checks ran. (There's an option that informs me of each single firewall event. That's too much! Maybe an aggregated email for all sites once a day or once a week would be nice.)
Yes, there are many entries (I got 100 entries in two days after enabling it). And what does this mean? That bots are launching automated scans (or hacking attemtps) against wordpress resources. This is why all IPs must be add to blacklist. In a future maybe they could launch attacks against a Joomla vulnerability. This is a measure to prevent future attacks. If you have many log entries just select the option to not add logs (Url inspector -> Write to log -> No).
I enabled the url checking. At first it was informative, but most requests in this category are for wp-login.php and only for wp-login.php (e.g. there is no following request for joomla vulnerabilities). And they are a lot. I could remove that word from the list of words to check for, but in a central list I would rather want to have it excluded from logging or aggregated in logging, e.g. "17 log entries for wp-login.php". Might be too complex to implement this, though.
I'm not sure if this is possible in remote backups. I will check it.
remote akeeba backup (once it works for me): I miss an option to specify a backup profile.
Yes, this is in my TO-DO list, but for Control Center.
as the cron option of security pro seems to work fine I would like to use it for other scheduling as well. For instance for akeebaa scheduling (akkeba's schedule by wget url doesn't work for us at all.). This is actually a request for Pro not for the control center.