BackupBuddy – detecting malware in Security Log file

Home Forums BulletProof Security Pro BackupBuddy – detecting malware in Security Log file

This topic contains 0 replies, has 1 voice, and was last updated by  AITpro Admin 1 year, 2 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #32728

    AITpro Admin
    Keymaster

    The /wp-content/bps-backup/ folder should be excluded from being backed up by BackupBuddy.  Create a folder exclude rule in BackupBuddy for the /wp-content/bps-backup/ folder so that it will not be backed up by BackupBuddy

    The BPS Security Log has this checkbox option:  Limit POST Request Body Data, which allows you to capture entire hacker malicious code/scripts that are used to attack your website.  “If you do not want to capture/log entire hacker scripts/files/code in the Request Body logging field then keep the Limit POST Request Body Data checkbox checked.”  By checking the Limit POST Request Body Data checkbox option setting you will limit the amount of malicious hacker code/scripts used to attack your site and your Maldetect scanner will no longer be triggered and detect malicious code in your Security Log file.  The hacker code/scripts that are captured in your Security Log file are in plain text format.  So that code/script is Nulled/not dangerous since it is in plain text format in the Security Log file.

    Limit POST Request Body Data
    The maximum Security Log Request Body Data capture/log limit is 250000 maximum characters, which is roughly about 250KB in size. The Limit POST Request Body Data checkbox option limits the maximum number of Request Body Data characters captured/logged in the Request Body logging field to 500 characters, which is roughly 5KB in size. The Limit POST Request Body Data checkbox is checked by default. You can capture/log entire hacking scripts if you uncheck the Limit POST Request Body Data checkbox (See Note below), but that means your log file size could increase dramatically and you could receive more automated Security Log zip file emails. If you are using email security protection on your computer then your zipped Security Log files may be seen as containing a virus (hacker script/code) and they could be automatically deleted by your email protection application on your computer. Your computer security protection software may also see the Security Log file as malicious and block it. If you do not want to capture/log entire hacker scripts/files/code in the Request Body logging field then keep the Limit POST Request Body Data checkbox checked. Note: To capture/log all POST Request Attacks against your website you will need to add the POST Request Attack Protection Bonus Custom Code. A link to that Bonus Custom Code is at the top of this Read Me help window. If you do not want to add the Bonus Custom Code then some, but not all POST Request Attacks will be captured/logged in the Security Log.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.