Home › Forums › BulletProof Security Pro › Database Monitor – DBM Guide
Tagged: Database Monitor, Database Security Monitor, DB Monitor, DBM
- This topic has 7 replies, 2 voices, and was last updated 1 year, 7 months ago by Phil.
-
AuthorPosts
-
AITpro AdminKeymaster
DB Monitor IDS (DBM IDS)
The DB Monitor (DBM) is an Intrusion Detection System (IDS) that alerts you via email anytime a change/modification occurs in your WordPress database or a new database table is created in your WordPress database. The DB Monitor email alert contains information about what database change/modification occurred and other relevant help info. Your DB Monitor Log also logs any changes/modifications to your WordPress database and other relevant help info.
The DBM IDS is similar to the ARQ IDPS where it is the most powerful last line of website security protection defense. If all other outer and inner layers of security protection are penetrated then the most powerful DBM IDS and ARQ IDPS systems kick in and protect your website from attacks/hackers. Even if these powerful security measures are never utilized the most significant benefit is that you know for sure that neither your website files or your WordPress database have been tampered with.
How The DB Monitor IDS Works
By default the DB Monitor is automatically setup by BPS Pro when you upgrade BPS Pro or when you run the Setup Wizards. The default DB Monitor settings are: Check for any new DB Tables created in your database every 15 minutes. You can of course choose whether or not you want to monitor any or all of your database tables for any changes/modifications and how often you want the DBM Cron check to run. The DBM Cron check is designed in a way that it does not cause any website performance loss.How to Choose Between Table Size & Update Time in the Dynamic DB Form
Update Time: When a particular database table is updated by WordPress, a plugin, a theme or by you, that database Update Time timestamp will be updated with the time the update occurred to any row within that database table. If your MySQL database type updates the Update Time database table then you will see a timestamp for the last time that each database table was updated.
Table Size: This is the size of each of your individual database tables. Your database table sizes are displayed in Kilobytes in the Dynamic DB Form, but are checked by bytes, which is a more precise check.
The logic for choosing between Table Size & Update Time checks is very simple. You look at the Update Time column in the Dynamic DB Form and if the timestamp date is very recent for a particular database table then you want to click/select the Table Size Radio button for that particular database table. The reason you would choose Table Size and NOT Update Time is that particular database table is updated automatically and frequently and the Update Time will change frequently. The size of the particular database table will probably NOT change.
A perfect example is the WordPress xxxxxx_options database table. The WordPress xxxxxx_options database table is updated automatically and very frequently with UNIX timestamps by WordPress itself and WordPress plugins, including BPS Pro. A UNIX timestamp looks like this: 1402070660. It is a 10 digit number. When a UNIX timestamp is updated it will always be a 10 digit number. Example: 1402070660, 1402070661, 1402070662. The size of the UNIX timestamp will always be the same. So what that means is WordPress xxxxxx_options database table size will NOT change when a UNIX timestamp is updated, but the Update Time of WordPress xxxxxx_options database table will change every time a UNIX timestamp is updated. So checking by Table Size for the WordPress xxxxxx_options database table means that you will not be alerted when UNIX timestamps are updated and will ONLY be alerted if the size of the WordPress xxxxxx_options database table changes.
After choosing the Table Size Radio button for all database tables that have a recent timestamp in the Update Time column you can then select the Update Time Radio button for all of your other database tables that you want to monitor.
You may not want to monitor some database tables, such as the xxxxxx_bpspro_db_backup or the xxxxxx_bpspro_login_security or other plugin’s top level database tables. That choice is up to you. If you choose to monitor a database table and a change/modification occurs then you will receive a DB Monitor email alert about that database table change/modification. You can of course adjust/change your DB Monitor settings at any time and add or remove database tables that you want to monitor and/or how you want those database tables to be monitored – by size or by update time.
How do I change Alerts, Email Alerting Status Display Options?
BPS Pro S-Monitor is the central alerting, email and status display options Core for BPS Pro. All alerting, email and status display options are chosen/selected in S-Monitor for all BPS Pro Core security features.Dynamic DB Form Tips
You only need to choose/click on either a Table Size or Update Time Radio button for each database table that you want to monitor and do not need to click the checkbox for that particular database table. By selecting a Radio button for a particular database table that you want to monitor, you are selecting that database table to be monitored.DB Monitor Status Table
Dynamic DB Form results are displayed immediately after submitting the Dynamic DB Form in the DB Monitor Status Table. The DB Monitor Status Table displays which database tables are being checked by either size or update time, the frequency of those checks and the next scheduled check time.IMPORTANT NOTES:
The Dynamic DB Form Checkboxes and Radio buttons are specifically designed NOT to stay selected. The Dynamic DB Form is similar to a Comment Form. You enter what you want to submit and click the submit button. The results of submitting the Dynamic DB Form are displayed immediately in the DB Monitor Status Table and you Dynamic DB Form Settings are logged in the DB Monitor Log file.The Next Check time shown in the DB Monitor Status Table is literally the next scheduled Cron job time. If you resubmit the Dynamic DB Form in between scheduled Cron jobs then the literal next scheduled Cron job time is displayed and not the time now when you submitted the Dynamic DB Form. The next scheduled Cron job will use whatever form settings are set when the next Cron job runs.
Some MySQL database types do not have/use Update Time. If you see N/A under the Dynamic DB Form Update Time column then Update Time is not available for your MySQL Database type (InnoDB, XAMPP, etc) and you can only check your database tables by Table Size. If you choose Update Time and your MySQL database shows N/A under the Update Time column then no DB Monitor database checks will occur for that database table and the DB Monitor Status Table will display N/A – Update Time for the Check By column and N/A for the Frequency and Next Check columns in Red font.
If you submit the Dynamic DB Form and you have NOT selected/checked any Table Name checkboxes then this will delete/clear/remove all database tables from being checked by the DB Monitor and the default check for new database tables created will be done if you have selected that option.
If you submit the Dynamic DB Form and you ONLY select Table Name checkboxes and do NOT select either a Table Size or Update Time Radio button corresponding to the Table Name checkbox that you checked then a Table Size check will be chosen/selected by default for that database table.
If you submit the Dynamic DB Form and and you ONLY select either a Table Size or Update Time Radio button then the Table Name corresponding to that Radio button will be chosen/selected/added and be checked by the DB Monitor.
Troubleshooting
Will be updated as issues or problems become known.- This topic was modified 2 years, 10 months ago by AITpro Admin.
- This topic was modified 2 years, 10 months ago by AITpro Admin.
- This topic was modified 2 years, 10 months ago by AITpro Admin.
- This topic was modified 2 years, 10 months ago by AITpro Admin.
- This topic was modified 2 years, 10 months ago by AITpro Admin.
PhilParticipantHi,
I’m seeing this error A LOT in the file bps_php_error.log – like thousands of times in the last couple hours. Is there a way to interpret what it means and what recovery action is needed?PHP Warning: unlink(/wp-content/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php): Permission denied in /wp-content/plugins/bulletproof-security/admin/includes/admin.php on line
Thanks,
Phil.AITpro AdminKeymasterThe php error means that the code in the BPS admin.php file that automatically deletes that file is unable to delete that file > /wp-content/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php. Use FTP or your web host control panel file manager tool and delete the /bulletproof-security/ plugin folder. Install a new BPS Pro zip file using the WordPress Plugin upload zip installer. You will not lose any BPS Pro settings by doing this. If you do not have the most current version of BPS Pro 17.1 then you can download the zip file here > https://www.ait-pro.com/wp-admin/
PhilParticipantThanks,I checked that file and the permissions are set to 664 – so it ought to be OK.
I can’t login to the back-end to install an updated plugin right now, so I’ll keep working on that one first.
Once I can login, I’ll try your “nuclear” option of deleting the entire plugin and installing the latest version.
In the meantime, would it be useful if I simply delete /wp-content/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php ?
Thanks for your help,
Phil.
AITpro AdminKeymasterYou can also use WB_DEBUG in your wp-config.php file to figure out what is causing the problem.
define('WP_DEBUG', true); define('WP_DEBUG_LOG', true); define('WP_DEBUG_DISPLAY', true);
PhilParticipantThanks – I have added that, but the error is some problem between WPEngine and Cloudflare, so the above addition doesn’t provide any information I can use.
Re my last question,
In the meantime, would it be useful if I simply delete /wp-content/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php ?
OK to do that or no point??
Thanks anyway.
Phil.
AITpro AdminKeymasterDeleting the /wp-content/plugins/bulletproof-security/admin/htaccess/mscan-pattern-match.php file will stop the php error from occurring, but it would not fix whatever is causing that problem.
PhilParticipantThank you. Once I have fixed the login issue, I’ll look further at this.
Phil.
-
AuthorPosts
- You must be logged in to reply to this topic.