Home › Forums › BulletProof Security Pro › WordPress Single Database setup for DB Monitor
- This topic has 11 replies, 2 voices, and was last updated 7 years, 9 months ago by
Zsolt Edelényi.
-
AuthorPosts
-
Zsolt Edelényi
ParticipantI installed BPS Pro to a site. But the database is used by more sites with different prefix. I received e-mail: titled the following: BPS Pro Alert: DB Monitor Has Detected a Database Change.
Question: How can I set up PBS Pro, that do not send alerts because of changing other sites’ tables?
AITpro Admin
KeymasterGo the the BPS Pro S-Monitor page > DBM: When A Database Change|Modification Occurs… > choose Do Not Send Email Alerts.
Zsolt Edelényi
ParticipantI want to disable e-mail alerts only when the other site’s table is modified. I still want to receive alerts when illegal change occurs in the sites own tables.
AITpro Admin
KeymasterThe DB Monitor monitors the current database that you are connected too. The DB Monitor monitors the database tables that you see in the Table Name table column. I do not understand what “other site’s table is modified” means.
Zsolt Edelényi
ParticipantI do not understand what “other site’s table is modified” means.
One database in WordPress contains tables of many domains. eg. alpha.com, beta.com. Alpha.com uses tables, where table’s name begins with “alpha_”, beta.com uses tables with name begins with “beta_.”
You install BPS Pro to alpha.com, but the database is used by beta.com also. You write a post in beta.com and modify the table begins with “beta_” . The BPS Pro alerts that database is not the same as the backup database.
I would like to switch off the alerts when beta.com modifies the tables belongs to beta.com, i.e. tables begins with “beta_”. I still want to receive message when tables of alpha.com (tables begins with “alpha_”) changed.
Clear enough?AITpro Admin
KeymasterHmm never heard of this type of WordPress MySQL database setup. It sounds like you are using something unique/unusual that is not a standard WordPress MySQL database setup. Something like a multi-database plugin or something else like that. You can choose which database tables to monitor in the DB Monitor settings. So if the database tables are listed for beta and alpha then you would choose whichever database tables you want to monitor. Email alerts are only sent for database tables that are being monitored. Also at this point in the DB Monitor development it has a long way to go before it is user friendly and efficient. The problem lies in monitoring the database without causing a significant negative performance impact. Currently the DB Monitor only tells you when a particular database table has changed and does not drill down and show the exact difference without having to use the DB Diff Tool. So honestly at this point the only feature that is user friendly, simple and efficient is the New DB Tables Created Check option. At some point we will continue on with where we left off with DB Monitor development to get it where DB changes show exactly what has changed and without causing a significant negative impact when doing that.
Zsolt Edelényi
ParticipantIt sounds like you are using something unique/unusual that is not a standard WordPress MySQL database setup.
That’s a basic feature of WordPress. Commonly used in Hungary because hosting accounts paramteres limits the number of databases. Now I see, that it is not a best solution for security reason. My question that how can you select which tables you want to monitor?
AITpro Admin
KeymasterI did not know that about hosting in Hungary. Good to know. Yes, you can normally select the database tables that you want to monitor by selecting individual Table Size or Update Time Radio buttons for each Database table that you want to monitor: http://forum.ait-pro.com/forums/topic/database-monitor-dbm-guide/ Personally I recommend that you do not monitor any individual database tables and only use the New DB Tables Created Check option. Is this WordPress Single Database setup: https://codex.wordpress.org/Installing_Multiple_Blogs#Single_Database the type of WordPress database setup that you are using?
Zsolt Edelényi
ParticipantIs this WordPress Single Database setup: https://codex.wordpress.org/Installing_Multiple_Blogs#Single_Database the type of WordPress database setup that you are using?
Yes. What do you think, there is any security problem with that?
AITpro Admin
KeymasterI just wanted to know what type of DB setup you have so I can setup a test site and test this. I will test this DB setup today.
AITpro Admin
KeymasterWordPress Single Database testing:
Environment: XAMPP Local Development Server. Note: My XAMPP installation uses MySQL DB version: 5.6.16 with InnoDB tables, which does not have Update Time. MySQL 5.7.2 has added Update Time for the InnoDB Engine.
Single Database Name: single-db
XAMPP Test sites: Demo17 and Demo18
Test site DB Table Prefixes: demo17_ and demo18_Demo17 Test Site DB Monitor option settings:
New DB Tables Created Check: On || Next Check: September 5, 2015 @ 9:14 amTable Name Check By Frequency Next Check demo17_commentmeta Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_comments Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_links Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_options Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_postmeta Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_posts Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_term_relationships Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_term_taxonomy Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_terms Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_usermeta Table Size 5 Minutes September 5, 2015 @ 9:14 am demo17_users Table Size 5 Minutes September 5, 2015 @ 9:14 am Demo18 Test Site DB Monitor option settings:
New DB Tables Created Check: On || Next Check: September 5, 2015 @ 9:13 amTable Name Check By Frequency Next Check demo18_commentmeta Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_comments Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_links Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_options Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_postmeta Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_posts Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_term_relationships Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_term_taxonomy Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_terms Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_usermeta Table Size 5 Minutes September 5, 2015 @ 9:13 am demo18_users Table Size 5 Minutes September 5, 2015 @ 9:13 am Test Results:
Demo17 Site:
The NextGen Gallery plugin was installed on the Demo17 site and a New DB Table Created log entry was logged and an email was sent. The demo17_posts DB Table size changed and a New DB Table Created log entry was logged and an email was sent.[New DB Table Created - Cron Check Time September 5, 2015 - 8:48 am] New DB Table Created Name: demo17_ngg_gallery New DB Table Actual Create Time: 2015-09-05 08:39:00 DB Monitor Guide: http://forum.ait-pro.com/forums/topic/database-monitor-dbm-guide/ [DB Monitor Log File Zip and Email Successful: September 5, 2015 - 8:48 am] Your DB Monitor Log file has been successfully zipped and emailed to you [DB Table Size Change - Cron Check Time: September 5, 2015 - 9:10 am] DB Table Name: demo17_posts Previous DB Table Size: 404688 bytes Current DB Table Size: 114688 bytes DB Monitor Guide: http://forum.ait-pro.com/forums/topic/database-monitor-dbm-guide/ [DB Monitor Log File Zip and Email Successful: September 5, 2015 - 9:10 am] Your DB Monitor Log file has been successfully zipped and emailed to you
Demo18 Site:
The demo18_links DB Table size changed and a New DB Table Created log entry was logged and an email was sent.[DB Table Size Change - Cron Check Time: September 5, 2015 - 9:09 am] DB Table Name: demo18_links Previous DB Table Size: 80768 bytes Current DB Table Size: 32768 bytes DB Monitor Guide: http://forum.ait-pro.com/forums/topic/database-monitor-dbm-guide/ [DB Monitor Log File Zip and Email Successful: September 5, 2015 - 9:09 am] Your DB Monitor Log file has been successfully zipped and emailed to you
Test Summary:
Each individual test site is monitoring its own database tables and logs database entries and sends emails for the DB tables that are monitored by each individual site. The original issue with DBM checking too generally still remains. The future of the DBM IDS is that the log entry and email will contain exactly what has changed: The previous and current database values, etc. There is no ETA for when this additional work for the DBM IDS will occur/be done/completed.Zsolt Edelényi
ParticipantThat’s great. You are the best support ever. I think you are right. I have not received DB alert last week, in spite of that using all sites of the database. Next time, I will check the change exactly. So far, thank you very much.
-
AuthorPosts
- You must be logged in to reply to this topic.