As a security company, we deal with a lot of compromised websites. Unfortunately, in most cases, we have limited access to customer logs, which is one of the reasons why we don’t offer forensic analysis. Sucuri offers website monitoring, protection, and clean up, but sometimes we go that extra mile and investigate how websites become compromised in the first place. This usually happens when websites become reinfected after a cleanup.
The reinfection itself can be caused by something as simple as a compromised admin user. By resetting the password for all admin users would be a simple fix for this issue.
However, most of the infected websites we clean have no logs to tell us exactly what happened that led to the website compromise.
We recommend having a plugin to log activities on your blog or website. An activity log plugin can:
be an early alert system to let you know if something has gone wrong;
work as a tool to help you keep a close eye on what is happening on your website;
help you investigate the attack vector after.
Having audit logs on a website is mandatory for e-commerce websites to be PCI DSS compliant. Logs are also very helpful when you need to troubleshoot technical
Source: https://managewp.org/articles/18385/the-importance-of-website-logs-by-sucuri
source https://williechiu40.wordpress.com/2019/02/19/the-importance-of-website-logs-by-sucuri/
No comments:
Post a Comment