Validation logs

Posted on May 11, 2021

This plugin stores validation logs when Record “Logs” is enabled in Privacy and record settings section on Settings tab.

Contents in log

Validation logs

The followings are some of items that are stores in logs.


Following the HTTP method and the port, the requested path is recorded. RFC2616 (obsoleted by RFC7231) defines 8 method, i.e. GET, POST, PUT, DELETE, HEAD, OPTIONS, TRACE, CONNECT. The definitions says:

In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered “safe”. This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested.

But in the real world, we can find a simple hyperlink (i.e. GET method) which takes an action other than retrieval.

Media Library

Anyway, we’d better take care about what’s being done by a malicious request.

$_POST data

When a request submitted by POST method is blocked, keys in $_POST environment variable are recorded into the log. The corresponded keys in “$_POST keys to be recorded with their values in logs” in Privacy and record settings section are deployed to their values in order to take a look at them.

Record settings

The recommended keys are as follows:

  • action
    This key is very popular in WordPress. It usually shows the process of doing something.

  • comment
    It shows the contents of comment posted to wp-comments-post.php.

  • log, pwd
    The login name and password posted to wp-login.php. The pwd will be masked with *** when it comes from a logged in user.

    Log of Login form

    It shows the contents of HTTP File Upload variables $_FILES if POST method uploads was requested. (since

    Malicious file upload


The column “Result” shows the validation result as the following table describes:

Result Description
passed passed through the validation
passUA passed by menas of “UA string and qualification”
blocked blocked by country
blockUA blocked by menas of “UA string and qualification”
wp-zep blocked by WP-ZEP
multi blocked by XML-RPC multicall
badsig blocked by Bad signatures
badbot blocked by Badly-behaved bots and crawlers
extra blocked by Extra IP addresses
failed blocked by failed login attempt
limited blocked by excess of limit login attempt
upload blocked by forbidden MIME type
^ found unexpected attached files

Live update

Independent of Privacy and record settings section, you can see all the requests validated by this plugin in almost real time.

Live update