Protect: build graph with details about blocked attacks

Automattic / jetpack

Security, performance, marketing, and design tools — Jetpack is made by WordPress experts to make WP sites safer and faster, and help you grow your traffic.

https://jetpack.com/

Other

1.59k stars 798 forks source link

Protect: build graph with details about blocked attacks #5162

Open jeherve opened 8 years ago

jeherve commented 8 years ago

I would like to see more details concerning Security, malicious attacks blocked on my site. Where do these attacks originate? What is the distribution on a timeline? What characterizes these attacks?

This kind of information would help site owners understand what these attacks really mean, and would probably make them feel safer, as they would really understand what Jetpack Protect does behind the scenes.

2824824-t

ontytoom commented 8 years ago

It's very helpful that JetPack protects and reports number of attempts. However, IMHO, any reasonable admin needs to know more. The questions in the admin's head are:

Which user names need more securing (admin might contact the user to make sure they have a good password)?
Is this via wp-login, or via XMLRPC?
From which IP addresses do these arrive (admin might add them to deny list of .htconfig, or something similar)
When did these occur? Is there a pattern?
If these were found, how many more are there that were not detected? (This is not an easy one to answer, of course.)

An admin would feel a lot more at ease if additional information were provided.

MichaelArestad commented 7 years ago

This is interesting. @dereksmart any idea what kind of data we can or should expose here?

stale[bot] commented 6 years ago

This issue has been marked as stale. This happened because:

It has been inactive in the past 6 months.
It hasn’t been labeled `[Pri] Blocker`, `[Pri] High`.

No further action is needed. But it's worth checking if this ticket has clear reproduction steps and it is still reproducible. Feel free to close this issue if you think it's not valid anymore — if you do, please add a brief explanation.

GeoJunkie commented 5 years ago

This has come up again. User in 9759999-hc has asked for more details on attempted brute force attacks on their site

abcxyz-m commented 5 years ago

Pinging @dereksmart, looks like this enhancement request may have been missed.

abcxyz-m commented 3 years ago

Pinging @dereksmart again, sorry if you're the wrong person to ping for this!

It could be very valuable for end users if Protect offered more details and logging. Currently, as far as I know, this is all we share:

Image Link: https://d.pr/i/UTx84O

jeherve commented 3 years ago

@mzakariya We do not have any other type of data to share at the moment, I'm afraid.

We'll update this issue when we next iterate on the Protect feature.