Rule for Successful Wordpress Login

Customer support forums for the modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the real time modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
jags15
Forum User
Forum User
Posts: 5
Joined: Mon Jun 01, 2015 3:12 pm
Location: UK

Rule for Successful Wordpress Login

Unread post by jags15 »

Hi all

I am having great fun analysing the alerts I see from AUM in /var/log/httpd/audit_log.

I see plenty of miscreants trying to brute force into my wordpress:
msg "Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure "

But I would also like to see Successful Logins. This way I can monitor / check that the SysAdmin made the login attempt. Is there another rule I have to enable or add?

Regards

Jag
jags15
Forum User
Forum User
Posts: 5
Joined: Mon Jun 01, 2015 3:12 pm
Location: UK

Re: Rule for Successful Wordpress Login

Unread post by jags15 »

The answer is that the information is in the error.log file. All the information required is there.
Post Reply