Activity log

Hello.

I wish ProFreeHost would add an "Activity log" section on the main account or in every site account for added protection. I have a site that got suspended recently for violating the TOS and because it violated the terms, reactivation is not an option. When I filed a ticket for the reason, they said they found a chat script called "wechat.lib.class.php" and I just thought if they are really pointing to the right site because I am not doing anything on the site (I did not made any update to the site for several days) nor did I created a chat site. I haven't installed any chat system on my site and that site is obviously not a chat site but I do have ads running on the site and one is for a chat service. I don't think a tiny ad script will install a file like that on my site. When I asked support for the location of that file, they already ignored my inquiry and no help is provided. If that file was really found on my site then somebody might have cracked some port and get into the panel.

I wish ProFreeHost would add something like an "activity log" area where site owners can check the IP address and browsers used to access the Control Panel and the sites. It would add protection to the sites.

Thanks.

Comments

  • edited September 2017

    Thank you for the suggestion, There is a free access log download in the control panel. Awstats is a premium service feature. There are scripts that can be installed (softaculous) like Open Web Analytics. Several scripts in the customer support section of softaculous that have both real time and page visit statistics.

    Here is a script that can be inserted into source and records visit to that page in a txt file. Currently only IP and date.

    <?php
    $file = 'visitors.txt';
    $ipadress = $_SERVER['REMOTE_ADDR'];
    $date = date('F/d/Y h:i:s');
    $browser = $_SERVER['HTTP_USER_AGENT'];
    $fp = fopen($file, 'a');
    fwrite($fp, $ipadress.' - ['.$date.'] '. "\r\n");
    fclose($fp);
    ?>
    
  • thanks for this but that will only record the number of times a particular page is accessed. I will check first the softaculous. thanks for the suggestion.

  • edited September 2017

    @Nimmimonie said:
    thanks for this but that will only record the number of times a particular page is accessed. I will check first the softaculous. thanks for the suggestion.

    What are you talking about? The script records visitors IP address and time and date, of the particular page.

    http://badbot.unaux.com/visitors.txt

    Are you looking for some sort of file change monitor. Permissions do not allow visitors to add or change files to the storage. Now who has permissions to allow files to be added or changed?

  • what I mean is, that script is to be inserted on a particular page like the index file, for example. that's how the script is fired up.

  • yes it records the activity of the particular page. So look at the .lastlogin file in the home directory. That will tell you who login last. hmm so who has permissions to add or change files to your account? Who has your password?

  • The feature you suggested may add some post-abuse measure. You will only know after the abuse to your account is done and you will not be able to do anything at the time.

    There is already a small string at the end of urls to track logs of websites by our system e.g. "?/i=1" and we get questions like how to remove that from a-lot of people. Adding some script much bigger as compared to this to users' website urls may result in even more complaints.

    It doesn't add much value to system. If it is deemed necessary, at any time in future, we may actually implement something similar.

    We are doing more tracking than you see in the back end to keep our system clean and fair.

    The best thing you can do to keep your account secure is make sure to setup a stronger password to your main account.

    Note: Your account was not accessed by anyone except you.

  • if that's the case, how did that "wechat.lib.class.php" script file reached my site if I didn't add it?

  • It is not directly added to your account, but uploaded it to another account which is linked to similar servers.

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!