The CleanTalk Security Service FAQ

 

 

How can you test the CleanTalk Security Plugin?

Please, use wrong username or password to log in to your WP Admin Panel to see how the Security Plugin works. Then log in with your correct account name and see the Security Logs of the last actions on the plugin's settings page. Also, Audit Log will display the last visited URL's of the current user.

  1. Make a fake attempt to log in to your website with the wrong admin username or password.
  2. Use test URL like this: [ www.yourdamain.com/?security_test_ip=10.10.10.10 ]
  3. Your will see your actions in the Security Plugin Log in your WP Admin Panel.
  4. When anyone logs in to your website as an administrator, you will receive email notifications about it.

 

Your attempts will be shown in both of your Security Logs: on the plugin's settings page and in the CleanTalk Security Dashboard.

The plugin sends the log to your CleanTalk Dashboard once per hour but if you re-save plugin settings, the log will be sent immediately.

 

Is the plugin compatible with WordPress MultiSite (WPMS or WordPress Network)?

Yes, the plugin is compatible with WordPress MultiSite.

 

Is it free or paid?

The plugin is free.

But the plugin uses the CleanTalk Cloud Security Service. You have to register an account and then you will receive a free trial to test. When the trial (on CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate the Security Plugin. If you haven’t got access key, the plugin will still work and you will have logs only on the plugin's settings page for the last 20 actions.

 

How to control security activities on your website?

Go to your CleanTalk Profile —> Log. Use filters to sort data for analysis.

The details are here: https://cleantalk.org/Security-Log

 

Is it possible to set custom e-mail for notifications?

Yes, it is possible. Go to your CleanTalk Profiel —> Change E-mail: https://cleantalk.org/my/change-email

 

How to enable e-mail notifications when administrators log in?

Do you want to receive a notice each time a user with administrator rights logs into your WP Dashboard? We added this option. Now you can receive notifications if you want to know about an unauthorized entrance to your WP Dashboard.

Notification will be sent only when a user was able to authorize entering correct login and password. If you are logged into the admin panel from the saved session the alert won’t be sent.

You can enable this option in your CleanTalk Dashboard:

  1. Log in to your CleanTalk Profile and switch to your Security Dashboard. Direct link — https://cleantalk.org/my/?cp_mode=security
  2. Click “Settings” under the name of your website.
  3. Enable option "Receive notifications for admin authorizations in site backend".
  4. Click the button "Update".

 

Why do you need an access key?

Access Key allows you to keep statistics up to 45 days in the CleanTalk Cloud, to get other additional settings and to have more possibilities to sort the data for analysis. Our plugin evolves to Cloud Technology and all its logs are transferred to the CleanTalk Cloud. Cloud Service takes data processing, data storage and allows to reduce your webserver load.

 

What happens after the end of the trial period?

The plugin will be fully functional after the end of the trial period, will be protecting your website from brute-force attacks and will keep Action Log in your WP Dashboard, but the number of entries in the log will be limited to the last 20 entries/24 hours. Also, you will be receiving a short version of Daily Security Report to your email instead of full one.

Premium version allows to store all logs for 45 days in your CleanTalk Dashboard.

 

How to use Security Log?

Please, read the guide here: https://cleantalk.org/help/Security-Log

 

How to use Security Firewall?

Please, read the guide here: https://cleantalk.org/help/Security-Firewall

 

What is Traffic Control and how to use it?

CleanTalk Security Traffic Control tracks every single visitor in real time no matter if they are using JavaScript or not providing many valuable traffic parameters such as:

  • Date and time of the visit to your website;
  • Spent time on your website;
  • IP-addresses;
  • Source country;
  • Browser;
  • Operational System;
  • Type of the visitor — Visitor, Search Bot, different bot, suspicious bot and so on;
  • Number of visited pages.

This option can:

  • Block specific IP-address, network or country directly from the interface.
  • Block IP-address automatically if the threshold of average quantity of visited pages was exceeded.

To enable this option, please, do the following:

  1. Go to your WordPress Administrator Panel —> Settings —> Security by CleanTalk.
  2. Go to the tab General Settings.
  3. Enable the option "Traffic Control" and click the button "Save Changes".
  4. Go to the tab Traffic Control. Now you will see the list of all your visitors here on this tab.

 

What is Outbound links scanner and how to use it?

This option allows you to let know the number of outgoing links from your website and websites on which they linking to. All websites will be checked by our Database and will show results if they were used as links in spam messages. It allows you to check your website and find hidden links or spam links.

To enable this option, please, do the following:

  1. Go to your WordPress Administrator Panel —> Settings —> Security by CleanTalk.
  2. Go to the tab General Settings.
  3. Enable the option "Scan links" and click the button "Save Changes".

 

How to bypass a CleanTalk Blocking Screen if I'm the website owner?

You as a website owner or as a website administrator could see a CleanTalk Blocking Screen after installing and activating the CleanTalk Security Plugin. Possible reasons could be:

  • You or anybody else with the same IP-address tried to log in to your website backend and failed to do that more than 10 times in a row. That will trigger automatic blacklisting of your IP for 24-48 hours.
  • You use the IP-address from a very spam active subnet or Autonomous System (AS).
  • You or anybody else who has access to your CleanTalk Control Panel added your IP to your Black List by accident or on purpose.

 

To regain access to your website backend, please, do the following:

1) Delete the plugin's folder "security-malware-firewall". Perform these steps:

  1. Log in to your Hosting Account.
  2. Locate the folder of your website.
  3. Delete the Security Plugin's folder here: /wp-content/plugins/security-malware-firewall
  4. Refresh your website login page, the blocking screen should disappear.

 

2) Use special parameter "/?access=AUTH_KEY". Perform these steps:

  1. Go to your main website page.
  2. Add the parameter with your Security Access Key to your website address. Example: http://MyWesbite.com/?access=abc123
  3. You can see your Security Access Key (i.e. API Key) here in your CleanTalk Control Panel: https://cleantalk.org/my/?cp_mode=security
  4. After that you will have full access to your website for 20 minutes.

Please, whitelist your IP or delete it from your Black List (for your Security Licence) and press the button "Save Changes" in the settings of the CleanTalk Security Plugin. The changes in your website will be applied in 5 minutes.

If you still have problems with regaining access to your website, please, contact us via e-mail (support@cleantalk.org) or by creating a private support ticket: https://cleantalk.org/my/support/open

 

 

You can download Security & Firewall by CleanTalk here:

https://wordpress.org/plugins/security-malware-firewall/

 

 

 Security Dashboard button

 

 


Perhaps it would also be interesting