How to Use Security FireWall Log
1. First go to your Security Dashboard. Choose "Site Security" in the "Services" menu:
2. Then go to your Security FireWall Log:
3. You are on the Security FireWall Log page now:
1. Export logs button. You can export your logs to an CSV file.
2. Filters section.
A - The time period for all records you want to see.
B - Website for which you want to see the security firewall records.
Leave the field empty to see the security firewall records for all websites.
C - Searching records by an IP address.
D - Searching records by a country.
E - Searching records by the filtration result (Allow/Deny).
F - Searching records by a User-Agent. Works with partial words too.
3. Date when the event happened.
4. Website where the event happened.
5. Request's URL.
6. Visitor's IP information.
7. What country that IP belongs to.
8. The number of events that happened.
9. Result (Allow/Deny). Possible reasons of blocking by the Security Firewall and their descriptions:
- Deny - А visitor’s IP address is blacklisted by common CleanTalk list or by the personal blacklists of your website.
- Deny by network - А visitor’s IP address belongs to a subnet of high spam activity, or to a subnet that cannot have IP addresses of real human visitors.
- Deny by DDoS - DoS activity detected from the visitor's IP address. Visitor exceeded the number of allowed requests set by Traffic control.
- Deny by WAF - Malicious code has been detected in the GET-requests to your website (XSS attack), injection of malicious SQL requests to your website has been detected (SQL-injection attack), exploit detected, malicious files upload detected.
- Attacks to hack admin access - brute-force on login page detected.
- BlackListed by hacking attempts - hacking attempts detected.
- BlackListed by suspicious activity - suspicious activity detected.
You can add IP to your personal Security list by pressing the "To Personal black & white lists".
If you haven't found the answer to your question, please, contact our support team: