PhSoftware

[wpmike]

All,

Installed WPIDS but it doesn't seem to be doing anything. It's been up for over a week now and there hasn't been one detected intrusion attempt. I find that hard to believe . Plus I noticed errors in my error_log file that seem to be related to WPIDS. Below are some examples:

[date/time] WordPress database error Table 'db.wp_sec_intrusions' doesn't exist for query INSERT INTO `wp_sec_intrusions` (`id`, `impact`) VALUES (0,8)
[date/time] WordPress database error Table 'db.wp_sec_intrusions' doesn't exist for query SELECT `id` FROM `wp_sec_intrusions` ORDER BY `id` LIMIT 1
[date] WordPress database error You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ' 'IP address', '/index.php', '__utmz', '263386643.1204146530 for query INSERT INTO `wp_sec_log` (`id`, `ref_id`, `ip`, `page`, `tag`, `value`, `app`,`type`,`date`,`status`) VALUES (0, , 'IP address', '/index.php', '__utmz', '263386643.1204146530.3.2.utmcsr=www.google.com|utmccn=(referral)|utmcmd=referral|utmcct=/p/1.html', 1, '6', 'date/time', 2)

I am running PHP 5.2.6 and MySQL 5.0.45. I'm following the advice of Blog Security and have limited my WP user to only have GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP privileges to the database. I've even cheated a bit and added ALTER too

Any suggestions?

[Philnate]

Please take a look into your WordPress database Table and tell me if the mentioned table is there or not. As it seems that this table isn't existent.

[wpmike]

Checked it. As expected neither of the mentioned tables are there. Do we have to create them manually? I thought installing the plug-in would do that automatically.

[Philnate]

Try to deactivate the Plugin and then activate it again, but before doing it uncheck on the settings page of WPIDS this: Keep log entries if WPIDS gets disabled.
After the activation they should hopefully be there. Did you install before some other Plugin which needs it's own Tables?
If that didn't worked please run this SQL through PHPMyAdmin or something similiar, but take care of the correct WordPress Table Prefix:

Code: Select all

CREATE TABLE IF NOT EXISTS `wpprefix_sec_intrusions` (
                `id` int(11) unsigned NOT NULL auto_increment,
                `impact` int(11) unsigned NOT NULL,
                PRIMARY KEY  (`id`)
                ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 COMMENT='Stores PHPIDS logged Bad Requests';

CREATE TABLE IF NOT EXISTS `wpprefix_sec_log` (
                `id` INT (11) unsigned  NOT NULL auto_increment,
                `ref_id` INT (11) unsigned NULL ,
                `ip` VARCHAR( 40 ) NOT NULL ,
                `page` TEXT NOT NULL,
                `tag` VARCHAR (40) NULL,
                `value` TEXT NOT NULL,
                `app` TINYINT( 4 ) unsigned NOT NULL ,
                `type` VARCHAR( 40 ) NOT NULL ,
                `date` DATETIME NOT NULL ,
                `status` TINYINT( 4 ) unsigned NOT NULL,
                PRIMARY KEY (`id`)
                ) ENGINE = MYISAM DEFAULT CHARSET=utf8 COMMENT='Stores the LD Log'

So where wpprefix stands your WP TablePrefix takes place.

[wpmike]

Thanks for the suggestions... Tried what you mentioned (i.e., disabling and re-enabling, etc.) and it didn't work. I have installed the Wordpress Automatic Upgrade plugin; this looks like it created two additional tables in the database so I should be fine there. Can you recommend any other plugins that I could temporarily install/uninstall to see if tables can be created? I'd rather not manually create my own tables as finding the root problem will probably stop similar future issues from happening.

[wpmike]

Just a note... Tried giving the database user all privileges then enabling the plugin. The WPIDS tables still weren't create. You know of another plugin that creates a database table that I could temporarily try to see if it is successful?

[Philnate]

Gengo creates as well tables.

[wpmike]

Any plugins for WP 3.3.x. I haven't upgraded yet. I will soon but am looking to stabilize my current install first.

[wpmike]

I mean 2.3.x...

[Philnate]

Sorry that it taked so long to come back to you. The http:BL Plugin creates as well a table and works with WordPress 2.3.x.
Here the link to it: http://wordpress.org/extend/plugins/httpbl/.
Please tell me if this is working for you.

[wpmike]

Just following up... My hosting provider said that the database I was on was all messed up. They moved me to another server with a clean database install and everything works - i.e., the database tables are created. So yeah!

The only thing left that is bugging me is that the plugin seems to disable some of the default WordPress editor features. Also the code view tab is broken. If I disable WPIDS everything works fine. I've read around and have seen others having this problem. What is the official way to fix this?

[Philnate]

Good to hear, the current Version should be workable in a way so that backend isn't checked as well, anyway I heard that it doesn't seem to work everywhere. I'll work on that problem, do you access your backend through SSL?

[patriram]

All,

Installed WPIDS but it doesn't seem to be doing anything. It's been up for over a week now and there hasn't been one detected intrusion attempt. I find that hard to believe . Plus I noticed errors in my error_log file that seem to be related to WPIDS. Below are some examples:

[date/time] WordPress database error Table 'db.wp_sec_intrusions' doesn't exist for query INSERT INTO `wp_sec_intrusions` (`id`, `impact`) VALUES (0,8)
[date/time] WordPress database error Table 'db.wp_sec_intrusions' doesn't exist for query SELECT `id` FROM `wp_sec_intrusions` ORDER BY `id` LIMIT 1
[date] WordPress database error You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ' 'IP address', '/index.php', '__utmz', '263386643.1204146530 for query INSERT INTO `wp_sec_log` (`id`, `ref_id`, `ip`, `page`, `tag`, `value`, `app`,`type`,`date`,`status`) VALUES (0, , 'IP address', '/index.php', '__utmz', '263386643.1204146530.3.2.utmcsr=www.google.com|utmccn=(referral)|utmcmd=referral|utmcct=/p/1.html', 1, '6', 'date/time', 2)

I am running PHP 5.2.6 and MySQL 5.0.45. I'm following the advice of Blog Security and have limited my WP user to only have GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP privileges to the database. I've even cheated a bit and added ALTER too

Any suggestions?

this plugins gave me a lot of problems in wordpress, all my website was running to slow, when i eliminated the database and deactivated the plugin, everythin was good again..
thanks good, that i found this message
thanks