Login Security, FireWall, Malware removal by CleanTalk

Security logs provide you to receive and keep information for 45 days. You have the following possibilities:
1. Time period for all records you want to see.

Website for which you want to see security records. Leave the field empty to see security records for all websites.
Choose an event you want to see:

Authorization Login — all successful logins to your website.
Authorization Logout — all closed sessions.
Authorization Invalid username — login attempts with not existing username.
Authorization Auth failed — wrong password login attempts.
Audit View — records of actions and events of users in your website backend.

Searching records by IP address.
Searching records by country.

There are date and time of events for each record, username who performed an action and his IP (country) address. How to use Security Log https://cleantalk.org/help/Security-Log
Is it possible to set custom email for notification?
Yes, it is possible. Go to your CleanTalk account->Change email https://cleantalk.org/my/change-email
Why do you need an access key?
Access Key allows you to keep statistics up to 45 days in the cloud and different additional settings and has more possibilities to sort the data and analyses. Our plugin evolves to Cloud Technology and all its logs are transferred to Cloud. Cloud Service takes data processing and data storage and allows to reduce your webserver load.
How to use Security Log

First go to your Security Dashboard. Choose "Site Security" in the "Services" menu.

Then go to your Security Log.

You have the following possibilities:

Time period for all records you want to see.
Website for which you want to see security records. Leave the field empty to see security records for all websites.

Choose an event you want to see:

Authorization Login — all successful logins to your website.
Authorization Logout — all closed sessions.
Authorization Invalid username — login attempts with not existing username.
Authorization Auth failed — wrong password login attempts.

Audit View — records of actions and events of users in your website backend.

Searching records by IP address.
Searching records by username.
Searching records by country.

List of records. Each record has the following columns:

Date — when the event happened.
User Log — who performed actions.
Event — what did he do.
Status — was he Passed or Banned.
IP — his IP address.
Country — what country that IP belongs to.
Details — some details if they are available.

Please, read more
https://cleantalk.org/help/Security-Log

If you wish to block some countries from visiting your website, please, use this instruction: https://cleantalk.org/help/Security-Firewall
How to use Security Firewall
First go to your Security Dashboard. Choose "Site Security" in the "Services" menu. Then press the line "Black&White Lists" under the name of your website.

You can add records of different types to your black list or white list:

IP-Addresses (For example 10.150.20.250, 10.10.10.10)
Subnets (For example 10.150.20.250/24, 10.10.10.10/8)
Countries. Click the line "Add a country" to blacklist or whitelist all IP-addresses of the chosen countries.

The records can be added one by one or all at once using separators: comma, semicolon, space, tab or new line. After filling the field press the button "Whitelist" or "Blacklist". All added records will be displayed in your list below. Please note, all changes will be applied in 5-10 minutes.

Open another browser or enter the incognito mode.
Type address YOUR_WEBSITE/?security_test_ip=ANY_IP_FROM_BLACK_LIST
2.1 Address 10.10.10.10 is local address and it's in blacklist constantly. So address YOUR_WEBSITE/?security_test_ip=10.10.10.10 will works everytime.
Make sure that you saw page with the blocking message.
FireWall works properly, if it is not, see item 4 of the list.

How does malware scanner work?
Malware scanner will check and compare with the original WP files and show you what files were changed, deleted or added. Malware scanner could be used to find an added code in WP files. On your Malware Security Log page, you will see the list of all scans that were performed for your website. The CleanTalk Cloud saves the list of the found files for you to know where to look them for.
How to start malware scanner?
At the moment malware scanner may be started one time per day and manually.
To start malware scanner go to the WordPress Admin Page —> Settings —> Security by CleanTalk —> "Malware Scanner" tab —> Perform Scan.
Give the Malware Scanner some time to check all necessary files on your website.
Is it free or paid?
The plugin is free. But the plugin uses CleanTalk cloud security service. You have to register an account and then you will receive a free trial to test. When the trial (on CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate the Security by CleanTalk plugin.
If you haven’t got access key, the plugin will work and you will have logs only on the plugin settings page for last 20 requests.
What happens after the end of the trial period?
The plugin will fully perform its functions after the end of the trial period and will protect your website from brute force attacks and will keep Action Log in your WP Dashboard, but the number of entries in the log will be limited to the last 20 entries/24 hours. Also, you will receive a short daily security report to your email.

Premium version allows to storage all logs for 45 days in the CleanTalk Dashboard for further analysis.
Brute Force security for Wordpress
Brute force attack is an exhaustive password search to get full access to an Administrator account. Passwords are not the hard part for hackers taking into account the quantity of sent password variants per second and the big amount of IP-addresses.

Brute force attack is one of the most security issues as an intruder gets full access to your website and can change your code. Consequences of these break-ins might be grievous, your website could be added to the [botnet] and it could participate in attacks to other websites, it could be used to keep hidden links or automatic redirection to a suspicious website. Consequences for your website reputation might be very grievous.
Why is the CleanTalk Security Plugin Added to the Must Use Section?
This is required for the Security FireWall to function properly. Plugins that are placed in this section are being launched first, so it is very important that the Security FireWall is launched before any plugins and hooks. Thus, hacker requests will be stopped before they can get access to any site code.
Can I use CleanTalk Security and Wordfence together
Sure, you can use CleanTalk Security and Wordfence. Quite often we get question from our customers, will there be a conflict between CleanTalk and Wordfence? We tested CleanTalk Security and Wordfence working together and they work without any conflicts.
Can CleanTalk Security protect from DDoS?
Security FireWall can mitigate HTTP/HTTPS DDoS attacks. When an intruder makes GET requests to attack your website, Security FireWall blocks all requests from bad IP addresses. If your website under DDoS attack you will be able to add IPs to your personal BlackList to block all Post and GET requests.