When a WordPress user requests a non-existing page on your WordPress website, which is also commonly known as a 404 request, the WP Security Audit Log plugin keeps a record of such request in the WordPress audit trail. As shown in the screenshot below, the Alert ID for 404 requests is 6007.
In case a non-logged in user requests a non-existing page, the WordPress plugin also keeps a record in the WordPress audit trail using Alert 6023, as shown in the below screenshot:
Note: Such requests are called 404 requests because the web server returns a HTTP 404 error when a non-existing page is requested. Refer to the list of HTTP Status codes on Wikipedia for more information.
Capturing the URLs That Generated 404 Errors to a Log File
By default the logging of 404 requests of non-WordPress users, i.e. website visitors is disabled. Only that of the WordPress users is enabled. This document explains how to change the logging options. Note that all of the below logging options are available for the individual alerts 6007 and 6023.
When the plugin detects a 404 request it also keeps a log of the URLs that were requested and generated a 404 HTTP error code. To either disable or enable the logging of 404 requests follow the below procedure:
- Navigate to the Enable/Disable Alerts node in the WP Security Audit Log plugin menu.
- Click thew WordPress & Multisite Management tab.
- Click the System Activity tab where all the WordPress system alerts can be found.
- Enable the option Capture 404 requests to file as seen in the screenshot below.
Automatically Purging Log Files
To automatically purge log files which are older than one month enable the option Purge log files older than one month which is marked with number 5 in the above screenshot.
Configuring the Number of 404 Requests to Log
By default the plugin will keep keep a log of 99 requests in the log file. Therefore if a logged in user from a specific IP address requests 100 non-existing pages the plugin will keep a log of the first 99 requests. Once 24 hours pass it will reset the count and starts counting again. To increase or decrease the number of logged non-existing pages requests (404 requests) specify the number of requests you’d like to keep a log of in the option Number of 404 Requests to Log, which is highlighted with the number 6 in the above screenshot.
Capturing the Referrer that generated the 404 Error
You can also configure the plugin to capture the referrer which has generated the 404 error. So if you have a broken link and your website visitors click on it, you know where the broken link is. To enable the logging of the referrer in the log file enable the option Record the referrer that generated the 404 error which is marked with number 7 in the screenshot above.
Analysing the 404 Requests in the Logfiles
All the log files with the 404 requests that WordPress users requested are saved in the below directory:
All the log files with 404 requests that non-WordPress users (website visitors) requested are saved in the below directory:
In case of multisite, they are saved in the uploads folder of that specific site on the network, for example:
The naming format of the log files is [Alert_id]_[yyyymmdd].log. The Alert_id can be either 6007 in case of the log file for WordPress users or 6023 in case of website visitors.