When a WordPress user requests a non-existing page on your WordPress website an HTTP 404 error is generated. The WP Security Audit Log plugin keeps a record of such request in the WordPress activity log. As shown in the screenshot below, the Event ID for users requesting non-existing URLs is 6007.
In case a non-logged in user (anonymous website visitor) requests a non-existing page, the WordPress activity log plugin also keeps a record of such event in the WordPress audit trail using Event ID 6023, as shown in the below screenshot:
Note: Such requests are called 404 requests because the web server returns a HTTP 404 error when a non-existing page is requested. Refer to the list of HTTP Status codes on Wikipedia for more information.
Capturing the URLs That Generated 404 Errors to a Log File
By default only the logging of 404 requests generated by WordPress users are logged. This document explains how to change the logging options. Note that all of the below logging options are available for the individual events 6007 and 6023.
When the plugin detects a 404 request it also keeps a log of the URLs that were requested and generated a 404 HTTP error code. To either disable or enable the logging of 404 requests follow the below procedure:
- Navigate to the Enable/Disable Events node in the WP Security Audit Log plugin menu.
- Click the WordPress & Multisite Management tab.
- Click the System Activity tab where all the WordPress system alerts can be found.
- Enable the option Capture 404 requests to file as seen in the screenshot below.
Automatically Purging Log Files
To automatically purge log files which are older than one month enable the option Purge log files older than one month which is marked with number 5 in the above screenshot.
Configuring the Number of 404 Requests to Log
By default the plugin will keep keep a log of 99 requests in the log file. Therefore if a logged in user from a specific IP address requests 100 non-existing pages the plugin will keep a log of the first 99 requests. Once 24 hours pass it will reset the count and starts counting again. To increase or decrease the number of logged non-existing pages requests (404 requests) specify the number of requests you’d like to keep a log of in the option Number of 404 Requests to Log, which is highlighted with the number 6 in the above screenshot.
Capturing the Referrer that generated the 404 Error
You can also configure the plugin to capture the referrer which has generated the 404 error. So if you have a broken link and your website visitors click on it, you know where the broken link is. To enable the logging of the referrer in the log file enable the option Record the referrer that generated the 404 error which is marked with number 7 in the screenshot above.
Excluding the logging of specific non-existing URLs when requested
You can also exclude the logging of specific non-existing URLs on your website. To do so refer to how to exclude the logging of specific HTTP 404 errors.
Analysing the 404 Requests in the Logfiles
All the log files with the 404 requests are saved in the below directory:
In case of multisite, they are saved in the uploads folder of that specific site on the network, for example:
The naming format of the log files is [Event_id]_[yyyymmdd].log. The Event_id can be either 6007 in case of the log file for WordPress users or 6023 in case of website visitors.