The CleanTalk Security Service FAQ
Features
Getting prepared
- Is the plugin compatible with WordPress MultiSite (WPMS or WordPress Network)?
- Why do you need Access key?
Payment
- Is it free or paid?
- What happens after the end of the trial period?
- Is there any auto-payment or auto-extension service?
Working with Security
- How can you test the CleanTalk Security Plugin?
- How to control security activities on your website?
- Is it possible to set a custom e-mail for notifications?
- How to enable e-mail notifications when administrators log in?
- How to use Security Log?
- How to use Security Firewall?
- How to use Security FireWall Log?
- How to bypass a CleanTalk Blocking Screen if I'm the owner of the website?
- Where can I get the list of cookies that the plugin uses?
- My SecFireWall IP database is not updated. Why?
- I did not receive an email notification of scan results.
- Renewed the license recently, but still receiving renew notifications
- Do you hold any ISO or SOC2 accreditation?
- Where do you hold information? e.g. server locations
- How do you protect data held on the servers? e.g. Is it encrypted, how many employees have access, is access managed by permission levels?
- Does CleanTalk allow traffic over HTTP?
- Do network interactions use TLS and AES?
- How do you manage vulnerabilities?
- How do you manage incidents and disaster recovery?
- Any other security information you think might be useful for our committee to approve this product?
- Why Are Website Forms in the <iframe> Tags Considered Suspicious?
- How to Change the URL of the wp-login page
- Does the Security plugin for WordPress inform about Removed or Abandoned Plugins?
How can you test the CleanTalk Security Plugin?
Please, use the wrong username or password to log in to your WP Admin Panel to see how the Security Plugin works. Then log in with your correct account name and see the Security Logs of the last actions on the plugin's settings page. Also, the Audit Log will display the last visited URLs of the current user.
- Make a fake attempt to log in to your website with the wrong admin username or password.
- Go to your Security Dashboard -> Click the link "settings" below the URL of website -> Click the link "Testing Security FireWall"
- You will see your actions in the Security Plugin Log in your WordPress Admin Panel.
- When anyone logs in to your website as an administrator, you will receive email notifications about it.
Alternative way to check Security FireWall: use test URL link like this: YourWebsite.com/?spbct_test="MD5_HASH_FROM_YOUR_ACCESS_KEY"&spbct_test_ip=10.10.10.10
To get MD5 hash from your Access key, please use this tool: https://www.tools4noobs.com/online_php_functions/md5/
Your attempts will be shown in both of your Security Logs: on the plugin's settings page and in the CleanTalk Security Dashboard.
The plugin sends the log to your CleanTalk Dashboard once per hour but if you re-save plugin settings, the log will be sent immediately.
Is the plugin compatible with WordPress MultiSite (WPMS or WordPress Network)?
Yes, the plugin is compatible with WordPress MultiSite.
Is it free or paid?
The plugin is free.
But the plugin uses the CleanTalk Cloud Security Service. You have to register an account and then you will receive a free trial to test. When the trial (on the CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate the Security Plugin. If you haven’t got Access key, the plugin will still work and you will have logs only on the plugin's settings page for the last 20 actions.
Is there any auto-payment or auto-extension service?
Yes, auto-payments are available for Security annual subscription [https://cleantalk.org/price-wordpress-security
You can enable auto-payments at the moment of purchasing/renewal subscriptions only, use the page “Billing”: https://cleantalk.org/my/bill/recharge
You can disable auto-payments anytime with the appropriate link on the page “Payments/Invoice”: https://cleantalk.org/my/payments
Keep in mind that you can change your preferred method of payments in your PayPal account. Do the following:
• Go to the Summary page of your PayPal account. Click the three vertical dots next to your "PayPal balance" title and choose "Manage currencies".
• Then choose a payment method you want and click "Set as preferred". See the screenshots below for clarification.
More details are here:
• What payment methods can I use with PayPal?
• How do I change my payment method during checkout?
How to control security activities on your website?
Go to your CleanTalk Profile —> Log. Use filters to sort data for analysis.
The details are here: https://cleantalk.org/security-log
Is it possible to set a custom e-mail for notifications?
Yes, it is possible. Go to your CleanTalk Profile —> Change Email: https://cleantalk.org/my/change-email
How to enable e-mail notifications when administrators log in?
Do you want to receive a notice each time a user with administrator rights logs into your WP Dashboard? We have added this option. Now you can receive notifications if you want to know about an unauthorized entrance to your WP Dashboard.
You will receive an email notification when a user can log in using the correct login and password from a new device. The last 3 devices are remembered. If you are logged into the admin panel from the saved session the alert won't be sent.
You can enable this option in your CleanTalk Dashboard:
- Log in to your CleanTalk Profile and switch to your Security Dashboard. Direct link — https://cleantalk.org/my/?cp_mode=security
- Click “Settings” under the name of your website.
- Enable the option "Receive notifications for admin authorizations in site backend".
- Click the button "Update".
Why do you need Access key?
Access key allows you to keep statistics up to 45 days in the CleanTalk Cloud, to get other additional settings and to have more possibilities to sort the data for analysis. Our plugin evolves to Cloud Technology and all its logs are transferred to the CleanTalk Cloud. Cloud Service takes data processing, data storage, and allows you to reduce your webserver load.
What happens after the end of the trial period?
The plugin will be fully functional after the end of the trial period, will be protecting your website from brute-force attacks, and will keep Action Log in your WP Dashboard, but the number of entries in the log will be limited to the last 20 entries/24 hours. Also, you will be receiving a short version of the Daily Security Report to your email instead of a full one.
Premium version allows you to store all logs for 45 days in your CleanTalk Dashboard.
How to use Security Log?
Please, read the guide here: https://cleantalk.org/help/security-log
How to use Security FireWall Log?
Please, read the guide here: https://cleantalk.org/help/secfw-log
How to use Security Firewall?
Please, read the guide here: https://cleantalk.org/help/security-firewall
What is Traffic Control and how to use it?
CleanTalk Security Traffic Control tracks every single visitor in real-time no matter if they are using JavaScript or not providing many valuable traffic parameters such as:
- Date and time of the visit to your website;
- Spent time on your website;
- IP-addresses;
- Source country;
- Browser;
- Operational System;
- Type of the visitor — Visitor, Search Bot, different bot, suspicious bot, and so on;
- The number of visited pages.
This option can block IP-address automatically if the threshold of the average quantity of visited pages was exceeded.
To enable this option, please, do the following:
- Go to your WordPress Administrator Panel —> Settings —> Security by CleanTalk.
- Go to the tab General Settings.
- Enable the option "Traffic Control" and click the button "Save Changes".
- Go to the tab "Firewall", the tooltip above the table should say "Traffic Control is active". Now you will see the list of all your visitors in the Firewall table.
What is the Outbound links scanner and how to use it?
This option allows you to let know the number of outgoing links from your website and websites on which they linking to. All websites will be checked by our Database and will show results if they were used as links in spam messages. It allows you to check your website and find hidden links or spam links.
To enable this option, please, do the following:
- Go to your WordPress Administrator Panel —> Settings —> Security by CleanTalk.
- Go to the tab General Settings.
- Enable the option "Scan links" and click the button "Save Changes".
How to bypass a CleanTalk Blocking Screen if I'm the website owner?
You as a website owner or as a website administrator could see a CleanTalk Blocking Screen after installing and activating the CleanTalk Security Plugin. Possible reasons could be:
- You or anybody else with the same IP-address tried to log in to your website backend and failed to do that more than 10 times in a row. That will trigger automatic blacklisting of your IP for 24-48 hours.
- You use the IP-address from a very spam active subnet or Autonomous System (AS).
- You or anybody else who has access to your CleanTalk Control Panel added your IP to your Black List by accident or on purpose.
To regain access to your website backend, please, do the following:
1) Use special parameter "/?access=AUTH_KEY". Perform these steps:
- Go to your main website page.
- Add the parameter with your Security Access key to your website address. Example: http://MyWesbite.com/?access=abc123
- You can see your Security Access key (i.e. API Key) here in your CleanTalk Control Panel: https://cleantalk.org/my/?cp_mode=security
- After that, you will have full access to your website for 20 minutes.
2) Delete the plugin's folder "security-malware-firewall". Perform these steps:
- Log in to your Hosting Account.
- Locate the folder of your website.
- Delete the Security Plugin's folder here: /wp-content/plugins/security-malware-firewall
- Refresh your website login page, the blocking screen should disappear.
Please, whitelist your IP or delete it from your personal Black List.
If you still have problems with regaining access to your website, please, contact us by creating a private support ticket: https://cleantalk.org/my/support/open
Where can I get the list of cookies that the Security plugin uses?
The list of the cookies that the plugin uses you can find on this special page.
You can download Security & Firewall by CleanTalk here:
https://wordpress.org/plugins/security-malware-firewall
My SecFireWall IP database is not updated. Why?
We use remote calls to the plugins to quickly update the plugin's firewall base. Calls come from CleanTalk servers netserv2.cleantalk.org and netserv3.cleantalk.org. Calls look like:
SecFireWall
/?spbc_remote_call_token=SOME_TOKEN&spbc_remote_call_action=update_security_firewall&plugin_name=spbc
requested the following type of files:
sfw_data_SOME_KEY.csv.gz
Please make sure that these calls are not blocked by any security software like ModSecurity or any restrictions in the ".htaccess" file. In case if you need the actual IP database right now you can re-save the plugin's settings in your website Admin Panel. Also, the database will be updated once a 24h automatically by a СRON job.
I did not receive an email notification of scan results.
The report will be sent by email within 10 minutes if any dangerous files are detected. You can view the results of each scan here:
https://cleantalk.org/my/logs_mscan
Renewed the license recently, but still receiving renewal notifications.
- CleanTalk provides two services: Anti-Spam and WordPress Security & FireWall. Probably, you have obtained the Anti-Spam license as a gift from CleanTalk. Check what exact service sends these notifications and use this guide to renew the correct license.
- Check if you have more than one CleanTalk account. To merge accounts, please contact us.
Do you hold any ISO or SOC2 accreditation?
No, we didn't qualify as ISO or SOC2 compatible organization.
Where do you hold information? e.g. server locations
All data is stored on servers in Falkenstein, Germany. Vint Hill, United States.
How do you protect data held on the servers? e.g. Is it encrypted, how many employees have access, is access managed by permission levels?
No, data at the servers is not encrypted. Employees have limited access to data, regarding their work duties.
Does CleanTalk allow traffic over HTTP?
Yes, CleanTalk allows HTTP connections from sites to the cloud. But HTTPS is enabled by default on all new installations.
Do network interactions use TLS and AES?
Sure, all interactions between our serves are TLS encrypted.
How do you manage vulnerabilities?
We use some applications to mitigate brute-force attacks, SQL injections, and unauthorized access to the data. As well as we have a bug bounty program.
How do you manage incidents and disaster recovery?
We allocate our servers in different geo locations, so it helps to prevent any network issues as well as serve user's requests from the closest location to a customer.
Any other security information you think might be useful for our committee to approve this product?
We do our best to provide secure service for customers.
Does the Security plugin for WordPress inform about Removed or Abandoned Plugins?
No, it does not. However, it has a function that informs users about known vulnerabilities among installed plugins and themes. You can turn this option on,
WordPress console -> Settings -> Security by CleanTalk -> General Settings -> Modules vulnerability detection
This feature helps to stay secure, even if a plugin does not have updates for a long time frame.
If you haven't found the answer to your question, please, contact our support team https://cleantalk.org/my/support/open
It would also be interesting
- The CleanTalk Malware Scanner for WordPress. How it worksThe CleanTalk Malware Scanner for WordPress Quarantine Can files like OTF or ICO, JPEG,...
- CleanTalk Security. How to use Security FireWall LogHow to Use Security FireWall Log 1. First go to your Security Dashboard. Choose "Site Security"...
- How CleanTalk Anti-Spam Works. Manuals, Questions and Answers.CleanTalk Help Manuals, Questions and Answers Anti-Spam Service Premium Notice is still shown...