I have the various WordPress firewall rules enabled for my site, including rule WP0020 “Disable WAF for Verified VaultPress backup requests” as I use that plugin. The Firewall Events log is full of 100s of WP0020 entries every day for a range of IPs, which makes it difficult to use the log (or filter the noise from it), short of either:
- Manually going through every page of the event log; or,
- Manually searching for specific rules I think may generally be triggered.
Neither of these is particularly ideal as I’m likely to miss something critical.
It’d be awesome if I could:
- Filter events by Action Taken so that I can either show or hide whitelist actions;
- Sort the table by any column; and,
- Add additional event filters for Location and Date Range (in addition to #1 above and the existing Ray ID, IP Address, and Rule ID) as it’s occasionally useful to narrow the result set down by such criteria.
This would allow me to easily filter out the noise of the VaultPress rule and surface important events that actually need my attention.