Title: sHub-Log
Author: SyntaxCloud
Published: <strong>2025년 4월 13일</strong>
Last modified: 2026년 7월 15일

---

플러그인 검색

![](https://ps.w.org/syntaxhub-securelog/assets/icon-256x256.png?rev=3527587)

# sHub-Log

 작성자: [SyntaxCloud](https://profiles.wordpress.org/syntaxcloud/)

[다운로드](https://downloads.wordpress.org/plugin/syntaxhub-securelog.1.2.7.zip)

 * [세부사항](https://ko.wordpress.org/plugins/syntaxhub-securelog/#description)
 * [평가](https://ko.wordpress.org/plugins/syntaxhub-securelog/#reviews)
 *  [설치](https://ko.wordpress.org/plugins/syntaxhub-securelog/#installation)
 * [개발](https://ko.wordpress.org/plugins/syntaxhub-securelog/#developers)

 [지원](https://wordpress.org/support/plugin/syntaxhub-securelog/)

## 설명

sHub-Log strengthens WordPress site security.

Main features:

 * Login attempt logging
 * Category-based detection (config scans, backdoors, plugin vulnerability scans,
   admin hacking, spam, and more)
 * Optional detection for malicious queries, high-volume requests, and REST API 
   abuse
 * Attack summary and detailed logs for a configurable period
 * Attack trend charts with selectable period and aggregation interval
 * CSV export and AJAX category filtering
 * Configurable attack log retention with WP-Cron cleanup
 * Attack spike email alerts with cooldown
 * Optional signed remote alert and scoring definitions from syn-c.jp
 * IP blocking after repeated failures
 * Configurable block duration and redirect URL
 * Admin dashboard for logs and IP management
 * Customizable rate-limit thresholds and windows
 * Optional attack-signal-only rate counting
 * Exclusion of logged-in users and verified search/AI bots from rate counting
 * Verified bot access logging (14-day retention, disabled by default)
 * Suspicious 404 flood detection
 * IP whitelist and trusted proxy support
 * Per-IP risk scoring (disabled by default)

## 설치

 1. Upload or install the plugin
 2. Activate the plugin
 3. Configure settings from the sHub-Log admin menu

## FAQ

### How do I unblock an IP address?

Open sHub-Log  Security Trend, scroll to Protected IP, and unblock the address from
the list.

### Does the plugin make external requests?

When attack spike alerts are enabled, the plugin may fetch alert definitions and
email templates from syn-c.jp. When remote scoring is enabled, it may fetch a signed
score-config.json from syn-c.jp. When verified bot exclusion is enabled, it may 
fetch published IP range JSON from bot vendors (cached for 24 hours). No attack 
logs, IP addresses, user information, or site content are sent to syn-c.jp.

### What should I check after updating to 1.2.6?

If you saved settings from Basic Settings or Bot Logging Settings before the settings-
group fix in 1.2.6, review Advanced Settings or use the Recommended settings button
on Basic Settings to restore factory defaults.

Recommended factory defaults:

 Setting
 Default

 Login attempt limit window
 5 minutes

 Login attempt limit count
 3

 Block duration
 60 minutes

 High-volume request threshold
 90/minute

 404 flood threshold
 30/5 minutes

 Attack spike email alerts
 OFF

 Risk scoring
 OFF

 Bot access logging
 OFF (search bot logging ON / AI bot logging OFF when enabled)

## 후기

이 플러그인에 대한 평가가 없습니다.

## 기여자 & 개발자

“sHub-Log”(은)는 오픈 소스 소프트웨어입니다. 다음의 사람들이 이 플러그인에 기여하였습니다.

기여자

 *   [ SyntaxCloud ](https://profiles.wordpress.org/syntaxcloud/)

[자국어로 “sHub-Log”(을)를 번역하세요.](https://translate.wordpress.org/projects/wp-plugins/syntaxhub-securelog)

### 개발에 관심이 있으십니까?

[코드 탐색하기](https://plugins.trac.wordpress.org/browser/syntaxhub-securelog/)
는, [SVN 저장소](https://plugins.svn.wordpress.org/syntaxhub-securelog/)를 확인하시거나,
[개발 기록](https://plugins.trac.wordpress.org/log/syntaxhub-securelog/)을 [RSS](https://plugins.trac.wordpress.org/log/syntaxhub-securelog/?limit=100&mode=stop_on_copy&format=rss)
로 구독하세요.

## 변경이력

#### 1.2.7

 * Admin UI refactor: WordPress submenus replace the single-page view mode bar (
   AIOSEO-style flyout menu).
 * English-only admin strings; text domain retained for future translations.
 * Split admin pages: Security Trend, Search Bot Trend, AI Bot Trend, Basic Settings,
   Advanced Settings, Risk Scoring Settings, Bot Logging Settings.
 * Chart legend colors now match summary card border colors via shared palette helpers.
 * Charts auto-scroll horizontally to center buckets that contain data.
 * Separate settings option groups for advanced and scoring pages to prevent accidental
   checkbox resets on save.

#### 1.2.6

 * Admin notice for 1.2.6 upgrade with settings verification guidance.
 * “Recommended settings” button to restore factory defaults from Simple and Advanced
   views.
 * FAQ note about verifying Advanced settings after updating from buggy 1.2.6 builds.
 * Added Bot Analytics view with verified bot access logging (14-day retention, 
   disabled by default).
 * Search bot logging defaults ON and AI bot logging defaults OFF when bot logging
   is enabled.
 * Bot Analytics shows separate search and AI trend charts and per-bot access summaries.
 * Fixed settings corruption when saving from Simple mode or Bot Analytics (split
   option groups so only visible fields are saved).
 * Redesigned admin view switcher: Simple / Advanced tabs on the left, Bot Analytics
   pill on the right; active view shown in black.
 * Renamed admin labels: measurement window terminology updated to measurement interval/
   frame wording.

#### 1.2.5

 * Split bot rate-count exclusion into separate Search bot (default ON) and AI bot(
   default OFF) admin toggles.
 * Expanded verified AI bot list: GPTBot, ChatGPT-User, OAI-SearchBot, ClaudeBot,
   Claude-Web, PerplexityBot, Perplexity-User, CCBot, Bytespider, Applebot.

#### 1.2.4

 * Added verified AI bot support (GPTBot, ChatGPT-User, ClaudeBot, PerplexityBot)
   to the rate-limit exclusion list. AI bots are verified against each vendor’s 
   published IP range JSON; search crawlers continue to use FCrDNS. User-Agent strings
   alone are never trusted.

#### 1.2.3

 * Security hardening: neutralized CSV formula injection in the attack log CSV export.
 * Hardened the blocked-IP redirect by re-applying esc_url_raw() to the admin-configured
   redirect URL.
 * Replaced date() with gmdate() when computing the IP block expiry for timezone-
   consistent behavior.

#### 1.2.2

 * Attack trend chart now supports Analytics-style period selection: 24 hours, 7
   days, 14 days, and 21 days (default: 7 days).
 * Chart buckets are aligned to on-the-hour boundaries (hourly) or calendar days(
   daily).
 * Aggregation interval options: 1 hour, 3 hours, 6 hours, and 1 day.

#### 1.2.1

 * Added Simple mode and Advanced settings views for the admin screen, with per-
   user view preference persistence.
 * Simple mode shows essential settings only.

#### 1.2.0

 * Added per-IP risk scoring (disabled by default).
 * Signal weights, accumulation window, and record/block thresholds are configurable
   from the admin screen.
 * Added optional retrieval of a signed scoring definition from syn-c.jp.

#### 1.1.9

 * URL normalization before pattern matching.
 * Suspicious 404 flood detection with configurable threshold and window.
 * Configurable high-volume request threshold and time window.
 * Option to count only requests with attack signals toward rate limiting.
 * Exclusion of logged-in users and verified good bots from rate counting.
 * IP whitelist and trusted-proxy support.
 * Relaxed default thresholds (90 for high-volume requests, 30 for 404 floods).

#### 1.1.8

 * When the previous attack count window is zero, attack spike alert emails now 
   show N/A and an explanatory note instead of a misleading multiplier.

#### 1.1.7

 * Refined the attack spike alert email wording for more accurate IP protection 
   messaging.

#### 1.1.6

 * Updated the built-in fallback email template for attack spike alerts.

#### 1.1.5

 * WordPress 7.0 compatibility display update.
 * Admin display order and copy updates.

#### 1.1.4

 * Added 24-hour attack trend chart.
 * Attack spike email alerts and remote alert definition support.

#### 1.1.2

 * Fixed PHP 8 formatting error in admin period labels.

#### 1.1.1

 * Renamed plugin to sHub-Log.
 * CSV export and AJAX category filtering.
 * Attack log table indexes maintained on upgrade.

#### 1.1.0

 * Category-based attack log table.
 * Suspicious 404, malicious query, rate limit, and REST API abuse detection.
 * Attack summary, log retention settings, and auto IP blocking.

#### 1.0.3

 * Security hardening: nonces, sanitization, and safer SQL.

#### 1.0.2

 * Log deletion improvements and UI updates.

#### 1.0.1

 * Initial bug fixes and admin improvements.

#### 1.0.0

 * Initial release.

## 기초

 *  버전 **1.2.7**
 *  최근 업데이트: **2일 전**
 *  활성화된 설치 **10+**
 *  워드프레스 버전 ** 5.0 또는 그 이상 **
 *  다음까지 시험됨: **7.0.1**
 *  PHP 버전 ** 7.2 또는 그 이상 **
 *  언어
 * [English (US)](https://wordpress.org/plugins/syntaxhub-securelog/)
 * 태그:
 * [IP-blocking](https://ko.wordpress.org/plugins/tags/ip-blocking/)[protection](https://ko.wordpress.org/plugins/tags/protection/)
   [security](https://ko.wordpress.org/plugins/tags/security/)
 *  [고급 보기](https://ko.wordpress.org/plugins/syntaxhub-securelog/advanced/)

## 평점

아직 제출된 리뷰가 없습니다.

[Your review](https://wordpress.org/support/plugin/syntaxhub-securelog/reviews/#new-post)

[모든  리뷰 보기](https://wordpress.org/support/plugin/syntaxhub-securelog/reviews/)

## 기여자

 *   [ SyntaxCloud ](https://profiles.wordpress.org/syntaxcloud/)

## 지원

할 말 있으신가요? 도움이 필요하신가요?

 [지원 포럼 보기](https://wordpress.org/support/plugin/syntaxhub-securelog/)