A while ago, I discovered a small and useful code snippet, which allowed you to capture all $_POST activity, related to your WordPress blog.

This might be useful when your WP-based website is experiencing a hacker attack. Or when you want to know where from is coming the biggest spam comment flood that try to drown your MySQL database in spam.

After using this small code snippet for a while, I discovered a way to improve it a little bit.

The original script didn’t show timestamps of the events recorded. I added this functionality, while leaving the original code almost the same.

If you want to use this updated version, feel free to copy the code:

$posty_ip = $_SERVER['REMOTE_ADDR'];
$the_file = $_SERVER['SCRIPT_NAME'];
$date_sub = date('Y-M-d @ H:i (O)');
if ( $posty_ip != "123.123.123.12" && $posty_ip != "123.123.123.23" ) {
  if ( !empty($_POST) ) {
    $fp = fopen( '/home/path/path-to-log.html', 'a' );
    foreach( $_POST as $key => $value ) {
	fwrite( $fp, $key.' = '.$value." 
\n" );
	}
    fwrite( $fp, "ip = ".$posty_ip." 
\n" );
    fwrite( $fp, "date = ".$date_sub." 
\n" );
    fwrite( $fp, "file = ".$the_file." 
\n" );
    fwrite( $fp, '================================================'." 

\n\n" );
    fclose( $fp );
  }
}

I also added HTML line breaks, as for me it was more useful to have an HTML log file.

The instructions where (and how) to place this code can be found in the original place. Still, it’s worth repeating: Be careful where you place the log file on your server!

I would also recommend to use a plugin, which encrypts passwords (you can download it from wordpress.org). This is not obligatory, but it is always wise to send passwords over http encrypted, and this plugin does exactly that (you don’t have to use https to be able to encrypt the passwords being sent).

Enjoy! :-)