The virtual cloud is a great feature for the MBL, but I can’t find the basic security features to go with it.
How can I tell who has accessed, or tried to access my MYBOOK Live?
I’ve looked through the dashboard/support/system-reports files, and found a limited-information error log. Other than that, I can’t a file that indicates (ideally) who accessed my cloud drive, what they accessed, and when.
I noticed the China IP security concerns reported on this board. I also noted the possible use of FTP instead of WD2GO so as to use FTP server logs.
Am I missing something? Does anyone from WD know if a future MYBOOK Live firmware release will address this? Any other workarounds?
I figured out how to SSH in (thanks to other posts here) and make the changes you outlined.
It’s logging a lot of info to “other_vhosts_access.log”. Including, by the looks of it, every folder-name listed by the session, not just the ones being entered. I shouldn’t be surprised - There had to be a reason this log was disabled. Still doesn’t seem to log the files being accessed.
Any suggestions on how to configure down the amount of info being logged? …and perhaps add the file-access info?
Yes, the logging is highly configurable. You’d need to consult the apache documentation on how to do that…
… and now you’re venturing into the world of being a testpilot, so make sure you understand what you’re doing and keep backups of the original configuration files…