The virtual cloud is a great feature for the MBL, but I can’t find the basic security features to go with it.

How can I tell who has accessed, or tried to access my MYBOOK Live?

I’ve looked through the dashboard/support/system-reports files, and found a limited-information error log. Other than that, I can’t a file that indicates (ideally) who accessed my cloud drive, what they accessed, and when.

I noticed the China IP security concerns reported on this board.  I also noted the possible use of FTP instead of WD2GO so as to use FTP server logs.

Am I missing something?  Does anyone from WD know if a future MYBOOK Live firmware release will address this? Any other workarounds?

Thanks!

Those logs are disabled.

You can re-enable them if you edit the file

/etc/apache2/apache2.conf

and modify the line:

CustomLog /var/log/apache2/other_vhosts_access.log vhost_combined

… take out the leading “#”

and restart apache.

/etc/init.d/apache2 restart

Thanks TonyPh12345!

Well, I think I’m a lot closer to a solution.

I figured out how to SSH in (thanks to other posts here) and make the changes you outlined.

It’s logging a lot of info to “other_vhosts_access.log”. Including, by the looks of it, every folder-name listed by the session, not just the ones being entered. I shouldn’t be surprised - There had to be a reason this log was disabled. Still doesn’t seem to log the files being accessed.

Any suggestions on how to configure down the amount of info being logged?  …and perhaps add the file-access info?

Thanks.

Yes, the logging is highly configurable.   You’d need to consult the apache documentation on how to do that…

… and now you’re venturing into the world of being a testpilot, so make sure you understand what you’re doing and keep backups of the original configuration files…

Also remember that there is only 20Mb. One that is exceeded the RAMLOG service quits.

Thanks for the hints!

I’ll keep playing and see what I can get out of it!