Do We Really Need the Joomla “System – User Log” Plugin?

Almost all Joomla administrators do not think about disabling any core plugins that are enabled by default – which is a fine approach, but not when you’re running a large site. Some of these plugins have very little use for many Joomla sites and, as such, they are better off disabled. Take, for example, the “System – User Log” plugin.

In essence, what this plugin does is that it logs the date (and time), the IP, and the reason of a failed login to the Joomla site. The values are recorded in an error.php file which is located under the $log_path (the $log_path is defined in the configuration.php file). On a WHM/cPanel based environment, the plugin logs invalid logins to the /home/[cpanel-user]/public_html/logs/error.php file or to the /home/[cpanel-user]/public_html/administrator/logs/error.php file.

The question is: do Joomla sites really need that?

For the sites that we manage (at itoctopus), we disable the System – User Log plugin as we don’t need the overhead of loading a whole plugin for logging failed logins, and this is because we use .htpasswd protection for backend logins, and, for the frontend (if a website allows frontend logins), we can track invalid logins (should we really need to) through Apache logs. In the past 5 years, we never ran into a situation where we needed to track an invalid login.

So, is there any noticeable performance gain from disabling this plugin?

In most cases – the performance gain is negligible. For high traffic sites, however, disabling the plugin should be considered necessary by the system administrator who must explore any possible strategy to reduce the load on the underlying server.

Are there any other benefits of disabling this plugin?

Reducing disk space usage on the server is another benefit. Let us give you a real life example: a couple of days ago, a new client contacted us and told us that their (cheap) host is asking them to reduce their disk footprint on the server. So, we examined the filesystem of their Joomla site and we noticed that the error.php file is taking almost 14 GB of disk space (yes, that’s fourteen gigabytes). The file was littered with garbage about unsuccessful logins (likely caused by a dictionary attack). Not only this garbage was in this particular file, it was also backed up every night which was taking even more space on the server. We addressed the problem by 1) adding an .htpasswd protection to the backend, 2) disabling the System – User Log plugin, and 3) deleting the error.php file.

Are there any benefits of leaving the plugin enabled?

The only benefit that we can think of is the fact that a very large error.php file indicates persistent brute force attacks (which is the case of our client above), which, in turn, indicates the fact that you should consider implementing this ModSecurity rule on your server to block such attacks. If you need help with the deployment of this rule on your server, then don’t be shy, just contact us. Our fees are affordable, our work is clean, and we are the friendliest Joomla developers in this solar system.

No comments yet.

Leave a comment