latest stable versions: v150827 (changelog)

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.

How to hide 'EXPDATE' & 'CVV2' from Log.

Home Forums Community Forum How to hide 'EXPDATE' & 'CVV2' from Log.

This topic contains 4 replies, has 2 voices. Last updated by  Cristián Lávaque 3 years, 10 months ago.

Topic Author Topic
Posted: Tuesday Mar 5th, 2013 at 10:52 am #43788
Deyson Ortiz
Username: deyson

Is this information needed in the PayPal API Log? I just fee this information should not be stored anywhere.

Is there a way to eliminate this or at least replace it with ‘XXX’

Thank you :)

List Of Topic Replies

Viewing 4 replies - 1 through 4 (of 4 total)
Author Replies
Author Replies
Posted: Friday Mar 8th, 2013 at 4:04 am #44036

Hi Deyson.

I can understand. You can disable logging, or you’ll have to edit the source files.

I did a search for the string [hilite mono]paypal-api.log[/hilite] in the files and found it in s2member/includes/classes/paypal-utilities.inc.php. As you can see there, the log just gets an export of all the vars available. You’ll need to edit those before they get put in the log.

So the edited file doesn’t get overwritten on update, you can work on a copy of the file in your must-use plugins directory. /wp-content/mu-plugins/

I hope that helps. :)

Posted: Friday Mar 8th, 2013 at 6:50 am #44054
Deyson Ortiz
Username: deyson

Thank you for your help! :)

Posted: Friday Mar 8th, 2013 at 6:53 am #44055

No problem. :)

Posted: Friday Mar 8th, 2013 at 7:00 am #44056

By the way, here’s something Jason told me related to securing logs:

Aside from disabling logs completely, another thing a site owner can do to improve security is to move their log directory to a more secure location (i.e. to a folder outside of the web space).

Please create this directory and file:
/wp-content/mu-plugins/s2-hacks.php
See: http://www.s2member.com/kb/hacking-s2member/

<?php
add_filter('ws_plugin__s2member_logs_dir', 's2_logs_dir');
function s2_logs_dir($what_s2_says)
{
    return '/absolute/path/to/my/secure/logs/dir';
}
Viewing 4 replies - 1 through 4 (of 4 total)

This topic is closed to new replies. Topics with no replies for 2 weeks are closed automatically.

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.

Contacting s2Member: Please use our Support Center for bug reports, pre-sale questions & technical assistance.