Security: Log Leaking cross users

When logs are set to “1 day”, I can see logs leaking from other users. Example (I have not installed wordpress anywhere)

Hi thanks for reaching out. Can you please provide your site id/slug?

1 Like

I don’t think this has anything to do with “other users”. Seems like someone’s trying to access those paths on your website.


Ah, indeed. Maybe some bot?

as it is indeed quite frequently.

I have logged similar request on sites I have across various platforms. They are daily and frequent from IP addresses around the word. Likely bots (good/bad/otherwise) looking for potential weak spots in sites/systems.

1 Like

I believe that the theory expressed by @jasiqli is correct. I wrote up a longer answer that explains in more detail what is likely happening in the GH issue: Logs Leaking · Issue #4991 · netlify/build · GitHub

Thanks, answered to this with a default block proposal for such requests in the issue.