Feature Request: Add createdon createdby,etc to chunk,snippet and plugin tables #13258

Open
pepebe opened this Issue Jan 20, 2017 · 2 comments

Projects

None yet

3 participants

@pepebe
Contributor
pepebe commented Jan 20, 2017

Today I had a look at a compromised modx installation. Two plugins had been added to the installation causing pharmacy links to appear on the homepage.

The get to the root of problems like this, It would be very helpful to store information in the effected tables for all elements (plugins, chunks, tvs, templates and snippets):

  • createdon
  • createdby
  • editedon
  • editedby

For plugins it would also be useful to add

  • disabledon
  • disabledby

I see the following advantages for this feature:

  • It would make it easier to understand the context of changes to important parts of a MODX installation.
  • It would also be consistent with the way resources are treated.

Regards,

pepebe

@sottwell
Contributor

Did you check the manager actions log? They'll tell you who worked with what element and what action was performed on it and when.

screen shot 2017-01-20 at 15 50 06

@pepebe
Contributor
pepebe commented Jan 21, 2017 edited

@sottwell,
I'm aware about this. It seems that either the manager action log was limited to about 100 entries in prior versions (2.2.x), or the attacker removed all relevant data from the manager log.

I think consistent use of important data is always a good thing. It can help to solve minor problems in day to day work and in edge cases it might give an extra hint to understand important details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment