Well, yes, of course. The correct way to use Admin Tools is to not be bombarded by email. The default configuration bombards you with email because I expect new users to make configuration mistakes which necessitate the constant nagging by emails to figure out what is wrong and address it. Once you get everything configured to your liking, it's time to stop these emails.
In the Configure WAF page you have several options which send email and I will tell you how I use them on my sites:
- Email this address on monitored configuration change. Enabled. I change component configuration changes infrequently and I want to know if something changes without me having explicitly made the change.
- Email this address on monitored files change. Enabled. These files only ever change when a core update is installed. If something changes without me having initiated a core update, I want to know right away!
- Email this address on Super Users change. Enabled. If a new Super User account is created without me doing it, either the site's got hacked, or a 3PD extension has cocked up big time!
- Email this address after an automatic IP ban. Disabled. Let Admin Tools do its thing.
- Email PHP Exceptions to this address. Disabled. I only enable this if I am actively troubleshooting an elusive issue.
- Email this address on blocked request. Disabled. Let Admin Tools do its thing.
- Email this address on successful backend login. Disabled. I am using administrator password protection, secret URL parameter, and all my backend users have MFA. I don't need to know if someone logged in; if they did, they have passed enough hurdles to guarantee they do have business being there.
- Email this address on failed administrator login. Disabled. This feature is there for the crazy people who run a site without administrator password protection, no secret URL parameter, no MFA on their user accounts, and want to see how often attackers try to do credentials stuffing (which, mind you, is QUITE A LOT).
- Email this address on increased blocked requests. Enabled, with site-specific settings. It gives me a heads up when a site is under sustained attack. To me, that's an actionable item: I will be actively monitoring my server and the site's Denial of Service protection.
- Send troubleshooting email on administrative functions. Disabled. This is "training wheels" for new users; I have no need for it.
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
