Ever wished that you had more information about what’s happening inside your WordPress dashboard?
If you run a site where you allow other contributors to access the dashboard, you might want to know what those people are doing – like whether they edit a post, or upload an image.
Or, even if you’re the only person with access to your dashboard, you might want some type of monitoring to make sure that a malicious user doesn’t get your account credentials somehow and start editing things, or that your plugins aren’t making malicious edits to your site’s database.
In both cases, a WordPress security audit log plugin can help you stay on top of everything that’s happening. It will give you a list of all the actions users, plugins, and themes perform in your WordPress dashboard, which will help you:
- Monitor Activities inside WordPress dashboard
- Spot suspicious behavior
- Stay organized
- Easier auditing of WordPress changes
In this post, I will show you how to add a security audit log to your WordPress site using a free plugin called WP Security Audit Log. I have been using this plugin for almost a year at ShoutMeLoud, and it has become an integral part of the list of must have WordPress plugins.
As a blog admin, this plugin is going to be very handy. If you are a freelancer or an agency who manages WordPress for their client or setup WordPress based websites, you should install this plugin and audit the log once in a while to ensure everything is alright.
What Can You Track With A Security Audit Log Plugin?
Using a security audit log plugin, you’ll be able to track when any WordPress user performs any of the following actions:
- Post, page, or custom post type changes
- Tag or category changes
- Widgets or menu changes
- User profile changes
- User activity (like logins, logouts, failed logins etc.)
- WordPress core and settings changes
- Plugin and theme changes
- Database changes (including those made by plugins and themes)
- Changes for some popular plugins, like WooCommerce or bbPress
And for every single change, you’ll be able to see the:
- Username of the person who made the change
- Date and time when the change happened
- IP address of the user who made the change
Below, I’ll show you how you can get started with your own security audit log.
How To Create A Security Audit Log On Your WordPress Site
To create a WordPress security audit log for free, you can use the WP Security Audit Log plugin. This popular plugin is listed at WordPress.org and is active on over 70,000 sites while maintaining a 4.7-star rating. They also have a premium version that one can consider if they want advanced features. Here at ShoutMeLoud, I’m using the free version.
To get started, install and activate the plugin at your site. Once you’ve done that, here’s how to configure and use it…
Configuring The WP Security Audit Log Setup Wizard
Once you install and activate the WP Security Audit Log, it should automatically launch a setup wizard:
Click Start Configuring the Plugin to begin the process.
Next, you’ll choose the level of logging you want. If you’re just running a regular blog, the Basic level is probably enough:
The main difference is that Geek adds logging for more niche activity like:
- Changing widget positions
- Changing menus
- Enabling trackbacks
- Editing database tables
Geek is a good option, especially for security-conscious sites, but again, Basic should be fine for most bloggers.
Read this post for a full list of the differences between the two tracking levels.
Once you’ve selected your logging level, you can choose how long you want to keep the data for. I recommend using 6 months or 12 months to avoid using too much database storage space. If you want to keep all of the data, then you need the premium version as it allows you to use a separate external database to store your logging data:
Next, you can choose who has access to view your activity log. By default, only Administrators can view the log. But if desired, you can grant access to specific users or other user roles.
Unless you know someone else needs access to the logs, I recommend leaving this setting at the default (“No”):
Finally, on the Exclude Objects page, you can exclude specific users from being logged. If desired, you can use this to exclude yourself from logging. I recommend not doing this, though, as there’s a benefit to tracking yourself because you can see if anyone has gained unauthorized access to your account:
What you can do, though, is exclude your own IP address. That way, you can still see if someone else uses your account.
Once you click Next, you’ll see a success screen and you’re all finished with the setup process.
Viewing And Using The Activity Log
Once you finish the setup wizard, your activity log will start monitoring all the activity on your site.
To view a live stream of the activity, go to Audit Log → Audit Log Viewer in your WordPress dashboard:
This view will show you a basic look at all of the activity on your site.
The Severity column will show you how potentially critical a change is. Note that a severe rating isn’t necessarily bad – it just means that you should pay special attention to make sure that the activity was authorized.
And the User and Message columns will tell you who made the change and what the change was in plain English.
If you want to see more information about a specific event, you can click on the ‘…’ icon to open a more detailed view:
The more detailed view is only really helpful for developers – but it does provide all of the relevant information if needed.
That’s pretty much all there is to using the log – it’s quite simple!
Over the time, you should enable/disable the events that matter to you. This will ensure that you see only useful logs.
Features of Premium version of WordPress Security audit log plugin:
The free version of WP Security Audit Log makes a great option for most sites, especially blogs. In many scenarios, such as, for agencies, for the WooCommerce WordPress site, a premium version would be more appropriate. I have shared the pricing chart in the later section of this article. For now, this chart shows the difference between the free version and various premium version plans:
Here I’m highlighting three features among many, that offers maximum value:
Notifications And Reports
To make monitoring your activity log easier, the premium version lets you:
- Send email notifications whenever a user takes a specified action
- Create reports that highlight certain activity. You can also have these reports emailed to you on a specific timeline.
Logged In User Control
The premium version lets you see a list of all the users who are currently logged in to your WordPress site. It also lets you see where they’re logging in from. And if needed, you can terminate their current session (log them out) with the click of a button.
If you want to keep a permanent log, it’s better for performance and storage to use an external database, instead of your WordPress site’s database. The premium version lets you do this, and it also lets you mirror your audit logs to other tools like Syslog or Papertrail.
Final Thoughts On Creating A WordPress Security Audit Log
Using a WordPress security audit log helps you keep your site more secure and monitor what actions users take on your site.
With a plugin like WP Security Audit Log, you can get this functionality for free and the setup takes just a few minutes to start logging.
And while some especially security-conscious sites might want the premium version of the plugin, the free version should work fine for most sites, especially blogs.
Do you have any other questions about how to create a security audit log on WordPress? Let us know in the comments!
Here are a few hand-picked WordPress plugins that you should check out next:
- How To Improve WordPress Performance With Advanced Database Cleaner Plugin
- Best WordPress Security Plugins To Protect WordPress Blog
- Best WordPress Backup Plugins For Automated Backup: 2019