Regular scan and backups are core security measures. So pat on the back for doing a good job but you should also set up monitoring your website. Keeping a vigilant eye on everything that is happening on your WordPress website allows you to identify suspicious behavior at an early stage. This will help you thwart any possible malicious hack attacks before they actually happen and damage your WordPress website.
Introduction to WordPress monitoring (audit logs)
Monitoring is the process of “keeping an eye” on what is happening on your WordPress. You can do so by installing a plugin to keep a record of everything that happens on your WordPress website and multisite network in a WordPress activity log.
Why use a WordPress activity log plugin?
Before we dive into the plugin details let’s see what are some of the benefits you can take advantage of when keeping a WordPress activity log on your website:
Ease troubleshooting: Trying to troubleshoot a problem without logs is like finding a needle in a haystack. It is virtually impossible, especially when the users themselves do not cooperate. If you have a record of what happened exactly, i.e. who disabled a plugin, changed a widget, modified the content or deleted a post you can find out exactly what happened and who did what in just a matter of seconds.
Detect possible WordPress attacks: Before malicious hackers attack your website they try several tricks. For example, they scan your website, try a brute force attack etc. All of these actions leave a trace in the WordPress audit log and by knowing that someone is trying to attack your website you can take evasive action to thwart the attack.
Meet regulatory compliance requirements: Every business has to adhere to some regulatory compliance requirements. All industry sectors have them, be it finance, healthcare, e-commerce etc. One thing all these requirements have in common is logging – because of security and privacy issues, businesses are legally obliged to keep a record of what is happening on their websites.
There are several different plugins you can choose from for keeping a track of the activities on your site. We decided to try out WP Security Audit Log. The reason why we chose it is because its activity log is the most comprehensive one (the plugin is able to keep track of more than 350 changes on WordPress) among other reasons.
We used the plugin on one of our WordPress sites. We are going to discuss our experience with the plugin (hint: it was overwhelmingly positive). In this post, we are covering:
- Plugin setup
- Review of the Features:
- WordPress Activity Log
- Activity Log of file changes
- Review of the Management Tool:
- Email Alerts
- WordPress Users Sessions Management
- WordPress Activity Log Search & Filters
- WordPress Reports
- External Database & Integration Tools for the WordPress Activity Log
- Our thoughts on the plugin
Download the WP Security Audit Log Plugin
The WP Security Audit Log plugin is available for free on the official WordPress plugins repository. Getting started is very easy, simply install it and it will automatically start keeping a log of all the changes on your WordPress website.
Let’s dive in and see what makes the WP Security Audit Log plugin different and better than its competition.
Comprehensive WordPress Activity Log
What does a comprehensive WordPress activity log exactly means? Basically, the plugin was designed with security in mind so it reports all the details. Here are a few examples:
When a user changes the content of a post (page or custom post type), the author, date, add a tag, changes category etc, other activity log plugins report that the post was changed. WP Security Audit Log reports exactly what was changed, i.e. if it was the date, status, author, category etc.
A change in a post URL prompted a detailed report as seen in the screenshot below:
It also uses the WordPress versioning system to keep a record of content changes on blog posts and pages.
The same concept applies to for example WordPress users. While other plugins just keep a log that a WordPress user was updated, the WP Security Audit Log keeps a log of what was changed in the user, if it was the password, email address, display name etc.
Activity Log of WordPress Website File Changes
The WP Security Audit Log plugin is also the only WordPress activity log plugin that keeps a log of any file changes on your WordPress websites and multisite network. The plugin will keep a log of when a file is added, modified or deleted from the WordPress website. The WordPress files integrity checker is also fully configurable.
That’s it about the log, which is, of course, the main feature of the plugin. But in most cases, the WordPress audit log alone is not enough. You cannot keep your eye peeled on the audit log to identify suspicious behavior or track user’s performance. You need all the right tools that allow you to get on with your business but alert you when needed, to help you find what you need in a matter of seconds and keep you abreast of what is happening.
WP Security Audit Log has a complete suite of tools, available in the premium edition with which you can build a complete WordPress activity log solution and also integrate it in your enterprise central logging system. You can also build a WordPress intrusion detection system (IDS) if you want to! Let’s take a quick look at all these tools:
WordPress Email Notifications
You can configure your own email notification triggers so when a particular event/change happens on your WordPress website you are instantly alerted via email. It has its own trigger builder with which you can build the most complex of triggers, so, for example, you are notified when someone logs in outside office hours but not from a specific IP address.
It also has a number of built-in email notifications so you just need to tick a checkbox to enable them. All email templates are editable as well.
WordPress Users Sessions Management
This module allows you to see who is logged in to your WordPress website and also reports the changes every user is doing in real time. You can also use this module to control and limit multiple same user sessions and much more.
WordPress Activity Log Search & Filters
The WordPress activity log on busy websites can contain hundreds of thousands of events, so you need a text search capability to find what you are looking for, especially if you are troubleshooting a specific WordPress issue or doing forensic work. The plugin also has a number of filters to help you fine-tune the search results.
Executives, managers, supervisors and everyone likes reports. Reports allow you to get a good indication of how things are progressing without having to filter the data. The WordPress reports module in the WP Security Audit Log plugin allows you to generate any type of user, site (in multisite) and event report. You can also configure automatic generation and send daily, weekly, monthly and quarterly reports via email.
External Database & Integration Tools for the WordPress Activity Log
The WP Security Audit Log also has a suite of database and integration tools that allow you to store the WordPress activity log in an external database, configure archiving and mirror it to another database, Papertrail online service, and syslog. It also supports SSL connections.
For more details on these features, refer to this page.
Settings allow users to configure how the plugin works. For instance, you can restrict access to the plugin or add users who can manage the activity log plugin. There’s an option to exclude users, roles or IP addresses from being monitored among other things.
There’s an option to stop receiving alerts whenever a change is made to your site. Users can simply select the kind of alerts they want to stop receiving like when a post has been published, when a new category has been made, when a post has been approved or edited, etc. The plugin also tracks changes made in third-party services like the BBPress Forum, WooCommerce & Yoast SEO. Users can easily enable or disable notifications when changes are made in these services.
Support is available from the dashboard itself. One has to select Contact Us and uses will be taken to the support which is neat. We appreciate the disclaimer on the support page saying users will not be added to a mailing list without permission.
We have used a few log activity monitoring plugins but none of them offers a comprehensive audit log as WP Security Audit Log plugins does. It has a complete suite of tools that allows users to not just keep an eye out on what’s happening in a website but also helps manage the security of the site. A quick support from the dashboard for those who are facing issues is of great help.
Ready to Use WordPress Security Audit Log?