Managing the WordPress activity log plugin privileges

Search Knowledge Base by Keyword

You are here:

The WP Activity Log plugin has two types of privileges:

View activity log

Users who have View activity log privilege can only view the WordPress activity log and search in it. However, they cannot change any of the plugin settings. This is a read only privilege.

Manage the plugin

Users who have the manage the WP Activity Log plugin privileges can view the WordPress activity log and also configure the plugin’s settings. In the premium edition of the plugin these users can also configure the premium features such as the WordPress reports tool and configure WordPress email & SMS notifications.

By default all the users with an administrator role can manage the plugin. However, this can also be changed.

Default WP Activity Log plugin privileges

Single site WordPress installation

On a single site WordPress installation, only users with administrator role can view the WordPress activity log and manage the plugin settings.

WordPress multisite network installation

In a WordPress multisite network, users with Super Admins role can view the activity log and manage the plugin settings. Child site administrators can view the activity log of the site they have admin access to. Refer to the WordPress multisite activity log plugin for more details on multisite network setup.

Configuring the activity log and plugin privileges settings

Single site WordPress installation

In a single site WordPress website installation you can configure the privileges from the plugin’s settings page.

Configuring the plugin & activity log privileges

On a single site you can:

  • restrict the plugin settings (manage plugin privilege) to just your user, so other users with administrator role cannot change the plugin settings or view the activity log,
  • allow other users of any role to view the activity log.

WordPress multisite network installation

In a multisite network WordPress setup, you can configure the privileges from the plugin’s settings page, which are only available from the network dashboard.

Configuring the plugin & activity log privileges

On a multisite network you can:

  • restrict the plugin settings (manage plugin privilege) to just your user, so other super administrators on the network role cannot change the plugin settings or view the activity log,
  • specify if only the super administrators, or also the super administrators and child site administrators can view the activity log,
  • allow other users of any role to view the activity log.

Hiding WP Activity Log from the “installed plugins” list.

As an additional level of security, our plugin allows you to hide it from the list of installed plugins (found under Plugins in your WordPress dashboard).

To hide our plugin from the list of installed plugins, head to the Hide Plugin in Plugins Page option found in the General tab of our plugins settings and select Yes from the provided choice. Once done, any one visiting this admin area will no longer see WP Activity Log listed as an installed plugin, avoiding the possibility of an unwanted deactivation/deletion by another site administrator.

Note: when there is an update available and the plugin is hidden, only the users who have access to the plugin can see the available update.

Using the plugin & activity log privileges for better security

Activity logs are a must have for any business. However, the data stored in them is of sensitive nature. Be very careful when configuring these privileges and only allow access on need to know bases. The same applies to the plugin settings. Changes in the plugin’s settings can tamper the activity log. So it is imperative that you only allow trusted site administrators to manage the plugin and its settings.