Easily Monitor WordPress Themes and WordPress Settings Changes

Track and keep an audit of every change on your WordPress and WordPress multisite installations easily with WP Activity Log, the most popular WordPress security monitoring plugin.

WP White Security is happy to announce a new revamped version of WP Activity Log; the most popular WordPress security monitoring and auditing plugin is finally out of beta and is available for download from the WordPress repository plugin page. Here is an overview of what is new and improved in Version 1.0 of WP Activity Log.

WordPress Security Monitoring Just Got More Robust and Better

We have learnt a lot since we launched the first version of WP Activity Log plugin 9 months ago, and we decided to put what we have learnt into practise. Version 1.0 of WP Activity Log is a complete rewrite of the plugin. Version 1.0 is much more stable and robust when compared to its predecessors. Version 1.0 also allows us to scale the plugin much better, so expect a number of new and cool features in the near future, such as searching, filtering, alerting and reporting.

Granular WordPress Monitoring and Detailed Security Alerts

With this new version of WP Activity Log we take WordPress monitoring to the next level. Unlike other WordPress monitoring plugins, WP Activity Log reports extensive details in the WordPress alerts. For example while other plugins will alert you that a page was changed, WP Activity Log will alert you about what was changed in the page, such as the author, date, template and much more. Such details are really important especially if you need to trace back suspicious behaviour or a malicious WordPress hack attack.

Monitor Themes and Plugin File Code Changes

Version 1 of WP Activity Log keeps a record of who is using the WordPress in-build editor to modify themes and plugins files. The modified filename will also be reported so you can easily track down any website breakdowns, plugin or theme code modifications, or a malicious code injection and other similar WordPress hacks.

Monitor WordPress Settings

WordPress security alerts will be generated when WordPress is updated or when the WordPress permalinks are changed. WP Activity Log also monitors several other WordPress settings changes as explained in the section WordPress Settings and System Security Alerts.

Monitor WordPress Themes

In this new version of WP Activity Log WordPress administrators can also monitor the WordPress themes; a WordPress security alerts are generated when a new theme is installed or when a theme is activated on WordPress.

Granular Monitoring of WordPress Pages

An alert advising you that a WordPress page was modified is not enough. The new version of WP Activity Log alerts WordPress administrators even when a page’s template or parent is changed. For more detailed information about WordPress pages monitoring alerts refer to the WordPress Pages Activity Security Alerts section.

New Audit Log Viewer

The Audit Log Viewer has also been revamped. It will auto refresh upon new activity; hence administrators do not have to click the refresh button to view the latest alerts generated by the latest activity.

Audit Log Viewer in WordPress user monitoring plugin

New Developer Tools

The new version of the WordPress monitoring plugin is also shipped with a number of new developer tools which allow WordPress developers and administrators to get more information about the alerts, monitor and get alerted of WordPress and PHP errors and much more.

WordPress Security Alert Data Inspector

Once enabled from the settings, the Alert Data Inspector allows developers and administrators to see more detailed information about each alert generated by the plugin, such as the user-agent string, the user ID and more as seen in the below screenshot.

WordPress Security Alert Data Inspector

PHP Errors

By enabling the developer option PHP errors from the plugin settings, WP Activity Log will also generate an alert about all the PHP errors, warnings, notices, exceptions and shutdown. Such features come in handy for anyone developing a theme, plugin or other extension on WordPress. A screenshot of a PHP shutdown alert is shown below.

PHP Error reported in WP Activity Log

Request Log

Enable the Request Log from the plugin settings to log all the HTTP GET and POST responses sent to your WordPress and WordPress multisite websites to a log file. The log file Request.log.php is created in the plugin directory and is using a PHP extension for security reasons; if someone guesses the log file name it cannot be downloaded like a normal log file, thus exposing sensitive details about the WordPress blog or site.

List of New WordPress Security Alerts Introduced in this Version

Below is a list of new WordPress security alerts that are generated by the plugin when such activity is noticed:

  • Alert 2046: User modified a file using the editor
  • Alert 2047: User changed parent of page
  • Alert 2048: User changed template of page
  • Alert 2049: User set post as sticky
  • Alert 2050: User removed post from Sticky
  • Alert 5005: User installed a new theme
  • Alert 5006: User activated a theme
  • Alert 6004: User upgraded WordPress
  • Alert 6005: User changed the WordPress permalinks

As explained in the previous section, the new version of WP Activity Log can also monitor PHP activity and errors, thus making it a handy tool for WordPress developers. Below is a list of alerts that monitor PHP errors:

  • Alert 0000: Unknown error
  • Alert 0001: PHP error
  • Alert 0002: PHP warning
  • Alert 0003: PHP notice
  • Alert 0004: PHP exception
  • Alert 0005: PHP shutdown error

For a complete list of WordPress security alerts and WordPress activity that WP Activity Log can monitor and keep an audit of refer to the Complete List of WordPress Security Alerts.

Download WP Activity Log Plugin

Download the WordPress security monitoring plugin WP Activity Log from the official WordPress plugin repository and start monitoring your WordPress and WordPress multisite installations today. For more details about the WordPress activity that WP Activity Log plugin can monitor refer to the List of WordPress Security Audit Log Alerts.

Upgrading WP Activity Log Plugin

Once you login to your WordPress using an administrator account you will be automatically notified that an upgrade of WP Activity Log plugin is available. You can upgrade automatically by clicking the upgrade link.

If you want to manually upgrade the plugin; download WP Activity Log from the WordPress repository, deactivate the plugin from the WordPress dashboard, delete all plugin files and replace them with the new files. Once all files are uploaded, enable the plugin from the WordPress dashboard.

Rate WP Activity Log Plugin

If you use WP Activity Log plugin and it helped you improve the security and monitoring of your WordPress blogs and websites, please rate WP Activity Log on the WordPress repository. If you have any questions, feedback or need support please get in touch with us by sending us an email on info@wpwhitesecurity.com.

You can also subscribe to our WP White Security Plugins newsletter to get notified via emails when new updates, plugins and tips are available.

Keep tabs of users & other activity on your WordPress site

Ensure user accountability, ease troubleshooting, get instantly notified of critical changes, generate user activity reports, & improve the security posture of your WordPress website.

Leave a Reply

Your email address will not be published.