WP Security Audit Log

WP Security Audit Log doesn't actually protect a website from getting hacked, but it provides the tools to prevent this from happening.

The plugin can log various user-taken actions to help webmasters debug and trace back from where a hack was initiated, or it can display various warnings when certain actions take place.

These warnings can then be acted upon, and the webmasters can install other plugins or security measures to protect those alerts from being actually exploited.

The plugin logs actions and events related to:

User profiles

Login activity

Overall system activity

Multisite related activity

Pages management

Blog post management

Custom post type management

Sidebar and widget management

Theme management

Plugin management

As of our knowledge, WP Security Audit Log is the first and only plugin that can monitor WordPress multisite installations.

Installation:

Unpack and upload it to the /wp-content/plugins/ directory.

Activate the plugin through the 'Plugins' menu in WordPress.

System requirements

• WordPress 3.6 or higher

What is new in this release:

• New Features:
• Audit trail for WooCommerce Store and Products.
• New Hover over functionality to disable alerts with a single click.
• New WooCommerce Audit Trail Alerts
• Plugin Improvements:
• Improved severity of alerts and added severity description on hover over.
• Removed all code related to PHP error monitoring, which is no longer used (code spring cleaning).
• Bug Fixes:
• Fixed an issue in which 404 logs where still being generated when the logs option was disabled but alert 6007 was enabled.

What is new in version 2.5.0:

• New Features:
• New database connector allowing faster and more efficient plugin to WordPress database communication
• Added new option to switch the display time of alerts between 24 hour or 12 hour format
• Sorting functionality in Audit Log Viewer (sort WordPress security alerts by date & time, code or username)
• Bug Fixes:
• Fixed issue where super admin roles was not reported when logging in to "sub sites" in WordPress multisite
• Fixed several formatting issues in the Audit Log Viewer (UI)
• Fixed issue where multiple plugins were upgraded via the drop down menu and no alerts were being reported
• Fixed when unrestricting plugin access from a single admin was not working properly

What is new in version 2.2:

• New Features:
• New database connector allowing faster and more efficient plugin to WordPress database communication
• Added new option to switch the display time of alerts between 24 hour or 12 hour format
• Sorting functionality in Audit Log Viewer (sort WordPress security alerts by date & time, code or username)
• Bug Fixes:
• Fixed issue where super admin roles was not reported when logging in to "sub sites" in WordPress multisite
• Fixed several formatting issues in the Audit Log Viewer (UI)
• Fixed issue where multiple plugins were upgraded via the drop down menu and no alerts were being reported
• Fixed when unrestricting plugin access from a single admin was not working properly

What is new in version 2.0.0:

• New Features:
• New database connector allowing faster and more efficient plugin to WordPress database communication
• Added new option to switch the display time of alerts between 24 hour or 12 hour format
• Sorting functionality in Audit Log Viewer (sort WordPress security alerts by date & time, code or username)
• Bug Fixes:
• Fixed issue where super admin roles was not reported when logging in to "sub sites" in WordPress multisite
• Fixed several formatting issues in the Audit Log Viewer (UI)
• Fixed issue where multiple plugins were upgraded via the drop down menu and no alerts were being reported
• Fixed when unrestricting plugin access from a single admin was not working properly

What is new in version 1.6.1:

• New Security Alerts:
• 5010: plugin created new tables in the WordPress database
• 5011: plugin modified the structure of a number of tables in the WordPress database
• 5012: plugin deleted tables from the WordPress database
• 5013: theme created new tables in the WordPress database
• 5014: theme modified the structure of a number of tables in the WordPress database
• 5015: theme deleted tables from the WordPress database
• 5016: an unknown component created new tables in the WordPress database
• 5017: an unknown component theme modified the structure of a number of tables in the WordPress database
• 5018: an unknown component theme deleted tables from the WordPress database
• 2052: a user changed the parent of a category

What is new in version 1.5.2:

• Bug Fix:
• Removed a clause which changed the debug log path (used for testing).

What is new in version 1.4.0:

• New Features:
• WordPress username is now reported when a failed login is recorded - More Details
• Plugin is now available in Romanian thanks to Artmotion
• Improvements:
• Improved IP Address validation checks - if IP address format is incorrect the plugin reports "incorrect format" and not "unknown" - This will help us improve troubleshooting
• Alerts pruning options are now added during activation of the plugin, making pruning options more reliable - existing pruning options will be retained
• Bug Fixes:
• Fixed issue with the option "auto / manual" refresh of Audit Log Viewer
• Fixed plugin uninstallation process (added new option to purge all plugin data from WordPress database upon uninstall)

What is new in version 1.3.3:

• Improvements:
• Updated some of the help text in plugin's settings page
• Updated the text of some WordPress security alerts
• Bug Fixes:
• Fixed a bug related to the reverse proxy / IP retrieval functionality
• Fixed an issue related to Sandbox removal and upgrades

What is new in version 1.3.1:

• New WordPress Security Alerts:
• Alert 2065: The content of published post has been modified
• Alert 2066: The content of published page has been modified
• Alert 2067: The content of published custom post type has been modified
• Alert 2068: The content of a draft post has been modified
• Alert 2069: The content of a draft page has been modified
• Alert 2070: The content of a draft custom post type has been modified
• Alert 2071: Changed the position of a widget in the same container
• WordPress Security Audit Log Viewer Improvement:
• Removed fixed width from columns, hence now they are dynamically resized depending on your resolution
• Bug Fixes:
• Fixed an issue where alert 1001 (logout) was generated without a login
• Fixed a PHP coding problem / invalid argument issue

What is new in version 1.3.0:

• New WordPress Security Alerts:
• Alert 2065: User modified the content of a blog post
• Alert 2066: User modified the content of a WordPress page
• Alert 2067: User modified the content of a custom post type
• Improvements:
• The code of some of the sensors which monitor the WordPress activity

What is new in version 1.2.9:

• Fixed an issue with the queries used for the alerts pruning.

What is new in version 1.2.7:

• New Feature:
• New option "Restrict Plugin Access" that allows WordPress administrators to further restrict access to the plugin and the WordPress security alerts
• Improvements:
• Updated the Audit Log Viewer backend to retriev WordPress security alerts much faster and consume less resources on large websites
• Moved the Audit Log plugin menu entry underneath the dashboard entry for better access
• Several minor enhancements to the plugin to perform better on large WordPress installations
• Bug Fixes:
• Fixed an uncaught exception with Logout Alert 1001 support ticket

What is new in version 1.2.6:

• Improvements:
• Several performance improvements and tweaks applied
• Updated Italian translations
• Bug Fixes:
• Fixed an issue with URLs of plugin pages
• Fixed an uncaught exception with Logout Alert 1001
• Fixed error on logout issue
• Fixed uncaught exception with specific Alert Codes

What is new in version 1.2.4:

• Improved monitoring of failed logins.

What is new in version 1.2.3:

• Improvements:
• Improved database structure for better support of high-traffic WordPress and WordPress multisite installations
• Developer options are reset during updates for improved performance
• Added a warning / note to the developer options (such options should NEVER be enabled on live websites but only on testing, staging and development websites)
• Bug Fixes:
• Database issue with primary key constraint

What is new in version 1.2.2:

• Improvements:
• Added a warning to developer options
• "Hidden" developer options from default settings. User has to click link to access developer plugins
• Bug Fixes:
• Solved several issues related to translations. Now everything in the plugin is translatable
• Fixed several other issues reported by email

What is new in version 1.2.1:

• Bug Fix:
• Fixed reported issue with upgrade.

What is new in version 1.2.0:

• New Features:
• Unlimited Alerts can be stored (removed the 5000 alerts limit)
• Alert time now includes milliseconds for more precision (ideal for auditing and compliance)
• Reported alert time is now relative to user's configured timezone
• Alerts automatic pruning procedures can now be enabled / disabled
• Option to hide WP Security Audit Log from plugins page in WordPress
• If there are more than 15 websites in a multisite installation, an auto complete site search box is shown instead of the drop down menu
• New WordPress Security Alerts:
• Alert 5007: User has uninstalled / deleted a theme
• Alert 5008: Super administrator network activated a theme on multisite
• Alert 5009: Super administrator network deactivated a theme on multisite

What is new in version 1.1.0:

• New Features:
• User avatar is shown in the alert to allow administrators to easily recognize users and their activity
• Clickable username in alerts allow administrators to access user's profile instantly
• User role is reported in alert so administrators can easily track any suspicious behaviour
• PHP Version checker; upon installation the plugin will check what version of PHP is installed on the system
• Bug fixes:
• Wrapping problem in alerts dashboard widget
• Upgrade script to properly create the new tables in the WordPress database

What is new in version 1.0.0:

• New Audit Log viewer
• Auto refresh of security alerts - WordPress administrators do not need to refresh the Audit Log Viewer page to see new alerts
• Data Inspector reports more insider information about each alert (can be enabled from settings)
• Sandbox allows developers to execute PHP code for troubleshooting (can be enabled from settings)
• Request Log that logs all HTTP GET and POST requests done on WordPress (can be enabled from settings)
• Logging of PHP Errors; ideal for developers who want to monitor WordPress for any errors (can be enabled from settings)
• New Support and About Us page that you should check out

What is new in version 0.6.3:

• Bug Fix:
• Disabled debugging by default (left enabled by mistake).

Requirements:

• WordPress 3 or higher