Plugin Directory

Plainview Activity Monitor

Plugin for PHP v5.4+ that monitors WordPress actions for user activity on a blog or network.

Plugin for PHP v5.4+ that monitors WordPress actions for user activity on a blog or network.

Currently monitored actions:

  • activated_plugin
  • admin_head for views in the admin interface
  • deactivated_plugin
  • delete_post
  • delete_user
  • draft_to_publish
  • password_reset
  • profile_update
  • publish_to_publish
  • publish_to_trash
  • retrieve_password
  • trash_to_publish
  • user_register
  • wp_head for views on the front-end
  • wp_login
  • wp_login_failed
  • wp_login_failed but without logging the attempted password
  • wp_logout
  • wp_set_comment_status
  • wpmu_delete_user

The logged information consists of:

  • A description of what was logged
  • Blog
  • Timestamp
  • Hook that was triggered
  • User ID

The activities can then be shown in global table showing activities on the whole network, or locally for just the blog you are currently viewing.

The activites can also be filtered so that only specific blogs / hooks / IPs / users are displayed.


The Activity Monitor has a github.

Plugin Pack

The Activity Monitor Plugin Pack is an actively maintained collection of plugins that expand the functionality of Activity Monitor.

Currently the plugin pack offers:

  • Bruteforce Detect monitors failed logins and fires an action when limits have been reached.
  • Content Watch monitors posts and pages for phrases and fires an action when a phrase is detected.
  • IP Too Often reacts when an IP causes specific action(s) to occur too often.
  • Login Failed Username fires an action when a banned username fails to login.
  • Send To CloudFlare sends IPs to CloudFlare to be whitelisted / banned when hook(s) are encountered.
  • Send To E-mail sends an e-mail when hook(s) are encountered.
  • Send To Exec runs an executable command when hook(s) are encountered.

Security tips

There are several ways for people to break in to your WordPress installation, or cause trouble by DDOS. Here are some tips on how to use the Activity Monitor and its plugins to help detect problems:

  • Get a DDOS protection service with an API. There is a plugin to ban IPs via CloudFlare (Send To CloudFlare). Other APIs could be supported as the need arises.
  • If you have another DDOS service, write a script that can ban visitors by IP. Use this script with the Send To Exec plugin.
  • If you can't ban users using a script, at least set up the Send To E-mail plugin to inform you of suspicious activity.
  • Use the Bruteforce Detect plugin to detect when an IP or IPs are trying to guess the admin's password. Ban the IPs automatically using Send To Exec.
  • Do not use admin as the username for your administrator account. Instead, use some else and add the admin username to the list of banned usernames in the Login Failed Username plugin. Ban the IPs that cause the plugin to react.

Custom hooks

If you are a plugin developer and wish to log your custom hooks, build a plugin that extends an Activity Monitor hook!

Step 1: Create a custom hook. See any of the hooks in the include/hooks directory for examples.

Step 2: In your constructor, hook into the plainview_activity_monitor_loaded action.

add_action( 'plainview_activity_monitor_loaded', 'load_my_hooks' );

Step 3: Load your hooks.

public function load_my_hooks( $action )
    $class = __NAMESPACE__ . '\\hooks\\my_example_hook1';
    $hook = new $class;
    $hook->register_with( $action->hooks );

    $class = __NAMESPACE__ . '\\hooks\\my_example_hook2';
    $hook = new $class;
    $hook->register_with( $action->hooks );

Step 4: Hook into plainview_activity_monitor_manifest_hooks and then register your hook.

This shows your action hooks to all the other Activity Monitor plugins.

add_action( 'plainview_activity_monitor_manifest_hooks', 'my_example_manifest_hooks' );

function my_example_manifest_hooks( $action )
    $hook = new my_example_hook();
    $my_example_hook->register_with( $action->hooks );


Flesh out the log() or log_post() method in your hook class with something and then wait for the hook to be called.

Requires: 3.9 or higher
Compatible up to: 4.2.5
Last Updated: 2015-8-6
Active Installs: 1,000+


3.6 out of 5 stars


1 of 2 support threads in the last two months have been resolved.

Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,2,2 100,1,1
100,1,1 100,1,1