WordPress.org

Plugin Directory

Plainview Activity Monitor

Real-time monitoring of users, content, functionality, appearance, security, and updates.

Activity Monitor tracks all user activity on your blog or network. The activities can be viewed in global table showing activities on the whole network, or locally for just the blog you are currently viewing. The activites can be filtered so that only specific blogs / hooks / IPs / users are displayed.

Monitored actions include (not exhaustive):

  • Comments: approve, held, spam, delete
  • Custom Post Types: draft, publish, update, trash, delete
  • Logins: login, login failed, logout
  • Pageviews: admin, front-end
  • Passwords: reset, retrieve
  • Plugins: activate, deactivate
  • Pages: draft, publish, update, trash, delete
  • Posts: draft, publish, update, trash, delete, password
  • Taxonomies: create, edit, delete
  • Themes: switched
  • Updates: WordPress core, plugins, themes
  • Users: register, delete, profile changes
  • And more....

The logged information consists of:

  • A description of what was logged
  • Blog
  • Timestamp
  • Hook that was triggered
  • User ID

Premium pack

The Activity Monitor Premium Pack is a collection of plugins that greatly expand the monitoring and notification capabilities of the activity monitor. The pack current includes the following plugins:

Detection Notifications Prevention Integrations

git

The Activity Monitor has a git repository.

Security tips

There are several ways for people to break in to your WordPress installation, or cause trouble by DDOS. Here are some tips on how to use the Activity Monitor and its plugins to help detect problems:

  • Get a DDOS protection service with an API. There is a plugin to ban IPs via CloudFlare (Send To CloudFlare). Other APIs could be supported as the need arises.
  • If you have another DDOS service, write a script that can ban visitors by IP. Use this script with the Send To Exec plugin.
  • If you can't ban users using a script, at least set up the Send To E-mail plugin to inform you of suspicious activity.
  • Use the Bruteforce Detect plugin to detect when an IP or IPs are trying to guess the admin's password. Ban the IPs automatically using Send To Exec.
  • Do not use admin as the username for your administrator account. Instead, use some else and add the admin username to the list of banned usernames in the Login Failed Username plugin. Ban the IPs that cause the plugin to react.

Custom hooks

See the developer documentation for relevant info on how to create custom hooks.

Requires: 3.9 or higher
Compatible up to: 4.4.4
Last Updated: 6 months ago
Active Installs: 1,000+

Ratings

3.5 out of 5 stars

Support

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

0,1,0
100,1,1
100,1,1 100,2,2 100,1,1
100,1,1 100,1,1
100,2,2
0,1,0
100,1,1
100,1,1
100,1,1
100,1,1