Plugin Directory

WP Security Audit Log

Keep an audit log of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.

Keep an audit log of everything that is happening on your WordPress and WordPress multisite with WP Security Audit Log to ensure user productivity and identify WordPress security issues before they become a security problem. WP Security Audit Log, WordPress' most comprehensive user monitoring and audit log plugin already helps thousands of WordPress administrators, owners and security professionals ensure the security of their websites and blogs. Ensure the security of your WordPress too by installing WP Security Audit Log. The community's favourite WordPress user monitoring monitoring and security auditing plugin is developed by WordPress Security Consultants and Professionals WP White Security.

Free and Premium Support

WP White Security provides support for WP Security Audit Log plugin on the WordPress forums for free, though please note that it is free support hence it is not always possible to answer all questions on a timely manner, although we do try. Personalized premium support is available via email to anyone who purchases any of the Premium Add-Ons, such as the Email Notifications, Search, External Database and Reports Add-Ons.

Keep A WordPress Security Audit Log & Identify WordPress Security Issues

WP Security Audit Log keeps a log of everything happening on your WordPress blog or website and WordPress multisite network. By using WP Security Audit Log security plugin it is very easy to track suspicious user activity before it becomes a problem or a security issue. A security alert is generated by the plugin when:

  • New user is created via registration or by another user
  • User changes the role, password or other profile settings of another user
  • User on a WordPress multisite network is added or removed from a site
  • User uploads or deletes a file, changes a password or email address
  • User installs, activates, deactivates, upgrades or uninstalls a plugin
  • User creates a new post, page, category or a custom post type
  • User modifies an existing post, page, category or a custom post type
  • User creates, modifies or deletes a custom field from a post, page or custom post type
  • User adds, moves, modifies or deletes a widget
  • User installs or activates a new WordPress theme
  • User changes WordPress settings such as permalinks or administrator notification email
  • WordPress is updated / upgraded
  • Failed login attempts
  • and much more...

Refer to the complete list of WordPress Security Audit Alerts for more information on what WordPress activity can be monitored with WP Security Audit Log.

Monitor WordPress Users Activity & Productivity

If you own a multi user WordPress blog or website, or a WordPress multisite network installation you can use WP Security Audit Log plugin to monitor your users' activity and productivity. With WP Security Audit Log WordPress plugin you can monitor:

  • When WordPress users log in or out
  • From where WordPress users are logging in
  • Users who created. modified or deleted categories
  • Users who created a blog post, page or a custom post
  • Users who published a blog post, page or a custom post
  • Users who modified published WordPress content such as custom posts, pages or a blog posts
  • Users who moves content such as blog posts or WordPress pages to trash or permanently deletes it
  • Users who modify WordPress widgets
  • Uses who upload or delete any sort of files
  • and much more...

Refer to the complete list of WordPress Security Audit Alerts for more information on what other WordPress user activity can be monitored with the WP Security Audit Log WordPress plugin.

Get Notified Instantly of Changes on Your WordPress

Get notified instantly via email of important changes happening on your blogs and websites running on WordPress and WordPress multisite.

Use the premium Email Notifications Add-On to configure monitoring rules and get notified via email of specific actions. For example you can setup notifications rules to be alerted via email should any WordPress user logs in to your WordPress outside office hours. The email alerts include all the details a WordPress administrator or owner might need, such as the source IP address, user, user role, date, time, details about the actual action and much more.

Use Free Text Based Searches to Search for Specific Activity on WordPress

The search functionality allows you to quickly find specific WordPress activity you are looking for.

It is virtually impossible to find specific WordPress activity by manually browsing through thousands of WordPress security alerts. Now you can use the premium Search Add-On to do free text based searches in the WordPress audit log, allowing you to easily pin point specific WordPress user, site, plugin, theme and other activity. The Search extension also has a number of built-in filters that you can use to fine tune your search results, hence allowing you to find the WordPress security alert you are looking for easily and quickly.

Improve the Security by Storing the Audit Log in an External Database

Store the WordPress Audit Log in an external database to improve the security & Performance of your WordPress websites.

By storing the WordPress Audit Log in an external database with the External DB Add-on you improve the security and perforamnce of your WordPress websites and blogs. The WordPress Audit Log contains a record of everything that has happened on your WordPress hence when stored on an external database you ensure such records are not tempered with even in case the website is hacked. You also ensure that your business WordPress website is compliant to today's strict regulatory compliance requirements.

Generate HTML and CSV WordPress Reports

Generate WordPress activity reports to ensure users' productivity and meet any legal and regulatory compliance requirements your business needs to adhere to.

Use the premium Reports Add-On to generate any type of WordPress report. For example you can generate a WordPress user or group of users activity report, specific role activity report and also site activity report in case you are running WordPress multisite. Unlike other WordPress reports plugins, WSAL Reporting Extension does not have templates that restrict you to specific reports types, but it allows you to choose any data source for your reports.

WP Security Audit Log for WordPress Multisite

WP Security Audit Log is the first tracking and audit WordPress security monitoring plugin that supports WordPress multisite network installations and can monitor activity on such WordPress multisite network installations.

For more information about the features for WordPress Multisite network installation refer to WP Security Audit Log Features for WordPress Multisite

WordPress Security Audit Log in your Language!

We need help translating the plugin and the WordPress Security Events. If you're good at translating, please drop us an email on plugins@wpwhitesecurity.com.

WordPress & PHP Errors Monitoring Tools

Plugins and themes customizations are most probably the norm of the day on large WordPress websites, not to mention the installation of new plugins and components. With WP Security Audit Log now it is easier than ever before to monitor your plugins', theme's and other code behaviour, it will generate a alert when a PHP error, warning, exception or shutdown is detected. It is also possible to log all HTTP GET and POST requests that are reaching your WordPress installation to a log file with WP Security Audit Log. Simply enable the PHP Errors monitoring or logging from the plugins settings.

NOTE: Developer options should NEVER be enabled on Live websites. They should only be enabled on testing, staging and development WordPress and WordPress multisite installations.

Other Noteworthy Features

WP Security Audit Log plugin also has a number of features that make WordPress and WordPress multisite monitoring and auditing easier, such as:

  • Realtime Audit Log viewer to watch user activity as it happens without any delays
  • Built-in support for reverse proxies and web application firewalls more information
  • Limit who can view the security alerts by users and roles
  • Limit who can manage the plugin by users and roles
  • Configurable WordPress dashboard widget highlighting the most recent critical activity
  • Configurable WordPress security alerts pruning rules
  • User role is reported in alerts for a complete overview of what is happening
  • User avatar is reported in the alerts for better recognizability
  • Enable or disable any security alerts
  • and much more...

As Featured On:

Related Links and Documentation

For more information and to get started with WordPress Security, check out the following:

WordPress Security Tips & Tricks

Even if WordPress security is not your cup of tea, the security of your WordPress is your responsibility. Keep yourself up to date with the latest WordPress Security Tips & Tricks. WP White Security frequently publishes WordPress security tips & tricks on the WordPress Security section of their blog.

Plugin Newsletter

To keep yourself updated with what is new and updated in our WordPress security plugins please subscribe to the WP White Security Plugins Newsletter.

Note: This plugin requires PHP 5.3 or higher to be activated because older versions of PHP are no longer maintained by PHP themselves, which make them prone to security issues. For more information or if you need assistance with your version of PHP please get in touch with us by using our contact form.

Requires: 3.6 or higher
Compatible up to: 4.3.1
Last Updated: 2015-10-7
Active Installs: 20,000+


4.7 out of 5 stars


7 of 12 support threads in the last two months have been resolved.

Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1 100,1,1
89,9,8 100,1,1
67,3,2 100,3,3
100,1,1 100,4,4
75,4,3 100,2,2 80,5,4 100,1,1
100,1,1 100,2,2
100,1,1 100,2,2
100,2,2 100,1,1
100,1,1 100,1,1 100,1,1
0,2,0 100,3,3