WordPress.org

Plugin Directory

WP Security Audit Log

Keep a WordPress audit log of all users' changes and under the hood WordPress activity - Identify WordPress issues before they become security pr

2.0.1 (2015-08-05)

2.0.0 (2015-07-16)

  • New Features

    • New database connector allowing faster and more efficient plugin to WordPress database communication
    • Added new option to switch the display time of alerts between 24 hour or 12 hour format
    • Sorting functionality in Audit Log Viewer (sort WordPress security alerts by date & time, code or username)
  • Bug Fixes

    • Fixed issue where super admin roles was not reported when logging in to "sub sites" in WordPress multisite
    • Fixed several formatting issues in the Audit Log Viewer (UI)
    • Fixed issue where multiple plugins were upgraded via the drop down menu and no alerts were being reported
    • Fixed: When unrestricting plugin access from a single admin was not working properly

1.6.1 (2015-05-04)

  • Bug Fixes
    • Fixed the monitoring of plugin updates for WordPress 4.2 Support Ticket
    • Fixed an issue where multiple plugin updates triggered by drop down menu were not being reported
    • Fixed a conflict with Magic Fields 2 plugin Support Ticket
    • Updated the escaping of add_query_arg() function which could result in a potential XSS

1.6.0 (2015-04-16)

  • New Security Alerts
    • 5010: plugin created new tables in the WordPress database
    • 5011: plugin modified the structure of a number of tables in the WordPress database
    • 5012: plugin deleted tables from the WordPress database
    • 5013: theme created new tables in the WordPress database
    • 5014: theme modified the structure of a number of tables in the WordPress database
    • 5015: theme deleted tables from the WordPress database
    • 5016: an unknown component created new tables in the WordPress database
    • 5017: an unknown component theme modified the structure of a number of tables in the WordPress database
    • 5018: an unknown component theme deleted tables from the WordPress database
    • 2052: a user changed the parent of a category

1.5.2 (2015-04-07)

  • Bug Fix
    • Removed a clause which changed the debug log path (used for testing) Support Ticket

1.5.1 (2015-03-26)

1.5.0 (2015-03-18)

  • New Features

    • Ability to exclude custom fields from monitoring (custom fields can be excluded from the Audit Log Viewer with a simple click or you can specify them in the settings)
    • Ability to exclude WordPress users and roles from monitoring
  • Improvements

    • WP Security Audit Log now has its own settings table in WordPress database. This will provide us with more flexibility and have more centralization of data
    • Updated the code where is_admin() function was being used to follow better security practises
  • Bug Fixes

    • Fixed a problem where a PHP exception was being thrown during the activation of the plugin support ticket

1.4.1 (2015-03-12)

  • Bug Fix
    • Fixed an issue where the IP address was not being reported for anyone using PHP version 5.3.3 or earlier support ticket

1.4 (2015-02-24)

  • New Features

    • WordPress username is now reported when a failed login is recorded - More Details
    • Plugin is now available in Romanian thanks to Artmotion
  • Improvements

    • Improved IP Address validation checks - if IP address format is incorrect the plugin reports "incorrect format" and not "unknown" - This will help us improve troubleshooting
    • Alerts pruning options are now added during activation of the plugin, making pruning options more reliable - existing pruning options will be retained
  • Bug Fixes

    • Fixed issue with the option "auto / manual" refresh of Audit Log Viewer
    • Fixed plugin uninstallation process (added new option to purge all plugin data from WordPress database upon uninstall)

1.3.3 (2015-01-21)

  • New Features

    • Premium Add-Ons will be hidden from the WordPress plugins page when the Hide plugin option is enabled.
  • Improvements

    • Updated some of the help text in plugin's settings page
    • Updated the text of some WordPress security alerts
  • Bug Fixes

    • Fixed a bug related to the reverse proxy / IP retrieval functionality
    • Fixed an issue related to Sandbox removal and upgrades Support Ticket

1.3.2 (2014-12-16)

  • New Features and Options

    • Plugin automatically retrieves user's originating IP address even if WordPress is installed behind a reverse proxy, web application firewall or load balancer. For more information refer to WP Security Audit Log, Reverse Proxies and WAFs
    • New option to omit internal IP addresses from being reported in the WordPress security audit log
  • Removed Functionality

    • The sandbox was removed from the plugin. If you need to use the sandbox for troubleshooting and tested contact us since we migrated it to a standalone extension.
  • Bug Fixes

    • Fixed a bug where site administrators where not able to view the WordPress security alerts for their sites in a WordPress multisite installation
    • Improved some SQL queries as reported in this support ticket
    • Fixed an issue with alerts pruning (when pruning was set by number of alerts the plugin was pruning all alerts)

1.3.1 (2014-11-27)

  • New WordPress Security Alerts

    • Alert 2065: The content of published post has been modified
    • Alert 2066: The content of published page has been modified
    • Alert 2067: The content of published custom post type has been modified
    • Alert 2068: The content of a draft post has been modified
    • Alert 2069: The content of a draft page has been modified
    • Alert 2070: The content of a draft custom post type has been modified
    • Alert 2071: Changed the position of a widget in the same container
  • WordPress Security Audit Log Viewer Improvement

    • Removed fixed width from columns, hence now they are dynamically resized depending on your resolution
  • Bug Fixes

    • Fixed an issue where alert 1001 (logout) was generated without a login support ticket
    • Fixed a PHP coding problem / invalid argument issue support ticket

1.3.0 (2014-10-30)

  • New WordPress Security Alerts

    • Alert 2065: User modified the content of a blog post
    • Alert 2066: User modified the content of a WordPress page
    • Alert 2067: User modified the content of a custom post type
  • Improvements

    • We have also improved the code of some of the sensors which monitor the WordPress activity

1.2.9 (2014-10-21)

  • Bug Fix
    • Fixed an issue with the queries used for the alerts pruning as reported in this support ticket.

1.2.8 (2014-10-14)

  • New Feature

    • Added new Extensions page to allow users to see which extensions they can use to increase the functionality of the plugin
    • Included licensing mechanism to support premium extensions
  • Improvements

    • Updated latest language files for German and Italian translations (also include corrections for some old translations)
  • Bug Fixes

    • Fixed a problem with the pruning of WordPress Security Alerts support ticket
    • Fixed pagination issue in the Audit Log Viewer when running on WordPress multisite

1.2.7 (2014-09-26)

  • New Feature

    • New option "Restrict Plugin Access" that allows WordPress administrators to further restrict access to the plugin and the WordPress security alerts
  • Improvements

    • Updated the Audit Log Viewer backend to retriev WordPress security alerts much faster and consume less resources on large websites
    • Moved the Audit Log plugin menu entry underneath the dashboard entry for better access
    • Several minor enhancements to the plugin to perform better on large WordPress installations
  • Bug Fixes

1.2.6 (2014-08-20)

  • Improvements

    • Several performance improvements and tweaks applied
    • Updated Italian translations
  • Bug Fixes

1.2.5 (2014-08-12)

  • New Feature

    • Monitoring of custom fields in WordPress posts, pages and custom post types.
  • New WordPress Security Alerts

    • Alert 2053: User created new custom field in blog post
    • Alert 2054: User modified the value of custom field in blog post
    • Alert 2055: User deleted a custom field in blog post
    • Alert 2062: User renamed custom field in blog post
    • Alert 2059: User created new custom field in page
    • Alert 2060: User modified the value of custom field in page
    • Alert 2061: User deleted custom field from page
    • Alert 2063: User renamed custom field in
    • Alert 2056: User created new custom field in custom post type
    • Alert 2057: User modified the value of custom field in custom post type
    • Alert 2058: User deleted a custom field from custom post type
    • Alert 2064: User renamed custom field in custom post type
  • Improvements

    • Improved the writing and reading of WordPress alerts from the WordPress database (plugin runs more efficiently on high traffic WordPress and WordPress multisite installations)
    • Improved the monitoring of WordPress login and logout actions
    • Applied various plugin performance tweaks
  • Bug Fixes

    • Fixed a specific issue where user and user role where not being reported (ticket)
    • Fixed an error which was being reported during user logout in specific scenarios (ticket)
    • Fixed a CSRF vulnerability reported by K√©vin FALCOZ aka 0pc0deFR

1.2.4 (2014-07-27)

  • Improvements
    • Improved monitoring of failed logins, addressed issues reported here, here, here and here

1.2.3 (2014-07-23)

  • Improvements

    • Improved database structure for better support of high-traffic WordPress and WordPress multisite installations
    • Developer options are reset during updates for improved performance
    • Added a warning / note to the developer options (such options should NEVER be enabled on live websites but only on testing, staging and development websites)
  • Bug Fixes

    • Fixed database issue with primary key constraint

1.2.2 (2014-07-16)

  • New Features

  • Improvements

    • Added a warning for developer options
    • "Hidden" developer options from default settings; user has to click link to access developer settings
    • Backtrace logging now made optional from a developer setting
  • Bug Fixes

    • Solved several issues related to translations. Now everything in the plugin is translatable
    • Fixed several other issues reported by email

1.2.1 (2014-07-2)

  • Bug Fix
    • Fixed reported issue with upgrade (more info here)

1.2.0 (2014-07-2)

  • New Features

    • Unlimited Alerts can be stored (removed the 5000 alerts limit)
    • Alert time now includes milliseconds for more precision (ideal for auditing and compliance)
    • Reported alert time is now relative to user's configured timezone
    • Alerts automatic pruning procedures can now be enabled / disabled
    • Option to hide WP Security Audit Log from Plugins page in WordPress
    • If there are more than 15 websites in a multisite installation, an auto complete site search box is shown instead of the drop down menu
  • New WordPress Security Alerts

    • Alert 5007: User has uninstalled / deleted a theme
    • Alert 5008: Super administrator network activated a theme on multisite
    • Alert 5009: Super administrator network deactivated a theme on multisite

1.1.0 (2014-05-27)

  • New Features

    • User avatar is shown in the alert to allow administrators to easily recognize users and their activity
    • Clickable username in alerts allow administrators to access user's profile instantly
    • User role is reported in alert so administrators can easily track any suspicious behaviour
    • PHP Version checker; upon installation the plugin will check what version of PHP is installed on the system
  • New WordPress Security Alert for monitoring plugin files

    • Alert 2051: User changed a plugin file using the plugin editor (note: filename and location will also be reported in the alert)
  • Bug fixes

    • Fixed wrapping problem in alerts dashboard widget
    • Fixed upgrade script to properly create the new tables in the WordPress database

1.0 (2014-05-20)

  • Complete plugin rewrite making the new version more stable and scalable

  • New Features

    • New Audit Log viewer
    • Auto refresh of security alerts - WordPress administrators do not need to refresh the Audit Log Viewer page to see new alerts
    • Data Inspector reports more insider information about each alert (can be enabled from settings)
    • Sandbox allows developers to execute PHP code for troubleshooting (can be enabled from settings)
    • Request Log that logs all HTTP GET and POST requests done on WordPress (can be enabled from settings)
    • Logging of PHP Errors; ideal for developers who want to monitor WordPress for any errors (can be enabled from settings)
    • New Support and About Us page that you should check out!
  • New WordPress Security Alerts for monitoring themes, WordPress settings, files and much more

    • Alert 2046: User modified a file using the editor
    • Alert 2047: User changed parent of page
    • Alert 2048: User changed template of page
    • Alert 2049: User set post as sticky
    • Alert 2050: User removed post from Sticky
    • Alert 5005: User installed a new theme
    • Alert 5006: User activated a theme
    • Alert 6004: User upgraded WordPress
    • Alert 6005: User changed the WordPress permalinks
  • New WordPress Developer Alerts

    • Alert 0000: Unknown error
    • Alert 0001: PHP Error
    • Alert 0002: PHP Warning
    • Alert 0003: PHP Notice
    • Alert 0004: PHP Exception
    • Alert 0005: PHP Shutdown Error

0.6.3 (2014-02-18)

  • Bug Fix
    • Disabled debugging by default (left enabled by mistake)

0.6.2 (2014-02-03)

  • Bug Fix
    • Fixed a number of database issues introduced with the WordPress Multisite Support
    • Fixed issue with supporting pre WordPress 3.0 multisite installations (support tickets here and here)

0.6.1 (2014-01-16)

  • Bug Fix
    • Fixed errors in debug code (used for when debugging is enabled in plugin)

0.6 (2014-01-15)

  • New Plugin Feature
  • WordPress Multisite Support Read More

  • New WordPress Security Alerts for monitoring specific multisite activity on a WordPress multisite network installation

    • Alert 4008: User is granted super admin privileges (network)
    • Alert 4009: Super admin privileges (network) are revoked from a user
    • Alert 4010: Added an existing user to a site and assigned a specific role
    • Alert 4011: Removed user with a specific role from a site
    • Alert 4012: New user created on the network
    • Alert 7000: Added a new site to network
    • Alert 7001: A site was archived
    • Alert 7002: A site was unarchived
    • Alert 7003: A site was activated
    • Alert 7004: A site was deactivated
    • Alert 7005: A site was deleted
  • Plugin Improvements

    • Plugin settings page to have the same look and feel of the new WordPress dashboard (3.8)

0.5.1 (2013-12-11)

0.5 (2013-11-06)

  • New WordPress Security Alerts for monitoring of Widgets

    • Alert 2042: New widget was added
    • Alert 2043: A widget was modified
    • Alert 2044: A widget was deleted
    • Alert 2045: A widget was moved
  • New Plugin Features

    • New setting to allow specific user(s) and role(s) to view the Audit Log Viewer (read only)
    • New setting to allow specific user(s) and role(s) to manage the WP Security Audit Log plugin (can change plugin settings, enable disable WordPress security alerts etc)
  • Plugin Improvements

    • Renamed "login/logout" tab in "Enable/Disable Alerts" section to plugins to "Other User Activity"
    • Added the files alerts (uploaded / delete files) to the "Enable/Disable Alerts" (previously unavailable)
  • Bug Fixes

0.4 (2013-10-09)

  • New WordPress Security Alerts for Custom Post Types

    • Alert 2029: New post with custom post type created and saved as draft
    • Alert 2030: Post with custom post type is publishes
    • Alert 2031: A published post with custom post type is modified
    • Alert 2032: A draft post with custom post type is modified
    • Alert 2033: A post with custom post type was permanently deleted
    • Alert 2034: A post with custom post type was moved to trash
    • Alert 2035: A post with custom post type was restored from trash
    • Alert 2036: The category of a post with custom post type was changed
    • Alert 2037: The URL of a post with custom post type was changed
    • Alert 2038: The author of a post with custom post type was changed
    • Alert 2039: The status of a post with custom post type was changed
    • Alert 2040: The visibility of a post with custom post type was changed
    • Alert 2041: The date of a post with custom post type was changed
  • New Plugin Features

    • Enable/Disable Alerts node that allows WordPress administrators to switch on or off specific WordPress security alerts
    • Dashboard widget that shows the latest 5 WordPress security alerts (widget can be switched on or off from the plugin settings)
    • Plugin is now language aware and we can accept translations
  • Plugin Improvements

    • Updated settings page to have the same look and feel of WordPress
    • Improved the upgrade procedure of the plugin
    • Updated the Audit Log Viewer display to support more resultions such as those of tables and smartphones

0.3 (2019-09-19)

  • New WordPress Security Alerts

    • Alert 6001: Anyone can Register option in WordPress settings was changed
    • Alert 6002: Default use role in WordPress settings was changed
    • Alert 6003: Administrator notification email in WordPress settings was changed
    • Alert 2025: Visibility of a blog post was changed
    • Alert 2026: Visibility of a page was changed
    • Alert 2027: Date of a blog post was changed
    • Alert 2028: Date of a page was changed
  • Plugin Improvements

    • Links to the Audit Log Viewer and Settings in the plugin summary page
    • Time of Failed Login alerts now reflects the time of last failed login attempt
  • Bug Fixes

    • Fixed: Incorrect alerts generated when author of page was changed from quick edit mode
    • Fixed: Conflict with WP Mandrill and other plugins using pluggable.php
    • Fixed: Incorrect alerts generated when plugin is installed via a zip file / upload method

0.2 (2013-08-12)

  • Restricted plugin options and WordPress Audit Log Event Viewer only to WordPress administrators
  • Improved failed logins events (events generated from the same IP, or same username will be grouped to avoid mass flooding of security events)
  • Security Events pruning now uses wp-cron functionality (improved stability and reliability of events pruning)
  • Applied several performance improvements (faster loading of events etc)
  • Added support for permalinks; now events will include page or blog post URL rather than ID
  • Added new alerts for when a page or blog post status is changed from draft, pending review or published
  • Added new alert for when a page or blog post URL or author is changed
  • Added new alert for when a blog post category is changed
  • Added new alerts for when a user creates or deletes a category
  • Added new alert for when the author of a blog post or page is changed
  • Added new plugin alerts for when a plugin is installed, uninstalled or upgraded
  • Updated navigation menu to use standard WordPress dashboard icons etc

0.1 (2013-05-24)

  • Initial beta release of WP Security Audit Log.

Requires: 3.6 or higher
Compatible up to: 4.2.4
Last Updated: 2015-8-5
Active Installs: 20,000+

Ratings

4.7 out of 5 stars

Support

9 of 14 support threads in the last two months have been resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

0,1,0
100,3,3
100,1,1 100,1,1 100,1,1
89,9,8 100,1,1
67,3,2 100,3,3
100,1,1 100,4,4
75,4,3 100,2,2 80,5,4 100,1,1
100,1,1 100,2,2
100,1,1 100,2,2
100,2,2 100,1,1
100,1,1 100,1,1 100,1,1
0,2,0 100,3,3
100,1,1
100,2,2
100,1,1
100,1,1
100,1,1