Plugin Directory

WP Security Audit Log

Keep an WordPress audit log of all users' changes and other under the hood activity - Identify WordPress issues before they become security probl

How can I prune WordPress security events?

By default the plugin will keep 5,000 WordPress Security Alerts. When this limit is reached, older alerts are deleted to make place for the new ones. You can configure the plugin to keep more alerts from the settings page. You can also configure the plugin to delete alerts which are older than a number of days.

Is there a complete list of all WordPress security audit events?

Yes. A complete list can be found here

Can I disable some WordPress security alerts?

Yes it is possible to disable (and re-enable) specific WordPress security alerts. To do so navigate to the "Enable/Disable Alerts" node in the plugin's menu, select the category tab and untick the WordPress security alert. Tick back the alert to re-enable it.

Can WP Security Audit Log plugin work and monitor activity on WodPress Multisite?

Yes, WP Security Audit Log works on WordPress Multisite networks, i.e. it can monitor user and under the hood WordPress activity on WordPress multisite installations. For more information refer to the post WP Security Audit Log Features for WordPress Multisite installation.

Can I receive an email notification when a specific change happens on WordPress?

Yes it is possible to do so with the WSAL Notifications Extension. This plugin extension enables you to configure triggers to monitor for specific changes and when such changes take place an email is automatically sent to your email address of choice with all the details of such change such as the Alert ID, user, user role, date, time, details about the actual change and more.

= How can I search for a specific WordPress security alert? You can use the premium add-on Security Audit Log Search to automatically search for a specific WordPress security alert. It supports free text based searches and you can also use the built-in filters to fine tune your searches.

Can I generate reports from the WordPress security audit log?

Yes it is possible to do so with the premium WSAL Reporting Extension. This plugin extension allows you to generate any type of WordPress report using any type of data source. Reports can be generated in HTML and CSV format.

Can I exclude users or roles from being monitored?

Yes it is possible to exclude both users and roles from being monitored. To exclude a user or a role specify it in the Excluded Objects section in the plugin's settings node.

Can I exclude custom fields from being monitored

Yes it is possible to exclude custom fields from being monitored. To exclude a custom field you can specify it in the Excluded Objects section in the plugin's settings node, else you can click the option Exclude Custom Field from Monitoring from the alert itself.

Requires: 3.6 or higher
Compatible up to: 4.1.1
Last Updated: 2015-3-26
Active Installs: 10,000+


4.6 out of 5 stars


14 of 17 support threads in the last two months have been resolved.

Got something to say? Need help?


Not enough data

3 people say it works.
0 people say it's broken.

100,1,1 100,1,1 100,1,1
89,9,8 100,1,1
67,3,2 100,3,3
100,1,1 100,4,4
75,4,3 100,2,2 80,5,4 100,1,1
100,1,1 100,2,2
100,1,1 100,2,2
100,2,2 100,1,1
100,1,1 100,1,1
0,2,0 100,3,3