Activity logs are vital for managing and keeping WordPress sites secure.
The activity log, also known as an audit trail or audit log, is a set of records of what happened on your site. Typically activity logs are associated with security, though they serve a much bigger purpose on a WordPress site.
In this article, we will highlight the benefits of keeping an activity log, what data you can find in the activity log, and how to set up an activity log plugin on your WordPress site.
Why do you need one?
Below are just some of the benefits you can take advantage of when keeping an activity log for WordPress on your sites and multisite networks.
Ease troubleshooting: when you have a log of who did what on your site, you do not have to spend hours doing guesswork, trying to figure out what happened. You have a record of what happened in the activity log, so you can easily find out what went wrong within just a few minutes, thus minimizing possible website downtime and user productivity.
Better WP site and team management: Most of the time, your developers, guest bloggers, and other team members do not get back to you with updates, and you have to chase them. When you keep an activity log of what they are doing, you can stay on top of the game, so you do not have to chase them to get updates because you can see what they are doing in real-time.
Regulatory compliance requirements: This might not apply to everyone, but certainly applies to those who have a business website. Businesses who have to adhere to compliance requirements such as GDPR, PCI DSS, HIPAA, and others are legally obliged to keep a log of everything that is happening on their site. Therefore by installing an activity log plugin on your WordPress site, you check another checkbox towards compliance.
Build a WordPress Intrusion Detection System: If you use a fully-featured activity log plugin for WordPress, such as WP Security Audit Log, you can build a WordPress Intrusion Detection System (IDS) that can instantly alert you of any suspicious behavior, so you can take the necessary action to evade any problems.
There are many other benefits to keeping an activity log.
What information is stored?
The answer to this question depends on which activity log plugin you choose. There are quite a few available, and the WP Security Audit Log is known for having the best coverage and most comprehensive activity log.
So we will use this plugin’s activity log as an example.
The WP Security Audit Log plugin keeps a record in the activity log of the following.
- Website file changes – the plugin scans all sites on the website and not just the WP core, plugins and themes
- Any Post, Page and Custom Post Type changes including content changes
- Tags and Categories changes such as creating, modifying and deleting them, and adding or removing them from posts
- Widgets and Menus changes such as creating, editing and deleting them
- User management changes such as new user created and registered, and when users are removed or added to a site on a multisite network
- User profile changes such as password, email, display name, and role changes
- User activity such as login, logout, failed logins and terminating other sessions
- WordPress core and settings changes such as installed updates, permalinks, default role, URL and other site-wide changes
- Plugins and Themes changes such as installing, activating, deactivating, uninstalling and updating them
- Database changes such as when a plugin adds or removes a table
This plugin also works with multisite networks and popular third-party plugins like WooCommerce, ACF, etc.
For every event that the plugin keeps a log of, it reports the user who did the change and their role, the date and time of the change, the IP address from where the change happened, and all other required details.
Example – in case of a content change on a post, the plugin keeps a log of what was a content change, which you can see via a diff.
How to monitor User Activity?
Now that we have all this information at hand, let’s see how to set up an activity log on our site and what are the best practices of logging and monitoring.
The first step is to install the activity log plugin. You can download the free edition from here.
Once you install the plugin, you can follow the wizard to configure the basics, such as:
- Select the level of detail of the activity log
- Configure the activity log retention policies
- Specify who can access the activity log data
- Exclude IP addresses, users or posts from the activity log
Once you are ready with the wizard, the plugin automatically starts keeping a record of everything that happens on your WordPress site and multisite network. As such, there is nothing else you need to do, but here are some tips on what you can do to configure the activity log plugin to fit your requirements and business security policies.
In case you want to disable the logging of a specific event from the activity log, you can do so from the Enable/Disable Events menu option, or you can change the log detail level.
Restrict who can view the logs to meet the GDPR compliance requirement.
By default, the activity log can only be viewed by users with administrator role. The plugin allows you to restrict the activity log to your user only, and exclude all other administrators as well, or allow other individual users to access it.
The premium edition of the WP Security Audit Log plugin has some activity log and monitoring features that can be used to set up your own WordPress Intrusion Detection System (IDS).
Take back control of your WP site
Considering WordPress is a multi-user platform, and many sites today have more than a handful of collaborators, it is impossible to manage the site and your team without having any logging and monitoring functionality.
Hence why nowadays, activity logs have become a vital component of both securing and managing WordPress sites and multisite networks. Get started with activity logs today and gain control of your site.
Once you start keeping a log of everything that happened, you’d be surprised how you managed to run your website without them.