At any point in time, any website may break down. In many cases, weak security measure and lack of proper site activity monitoring is the reason for that. On top of it, numerous hacked website becomes the target of malicious actions every day. So overcoming this challenge of protecting the site's security is indeed a major concern for most website owners.
This is when you need to have a compact WordPress Security plugin for your website. There are many security & activity tracking plugins available on wordpress.org. But today, we will be talking about WP Activity Log in detail.
Whether it is a simple user post or monitoring the file's transaction on the website, all these WordPress Security and activity log plugins keep a track of every detailed record of your WordPress site activity. Not only that, these plugins help you identify security issues to solve it even before it becomes a major security problem for your WordPress website. With their immense activity monitoring ability, these WordPress Security plugins record every post that is being added, deleted, or moved from the backend by the logged-in users of the website. And one such plugin is the WP Activity Log that also takes care of all your site's security concerns.
Today we will be discussing the features, benefits, pros/cons of WP Activity Log. So should you consider using this plugin for your WordPress website? Let's find it here.
Essentiality of Security Activity Logs & Monitoring
Before getting into the details of WP Activity Log Plugin, let's find out why monitoring security logs can be useful for your website.
Ease the Troubleshooting of WordPress Technical Issues
Almost all web hosts keep error logs, which contain information about the bugs and issues that occur when running the website. These logs come in handy later on because should there be a problem on the website, the first place web hosts will look into are the error logs. Logs allow you to save a lot of time and easily identify and resolve technical issues of WordPress sites.
WP Activity Log supplements error logs by keeping a log of user and system activities on your WordPress website. This allows you to understand what happened before an issue surfaced, helping you troubleshoot faster.
Website User Activities
It is important to know what your users are doing, especially if you have a large team of people collaborating on your website. The plugin keeps a record of what users are doing, including the date, time, IP address, and a lot of other useful and important information. It keeps a log of user activity such as when users create and publish posts, upload file, install, activation or update, and more.
WordPress Site Security & Protection
There is no doubt that WordPress sites are constantly targeted by malicious hack attacks. And protecting your website from hacking is challenging. You cannot stop the hackers from attacking your site, but you can always stay a step ahead of them by knowing the methods they are using when trying to exploit issues on your website. By keeping an activity log you will be able to identify all those unusual activities even before it creates a big concern for your website.
More Benefits to Keeping an Activity Log on Your WordPress Site.
It's true that most WordPress sites survive even without any security activity log plugin installed on them. Many others survive without the most basic type of security. Though why risk it?It’s only a matter of luck. In the case of security, prevention is better than cure – better to be safe than sorry. Use an activity log plugin such as WP Activity Log and it will certainly come in handy.
So we have already established the importance of using a Security log plugin on our WordPress website. But to understand the detail essentiality and usability of WP Activity Log plugin we have done some testing ourselves.
So to evaluate this plugin properly, let's begin with the analysis of the menu functionality of WP Activity Log plugin.
What's on The Menu List of WP Activity Log Plugin?
This is what you look at when you click your installed WP Activity Log plugin in your WordPress Dashboard menu. The Menu of WP Activity Log consists of all the attributes that need to manage & control the plugin for all your website audit trails. The menu list has the link to the Log Viewer, Email Notifications, Create Reports, Log Search, Logged In Users, Settings, Enable/Disable Events, Integrations, Help & Contact Us, and finally Upgrade
Log Viewer
This tab in the Activity log menu shows the log of all the activity that is taking place on your WordPress website in real-time. It very nicely displays the log as a list categorizing them by an Event ID, Severity Type, Date, Username, User, role, user avatar, Source IP address, and the actual change message. Overall the log viewer looks well defined and cutting-edge.
Enable/Disable Events
This section allows you to either enable or disable every event individually or to select the activity log detail level. Considering we are dealing with a comprehensive activity log WordPress plugin, there are a lot of events here. To help you better distinguish and segregate events, where necessary you’ll notice Categories, as shown in the below screenshot.
Settings
Being a comprehensive activity log solution for WordPress, there are quite a few settings available. The plugin is very user-friendly and easy to use, making for an excellent user experience that has a very short learning curve. The settings are well segregated and every setting is well explained.
General
In this section you will find the generic plugin settings, mainly:
- Choose between infinite scroll and pagination
- Enable or disable auto refresh
- Enabling and disabling the dashboard widget and admin bar notification.
- Login page notification which is typically required by law.
- Reverse proxy and web application firewall support, in case your WordPress site is running behind one.
- Plugin settings privileges – by default only administrators are allowed to configure the plugin, but you can allow other users or users with roles.
- Activity log viewing privileges – the same as above.
- Email address and display name configuration – when configured to do so, the plugin can send a series of emails. Here you can specify the email address and display name the plugin should use as an address in these emails.
- Hide plugin in plugin pages – this is particularly useful if you have other administrators on the website and you do not want to show them you’ve installed the activity log plugin.
Activity Log Viewer Settings
In this section, you can configure all the settings related to the activity logs and the data. Below is the list of settings available:
- Activity log retention – you can configure the plugin to keep all data or automatically purge activity log data that is older than the configured time.
- Events timestamp – for every event in the activity log, the plugin records the date and time it happened. This option allows you to configure which timezone to use, which could be either UTC of the timezone configured on your site.
- User information display – by default the plugin shows the username of the user doing the change in the activity log, though you can configure it to show the first and last name or the configured display name.
- Activity log column selection – from this setting, you can specify which of the columns should be displayed in the activity log.
- Activity log auto refresh – use this setting, found in General to specify if the activity log should auto refresh on updates.
- WordPress background activity – WordPress runs a lot of tasks in the background, such as deleting old post revisions etc. Use this setting to specify if the plugin should keep a log of such activity.
File Integrity Scan Settings
WP Activity Log also integrates with Website File Changes Monitor – a free WordPress plugin that monitors changes to WordPress files.
Once Website File Changes Monitor is installed, you'll find a shortcut to the plugin here. This makes it very convenient to change the settings of the plugin such as scan frequency, which file types to ignore and similar other settings.
Exclude Objects
In this section, you can exclude objects from the activity log. I personally wouldn’t recommend excluding anything from the logs, otherwise, there is no guarantee that nothing is being tampered. Though in case you need to, you can exclude:
- WordPress users
- Roles
- IP Addresses
- Post types
- Custom Fields
Advanced Settings
In his section, you will find the advanced plugin settings that most users will never use. Basically, from here you can:
- Reset the plugin settings to default.
- Purge the activity logs.
- Enable or disable the MainWP Child Site Stealth Mode.
- Configure the plugin to delete all data upon uninstall.
Premium Functionality
The following five menu entries, listed below are for the premium edition. They are clearly highlighted with an upgrade arrow. These are:
- Logged In Users – in the premium edition, here you can see who is logged in to your site in real time and their latest event and change
- Email Notifications – here you can configure email notifications so you are instantly alerted when important occur happen on your WordPress site
- Reports – the plugin also allows you to generate a variety of reports from the activity logs. Reports are typically used for management, business and to meet regulatory compliance requirements.
- DB & Integrations – in this section you can configure the plugin to store the activity log in an external database, and can also configure archiving and mirroring of the activity log to systems such as Papertrail, Syslog and Slack.
- Search and filtering – Once you upgrade to premium you can also do very precise searches in the activity log and use the selection of filters to filter the search results and find what you are looking for as quickly as possible.
Key user benefits of using WP Activity Log plugin
As we have seen, the WP Activity Log is a very comprehensive activity log plugin. As a matter of fact, if set up properly it can be configured as a WordPress Intrusion Detection System (IDS). So should you use this plugin? Certainly so if you want to:
- Track all WordPress user activity: At any moment you may experience fishy activities on your websites. You can track any malicious attack or unusual posts or changes made from the backend without your permission.
- Identify and trouble shoot issues quicker: Sometimes a customer may call or informs about any problem on your website. But not knowing what the issue is and taking too long to respond will lead to a negative impact. Which may leave the customer unsatisfied with your services in the near future. So with this Activity Log Plugin, you can identify any such events and take prompt action right away.
- Track login attempt: Any outsiders or fake users may take a shot at unauthorized log into your site. But with WP Security Log Plugin it records and lets you monitor any such failed attempts including their IP addresses. Not only that it keeps a record of the number of times those users attempted to login like that.
- View Plugin and Theme installation record: Users may install unwanted plugin or theme that might slow down your system. So the WP Activity Log plugin records a complete list of all those installed plugins or themes. Uninstall or remove them after checking the records if you feel those items are slowing down your website capacity.
- Monitor unauthorized change of file & upload: A user may wittingly or unwittingly change, delete or upload files that may make your website vulnerable to security threats. With WP Activity Log and Website File Changes Monitor, you can track which user edited, deleted or uploaded any dubious files on the website.
- Track widget changes: It also helps you track any addition or removal of a widget on your website. This is useful when an important widget goes missing or added without your knowledge.
Recommendations
Advice for Multi-vendor marketplace owners: The online multi-vendor marketplace is a booming business point in WordPress. So for a multi-vendor marketplace owner, tracking down security and audit logs can be of major concern. But this can be done easily with the WP Activity Log plugin. So for all owners of WordPress multi-vendor marketplaces like Dokan, this plugin can be quite a handy one to track down all the activities of vendors/customers and their logging details.
Final Verdict
After this post, there is definitely no dispute in mind about the importance of keeping an activity log on your WordPress site, and how it can help you improve the site’s security and also management. We have just seen how activity logs can help you easily better protects your site, track down possible security issues, and more. And even more on multi-user websites, it provides all the necessary tools to monitor users and contrive productivity.
So if you ask us for an activity log plugin for your WordPress site we will honestly recommend using the WP Activity Log plugin. Yes, there are other available free solutions, such as WP Stream and Simple History, though if you are serious about activity logs you will notice that even the free edition of the WP Activity Log plugin is far more superior to other available solutions.
And of course, there is the option to upgrade to a premium activity log solution, which has all the features businesses and enterprises need to build an activity log solution and integrate it with other systems to better manage their WordPress sites and multisite networks.
Keep an Activity Log on Your WordPress Site
Surely, there are some WordPress security plugins such as Wordfence Security, Sucuri Security – Auditing, Malware Scanner and Security Hardening, Shield Security for WordPress, All In One WP Security & Firewall that might do the basic job of just protecting and hardening your website. But when it comes to tracking the complete activity log of your WordPress site then WP Activity Log plugin is the solution you need to look for.
And so if you are willing to give a shot at WP Activity Log, you can download the plugin from wordpress.org. It will probably take only 5 minutes to install and configure it for your WordPress website.
By the way, have you used any of the above-mentioned WordPress security plugins yet?If you have already used any of these plugins then do share your experience with us in the comments below.