Monitoring User Activity in WordPress With Security Audit Logs
READING TIME: MIN
Running a multiple-author website comes with its risk and constantly checking authors’ activities could save. To have a well-balanced site where you preach what you want and believe, you need to audit your logs. It is a big fact that you need to check your website on possible actions, who acted, was it a negative or possible action and if negative, how to fix it. Here, we will show you why and how to monitor your users’ activity and also check security audit logs in WordPress.
Why do you have to monitor user activity?
If your website is run by a team, there is no way to hoard login access. Since everyone needs to add their quota, access must be made available. The error, therefore, is inevitable when you have a team of people on a project. If you can’t do without error(s) then you have to find a countermeasure and this is where monitoring with security audit logs becomes useful.
Take for example; a moderator approves a comment on the website policy or you as a person don’t support. If the site is a high traffic one, you might not figure this but you can easily know through security audit logs. Using security audit logs could help you train your team more, remind them about the policy again and tell them what they are doing right and wrong.
This is not harsh, we have seen cases where a developer hired for a WordPress site changed the affiliate link to his not knowing the owner checks his audit logs. Audit log could be the next major piece needed for your WordPress.
Away from why let’s talk about how to monitor user activity
We will talk about two WordPress audit log plugins. They are Simple History and WP Security Audit Log
Using Simple History
Simple History is a completely free plugin. It is a user activity plugin that works perfectly for a small WordPress blog or site. Once it is activated, go ahead to Settings → Simple History on the left sidebar of your admin panel. While on the settings page, the choice on whether you want the activity log to appear on a separate page or the same page is left to you. How much you want to appear on your dashboard is left to you also. Simple History cleans its activity log that is older than 60 days.
The plugin uses a secret RSS feed to monitor the activities and it must be enabled.
- To view user activities, go to Dashboard → Simple History page. Events that happened in the last 30 days are automatically displayed but can be changed to 60 days or to any date you want by clicking on the dropdown menu.
- There is a “Show Search Options” link that reveals events on your site. You can use a field or multiple fields to get your results.
- The user field works like this. Your search for a particular user and then click on the Search events to see what the person has been up to in the past 30 or 60 days. You can use Simple History to track login, logout, media upload, plugin install, wrong password and more.
The second plugin is WP Security Audit Log
As said above, Simple History works well but its functionality is limited. WP Security Audit Log is a plugin rich in features and provides detailed user activity. WP Security Audit Log is more like an online CCTV that alerts you at every change on your website. You also get to be emailed.
Activate after installing WP Security Audit Log plugin. After activating, click on Audit Log on the left sidebar of WordPress admin panel. There is a license key that comes with the plugin after purchasing it. Put the key and then “Agree & Activate License”. Once the plugin is activated, it comes under audit log menu.
- Here, monitoring start, go to Audit Log → Audit Log Viewer page. The log page shows you different events, details of events like user involved, date of the event, the message and the IP address of the user.
- To have full power over your audit log, you can track event by clicking on Audit Log → Enable/Disable Events.
- The Audit Log provides a full site option to pick from. You can see a user that logged in. you can also terminate a user session by using the “Terminate Session” button. The activity log/report is downloadable. You can get this by going to Audit Log → Reports.
This article best teaches why and how you need to monitor your users’ activity.