We are happy to announce the July 2018 update of WP Security Audit Log, the most comprehensive WordPress activity log plugin. The main highlight of this update is support for MainWP, a WordPress plugin that allows you to manage multiple WordPress installs from one central dashboard. This update also includes several other new features, improvements and bug fixes, which are highlighted in this post.
Support for MainWP
We are working on a full integration between Main WP and the WP Security Audit Log plugin, with which users can view the WordPress activity log of all child websites from the central MainWP dashboard. This integration is split in two phases.
In phase one, which we are announcing today, the WP Security Audit Log plugin will keep a record in the WordPress activity log of any changed done to a website from the MainWP dashboard. In phase two of the partnership, which we will be announcing in the near future, we will release a MainWP add-on that can be used to view the WordPress activity logs of all MainWP child websites from the central MainWP dashboard.
Buffer for external WordPress activity log database
In this version we introduced a buffer for the WordPress activity log external database. This means that should the external database connection be slow, or unavailable, the events will be stored in the WordPress database and sent to the external database once the connection is restored. Therefore if the connection is slow, or dropped, the website and its performance are not affected.
Retention settings for archived events in the WordPress activity log
WordPress activity log archiving allows you to archive events that are older than a specific time, so there are not a lot of events stored in the main activity log database. Previously it was not possible to configure WordPress activity log retention when archiving was enabled.
In this version we introduced retention settings for archived activity log events as well. Therefore when archiving is enabled, the retention settings of the activity log are moved to the archiving settings.
Exclusion of logs of requests to specific non-existing URLs
By default the WP Security Audit Log plugin keeps a log in the WordPress activity log when a user or website visitor requests a non-existing URL (404 errors). Such logs allow you to identify automated scans and other forms of possible automated malicious attacks.
Though you may not want to keep a log of all requests to non-existing URLs. For example if you change the WordPress login page URL the plugin will keep a log of bots requesting such URL, which are useless for you. In such case you can easily exclude the logging of such requests to non-existing URLs from the Exclude options in the plugin’s settings.
In this update of the plugin and the next few ones we will be announcing several performance enhancements. The WP Security Audit Log plugin is already optimized to run on any type of WordPress and web server configuration without affecting the website’s performance. Though our aim is to reduce even further the resources footprint of the plugin to the lowest possible level while still improving its performance. In this update we have:
- Improved the sensors loading mechanism so sensors for third party plugins that are not installed will not be loaded.
- Changed the plugin’s loading scripts so views are only loaded when requested.
Stay tuned by subscribing to the WP Security Audit Log plugin newsletter so you are informed when new updates are released.
Other notable Improvements
In this update of the most comprehensive WordPress activity log plugin, we have also included the following:
- Option to exclude directories from the WordPress file integrity scans,
- Updated the 404 detection sensor to use a more accurate source to capture the requested non-existing URLs,
- Added a new setting to exclude the changes of automated changed to product stocks in WooCommerce,
- Plugin now allows administrators of sites on multisite networks to view who is logged in to their sites,
- Updated the exclusion settings to allow users to exclude any post type from the logs, including the default post and page.
For a complete detailed list of what is new, improved and fixed in version 3.2.2 refer to the WP Security Audit Log plugin change log.
Updating WP Security Audit Log
To update your plugin installation to version 3.2.2 simply install the update on your WordPress website when you are prompted that an update is available. The update is automated and no further action is required. Do not forget to rate the WP Security Audit Log plugin.