We have been asked several times if the WP Security Audit Log plugin keeps a record in the WordPress audit trail when a logged in user views a page or post, or opens it in the editor. And with this new update which we are happy to announce today, our answer is yes. But that’s not the only new thing in version 2.5.5 of our plugin. Even though it is a minor version update we included new logging of more WordPress changes, new features, several improvements and of course, why not, bug fixes. Here is an overview:
Keep a Record of When a User Views Content or Opens the Editor
Below is a list of the new WordPress security alerts we included in the plugin so it keeps a record when a logged in user views some content or opens it in the editor.
- Alert 2100: User opened a post in the editor
- Alert 2101: User viewed a post
- Alert 2102: User opened a page in the editor
- Alert 2103: User viewed a page
- Alert 2104: User opened a custom post type in the editor
- Alert 2105: User viewed a custom post type
Therefore from now onwards, each time a logged in user opens some content in the Editor, or views some content the plugin will keep a record of such action and which content. Refer to the complete list of WordPress audit trail alerts for more information on which WordPress changes the plugin can keep record of.
Better Organized Plugin Settings
The WP Security Audit Log plugin is growing in functionality, which also means we are also introducing new settings. In this version we have split the plugin’s settings in two tabs:
- General settings from where you can configure generic plugin settings such as reverse proxy support or who can manage the plugin,
- Audit Log settings from where you can configure automatic alert pruning, alerts timestamp etc.
Improved Logging of 404 Requests
In version 2.5 of WP Security Audit Log we introduced the logging of 404 requests, aka requests to non-existing pages in the WordPress audit trail. Since then we’ve released several updates and tweaks and in this version we have another update.
By default the plugin keeps a log of up to 99 requests to non-existing pages from a specific IP address. Therefore if there are more than 99 requests in 24 hours to non-existing pages from the same IP address they won’t be logged. Once those 24 hours pass, the plugin will start keeping a log of such requests again.
Now you can configure the number of requests to non-existing pages the plugin should log to a log file. The setting is in the Audit Trail tab in the plugin’s settings.
Other Updates in WP Security Audit Log Plugin
We have also included several other updates, fixed the Data Inspector and much more. For a detailed list of all that is new, improved and fixed in version 2.5.5 please refer to the changelog.
Getting Started with a WordPress Audit Trail
Keeping a record of everything that is happening on your WordPress is very easy, simply install the plugin WP Security Audit Log and it will automatically keep a record of all the changes that are happening on your WordPress, as explained in this video.