Monitor WordPress Widgets Activity with WP Security Audit Log

The new WP Security Audit Log WordPress security and monitoring plugin alerts WordPress blogs and websites owners when new widgets are added on their website, or existing ones are modified.

We are seeing a good number of hacked WordPress blogs and sites where attackers inject malicious redirects and malware in widgets,” explained Robert Abela, a WordPress security specialist at WP White Security. “Such type of malicious attacks are virtually impossible to detect unless webmasters and administrators have some sort of auditing and alerting system. The new version of WP Security Audit Log plugin is monitoring WordPress widgets activity, thus allowing administrators to track down and stop such malicious activity” continued Abela.

WP Security Audit Log Monitors Widgets Activity

WP Security Audit Log version 0.5 allows WordPress administrators to monitor all WordPress widgets activity. If a WordPress user adds a new widget, WP Security Audit Log will raise an alert indicating the name of the new widget and the name of the Widget Area where it was created. WP Security Audit Log will also raise an alert if an existing widget is modified, if a widget was moved from one widget area to another and if a widget was deleted. Each WordPress security alert will contain all necessary details administrators need to track down malicious activity, such as the widget name and the widget area.

WordPress Security Alerts for WordPress Widgets

WP Security Audit Log plugin is now able to raise the below WordPress security alerts:

  • Alert 2042: A new widget was created
  • Alert 2043: A widget was modified
  • Alert 2044: A widget was deleted
  • Alert 2045: A widget was moved from a widget area to another

For a complete list of WordPress security alerts generated by WP Security Audit Log refer to the List of WordPress Security Audit Log Alerts.

Allow Users & Roles to View WordPress Security Alerts

With this new version of WP Security Audit Log WordPress administrators now have the ability to allow non administrative WordPress users and roles to access the Security Audit Log Viewer, from where users will be able to see all the WordPress security alerts generated by the plugin. This new feature gives webmasters and administrators the ability to delegate the monitoring of the WordPress activity. Users and roles who have access to the Security Audit Log Viewer will have READ ONLY access.

Allow Users & Roles to Manage the Plugin

WP Security Audit Log version 0.5 allows WordPress owners to give access to other WordPress users and roles to manage the plugin without the need to have WordPress administrative privileges. Users with such access will be able to fully manage the plugin, including viewing WordPress security alerts, enabling or disabling WordPress security alerts and also giving access to other users to manage the plugin. Therefore only trusted users should be allowed such access.

Other WP Security Audit Log 0.5 Improvements

This new update of WP Security Audit Log also includes the following improvements:

  • Renamed the tab “Login/Logout” to “Other User Activity” in the “Enable/Disable Alerts” node
  • File upload and file delete security alerts can now be disabled from the “Enable/Disable Alerts” node
  • Only users who have access to the plugin will be able to see the Dashboard Widget with the latest security alerts

For a more detailed change log of the WP Security Audit Log plugin click here.

Download WP Security Audit Log Plugin

You can download our WordPress security plugin WP Security Audit Log from the WordPress plugin repository. For more information about the plugin, visit the WP Security Audit Log benefits page. For a list of WordPress security alerts generated by WP Security Audit Log plugin refer to the List of WordPress Security Audit Log Alerts.

Updating WP Security Audit Log Plugin

Once you login to your WordPress dashboard using an administrator account you will be automatically notified that an update for the WP Security Audit Log plugin is available. You can upgrade automatically by clicking the upgrade link.

If you want to manually upgrade the plugin; download the plugin from the WordPress repository, deactivate the plugin from the WordPress dashboard, delete all plugin files and replace them with the new files. Once all files are uploaded, enable the plugin from the WordPress dashboard.

Rate WP Security Audit Log Plugin

If you use WP Security Audit Log plugin and it helped you improve the security and monitoring of your WordPress blog or website, please rate (and if possible post a review) WP Security Audit Log on the WordPress repository. If you have any questions or feedback, get in touch with us by sending us an email on plugins@wpwhitesecurity.com.

Leave a Reply

Your email address will not be published. Required fields are marked *