Getting Started with the SMS & Email Notifications

You are here:
Back

Table of Content

  1. What are Notifications?
  2. Enabling pre-configured notifications
  3. Creating notification criteria with Trigger Builder
    1. Using operands in between triggers
    2. Grouping triggers
    3. Different types of triggers
  4. Support
  5. Related FAQs

What are Notifications?

Notifications allow you to be instantly notified via SMS and / or email of important and critical changes that happen on your WordPress sites and WordPress multisite networks. To get notified of site change via email or SMS, you can do one of the below;

  • Enable any of the pre-configured notifications with just a click,
  • Setup a new a WordPress notification trigger so once an event in the activity log matches the trigger an email and / or SMS is sent.

Note: to send SMS notifications you have to integrate the audit log plugin with Twilio.

Enabling The Pre-configured WordPress SMS & Email Notifications

To configure any notification or modify existing ones click on the Notifications node in the plugin menu. As you can see from the below, the WP Security Audit Log plugin has a number of pre-configured notifications. To enable them all you need to do is to tick the checkbox next to the notification and specify an email address or username, and optionally a mobile number if you want to get a SMS notification.

Pre-configured Email & SMS notifications

In the pre-configured notifications you can find a good number of handy notifications, such as:

In the list of pre-configured notification you can only find simple criteria notifications, for example a notification for when a user logged in. If you would like to get notified about something more specific, or complex, for example a user logged with a specific role logged in outside office hours, you have to use Notification Trigger Builder.

Email Alert for the First Time User Logs In

In the pre-configured notifications there is a notification for the First time a user logs in. We recommend that this option should always be enabled.

This is a very important notification. Just in case your WordPress website is ever hacked, and the attacker is able to create a new user directly in the database, you will still be notified via email or SMS once the new user is used to login to your WordPress blog or website.

Creating Notification Criteria with the Trigger Builder

To be notified of more specific activity or site changes you need to use the Trigger builder to create your own notification criteria. In this example we will setup a notification so we are sent a SMS and email when a user with the administrator role logs in from an IP address that is not the IP address of the office (106.13.12.130).

Notification trigger for admin login but not from the office

  1. Click on the Notifications node in the plugin menu.
  2. Click the Custom Notifications tab and click the Add New button to create a new trigger.
  3. Enter a title for the notification, for example Admin logs in from outside the office.
  4. Click the +Add Trigger to add the first trigger.
  5. The first trigger should be ALERT CODE IS EQUAL 1000. (1000 is the Alert ID of a user login. Refer to the complete list of WordPress security alert IDs for more information).
  6. Click the +Add Trigger to add the second trigger.
  7. The second trigger should be USER ROLE IS EQUAL administrator.
  8. The operand between the two triggers should be AND.
  9. Click the +Add Trigger to add the second trigger.
  10. The third trigger should be SOURCE IP IS NOT 106.13.12.130.
  11. Specify the email address or username of the email notification recipient in the Email address placeholder. You can specify multiple email addresses and usernames in this section.
  12. Specify the mobile phone number of the SMS notification recipient in the Phone number placeholder. You can specify multiple phone numbers.
  13. Click Add Notification to save the trigger.

That’s it! You can test the email or SMS notification by clicking the Send Test Email or Send Test SMS buttons next  to the notification, which are shown in the below screenshot.

Test notification trigger

Using Operands in between Triggers

In the above example we have set the AND operand between the triggers. The Trigger builder has two operands that you can use, the AND and OR operands. When you use the AND operand both the triggers should match for the notification to be sent. When you use the OR operand, only one of the triggers has to match for the notification to be sent. We’ll explain more about the operands in the below example.

Grouping of Triggers

In case you have more than two triggers you can also use the grouping feature to group a number of triggers together. Grouping allow you to create several different types of triggers, such as the below:

  • (TRIGGER 1 AND TRIGGER 2) OR TRIGGER 3
  • TRIGGER 1 AND (TRIGGER 2 OR TRIGGER 3)

For example you can create a trigger to be alerted via email and /or SMS when an administrator or editor only logs in. You do not want to get notified whenever a user with any other role logs in. In this case you can create the following trigger:

ALERT CODE IS EQUAL 1000 AND ((USER ROLE IS EQUAL administratorOR (USER ROLE IS EQUAL editor)).

To create the above notification trigger you need to create a trigger with the following format: TRIGGER 1 AND (TRIGGER 2 OR TRIGGER 3). This is how the end result should look:

Grouping triggers and using operands in the trigger builder

The below procedure explains how we have created the above notification criteria:

  1. Create the following triggers:
    1. ALERT CODE IS EQUAL 1000
    2. USER ROLE IS EQUAL administrator
    3. USER ROLE IS EQUAL editor
  2. Set the operand between the first and second trigger to AND
  3. Set the operand between the second and third trigger to OR
  4. From the Grouping drop down menu of the last trigger select Group with the above trigger so the two are joined together.

Different Types of Triggers

There are several different types of triggers you can use to monitor every possible action you would like. You can setup up a trigger using any of the below criteria:

  • Event ID
  • Date
  • Time
  • Username
  • User Role
  • Source IP Address
  • Post ID
  • Post Status
  • Post Type
  • Site Domain (in case of multisite)

Support

If you encounter any problem or have a query, please contact our support team at support@wpsecurityauditlog.com. Include any information you think is useful to help us diagnose your issue. Please also include the license key information in the support email.

Related FAQs