WP Security Audit Log 2.6.6 Released

We just released an update of WP Security Audit Log, the most popular and widely used WordPress security audit trail plugin. The main highlight of this update is the ability to keep a record of changes done to custom fields created by Advanced Custom Fields (ACF) and similar plugins.

Note that we also released the new Search 2.0 add-on, with a new UI and functionality. Read the WP Security Audit Log Search 2.0 release notes for more information.

Logging Capabilities of Custom Fields

Prior to this release, the plugin was only keeping a log of changes done to the built-in custom fields of WordPress in posts, pages and posts with custom post type. Though with this update, it is also able to keep a record in the WordPress audit trail when the value of a custom field created by ACF is changed in a post, page, post with custom post type and also user profiles.

In fact with this update we also introduced two new alerts:

  • Alert 4015: User updated Custom Field in a user profile
  • Alert 4016: User created a custom Field in a user profile

Refer to the list of WordPress audit trail alerts for a complete list of changes that the WP Security Audit Log plugin can keep a record of on a WordPress website.

Other Notable Updates

We also included other updates in this version, such as:

  1. A new option to either show the Username or the First & Last Name of the users in the WordPress Audit Trial.

Option to display either username of first and last name of user in WordPress audit trail

  1. Changed the naming format and location of 404 error log files. For more information refer to the logging of 404 errors with WP Security Audit Log. Note: we changed the naming format because there were security issues with the format we were using before. Thank you Enable Security for the proof of concept and help with this issue.
  2. We also added a new Tooltip functionality to filter all alerts by IP Address, as shown in the below screenshot.

Filter to filter WordPress audit trail by activity from a specific IP address

Updating WP Security Audit Log

You will be alerted in your WordPress dashboard / admin pages that a new WP Security Audit Log plugin update is available. The updating process is all automated, though should you encounter any problems please do not hesitate to get in touch.

What Do You Think of WP Security Audit Log?

The WP Security Audit Log plugin was designed to help WordPress website owners and businesses keep a record of everything that is happening on their website. Did WP Security Audit Log help you in some way? Have you been using it for a few months and maybe years? If yes, we would appreciate if you can spare a minute to send some stars our way and let us know what are your thoughts on the plugin.

Audit Trail for WooCommerce Store and Products

We are happy to announce the release of WP Security Audit Log 2.6. The main highlight of this update is the monitoring and audit trial for WooCommerce ecommerce platform. Below are the highlights of this new update.

WooCommerce Audit Trail

You’ve asked for it and we have done it! WP Security Audit Log can now keep a record of WooCommerce store and products changes in the WordPress audit trail. The monitoring of WooCommerce is also very comprehensive. The plugin does not just record of a product change, but it keeps a record of what changed in the product be it the price, weight, dimensions, stock amount, SKU and more.

Changes in WooCommerce product reported in the WordPress Audit Trail

WP Security Audit Log also keeps a record in the audit trail if the WooCommerce store’s settings are changed, such as the currency, base location and other options. Refer to the list of WooCommerce alerts for a complete list of which store and products changes can the plugin keep track of.

Disable Alerts with Just a Click

Disable an Alert type by simply hovering over it and clicking DisableWe have also made it much easier to disable a specific alert type. There is no need to go to the Enable/Disable Alerts but you can simply hover over the alert ID and click the Disable button.

Once an alert type is disabled, the change it is reporting will no longer be logged. For example if you disable alert 4003, which is used to keep a record for when a user changes his password, each time a user changes his password it will no longer be logged in the WordPress audit trail. You can enable the alert again from the Enable/Disable Alerts node in the plugin menu.

Other Plugin Improvements

In this version of WP Security Audit Log we have also improved the severity of the alerts. When you hover the mouse on a severity icon you can see what severity of the alert is, as shown in the below screenshot.

WordPress audit trail alerts severity

We have also removed all the code which was being used to monitor for PHP errors. This feature was originally developed for developers but it is no longer being used.

Download & Try WP Security Audit Log

Keep an audit trail of all the changes on your WordPress and WordPress multisite installations with WP Security Audit Log plugin and improve user productivity and the security of your website. Getting started is very easy!

Use the premium add-ons to get more out of your WordPress audit trail. Create email notifications, generate user and compliance reports, store the WordPress audit trail in syslog, see who is logged in to your WordPress and much more.

Subscribe to WP Security Audit Log Plugin Newsletter

Subscribe to the WP Security Audit Log newsletter to keep yourself up to date with all the latest news and updates. You will only receive newsletters related to WP Security Audit Log plugin.

Rate WP Security Audit Log

Please spare a minute and rate the WP Security Audit Log plugin. Everyone likes stars!

New WP Security Audit Log Plugin Supports Syslog and Papertrail

Today we are excited to announce version 2.5.9 of the WP Security Audit Log WordPress plugin, and version 2.0 of the External DB premium add-on. We have really put in a lot of work in these versions, and finally you can mirror the WordPress audit trail to Syslog and Papertrail, the cloud-hosting log management system.

Here is an overview of what is new and improved in these version updates of both the plugin and its External DB add-on.

Mirroring of the WordPress Audit Trail to Papertrail and Syslog

With the new version of the External DB add-on you can mirror the WordPress audit trail to Papertrial, Syslog or even an external MySQL database. There are a number of advantages you can benefit from when mirroring the audit trail, such as:

  • meet regulatory compliance requirements,
  • centralise logging,
  • ensure the WordPress audit trail is not tampered with (even in case of a hack),
  • ensure the WordPress audit trail is always available, even when the website is down.

Read the below FAQs for more information on how to configure mirroring of the WordPress audit trail to any of the supported solutions:

Archiving of the WordPress Audit Trail

Some of the WordPress websites WP Security Audit Log is installed on are multisite, and they run thousands of websites. Typically such setup generates thousands of alerts in the WordPress audit trail on a daily basis. Such quantity of data can slow down the reading and writing to the database. Now you can use the Archiving feature in the External DB add-on to keep the WordPress audit trail database small, manageable and fast.

Once you configure the archiving of the WordPress audit trail alerts you can still see the archived alerts in the Audit Log Viewier, by using the drop down menu shown in the below screenshot.

Drop down menu in Audit Log Viewer to view the archiving database

You can also use the Search Add-On to search through the alerts in the archiving database and the Reports Add-On to generate reports from it, as explained in this FAQ about the archiving of WordPress audit trail alerts.

Updating the WP Security Audit Log Plugin and Add-Ons

You will be prompted to update the plugin and add-ons in the Plugins page of the WordPress admin pages. Should you encounter any issues do not hesitate to get in touch. Also, please do spare a minute to rate our plugin. Everyone likes stars!

New WordPress Users Sessions Management Add-On for WP Security Audit Log

WP Security Audit Log plugin updateToday we released version 2.4.3 of the most comprehensive WordPress audit trail plugin WP Security Audit Log. With this new version we are excited to announce the release of a new premium add-on that allows you to see who is logged in to your WordPress websites and control users sessions.

Read this blog posts for an overview of what is new, improved and fixed in this latest version of the plugin.

New Users Sessions Management Add-On

This new plugin add-on is unique and the first of its kind. Like we’ve done several other times before, with the release of this new add-on we are pushing the boundaries of what can be done on WordPress. As seen in the below screenshot, the new Users Sessions Management add-on allows you to:

  • See who is logged in to your WordPress and WordPress multisite networks,
  • See the latest change the user did in every logged-in session,
  • Terminate existing sessions,
  • Block multiple sessions for the same WordPress user,
  • Get alerted via email when a sessions is blocked or when there are multiple sessions.

See who is logged in to your WordPress websites and blogs with the new Add-on

Read the WordPress users sessions management add-on product page for more information about the add-on, pricing and more. This add-on will also be included in the All Add-Ons bundle, therefore if you already own a bundle license contact us so we can send you a license key for this add-on.

New WordPress Security Alerts

When you install the Users Sessions Management add-on the WP Security Audit Log plugin will alert you when a user’s login is blocked or where there are multiple users sessions with the below alerts in the WordPress audit trial:

  • Alert 1004: a user’s login was blocked because a session with the same username already exists
  • Alert 1005: multiple logged-in sessions for the same WordPress user were detected

Refer to the complete list of WordPress security alerts for more detailed information on which changes the plugin can keep track of in the WordPress audit trail.

Reports Add-On Update

With this update of the plugin we also released an update of the WordPress Reports add-on to address an issue where the /uploads/reports directory was being created with the wrong directory permissions.

Improvement

The plugin can now also keep a record when an object is moved as a sub-object in a WordPress menu. Refer to the WordPress menu security alerts for all the different alerts related to WordPress menus.

That is it for this new version. Please refer to the changelog for a complete list of changes including bug fixes.

Download & Try WP Security Audit Log

Keep track of all the changes on your WordPress and WordPress multisite installations with WP Security Audit Log plugin. Getting started is very easy, as explained in this introductory video.

You can also use the premium add-ons to create email notifications, see who is logged in to your WordPress, generate user and compliance reports, search in the audit trail and much more.

Subscribe to WP Security Audit Log Plugin Newsletter

Subscribe to the WP Security Audit Log newsletter to keep yourself up to date with all the latest news and updates. You will only receive newsletters related to WP Security Audit Log plugin.

Rate WP Security Audit Log

If you have been using WP Security Audit Log please spare a minute and rate the plugin. Even grown-ups like stars! Thank you in advance for your support.