When users uninstall the WP Security Audit Log plugin from their WordPress website we ask them why they would like to uninstall the plugin. The most common answer is we no longer need it. In other words, the website administrator no longer needs to keep a log of changes that happen on the website. To me and everyone in security, this raises some red flags.
It is ineffective to keep a log of changes on any system when used retroactively, after an error or breach occurs. WP Security Audit Log is a powerful WordPress administrator plugin, but only if used properly.
In this post we share four key reasons that highlight how important it is to always keep a log of user and site changes, not just when you think you need to.
4 key reasons to always keep a record of site and users changes in a WordPress activity log
1. Activity logs (and monitoring) are a WordPress security staple
There are several ways to secure and protect your WordPress site. For example you can add two-factor authentication, and setup a WordPress firewall and strong password policies. However, security is not a one time fix, but a process.
That is why WordPress activity logs are also an important component of a WordPress security program. With logs you can accomplish things that with other security techniques can’t. For example, logs allow you to:
- identify suspicious logged-in user behaviour,
- notice someone trying to exploit a security weakness in your website or existing security system,
- find out if someone in your team is making unauthorized changes on your website or store.
In fact, WordPress activity logs compliment your WordPress security plugin. You can’t have a complete security solution without one or the other. An ongoing activity log is key to continually improving your website’s security, so that you can keep hackers out. Given the constantly-changing landscape of web application security, it’s important to always know what is happening on your website.
2. You can’t see changes that took place before you started keeping a log
The most common question we get asked is, if it’s possible to view logs of activities that happened before the WP Security Audit Log plugin was installed. Unfortunately for them, this isn’t possible. WP Security Audit Log doesn’t read existing logs because WordPress doesn’t create any!
WP Security Audit Log has its own sensors and it monitors your site and creates its own WordPress activity logs.
Sometimes, users install WP Security Audit Log after experiencing a problem. They rely on the issue being reproduced somehow to track down the root cause. However, this strategy only works in few selected cases. There’s no guarantee that the error, or other situation will repeat. Or if the website is hacked, it is simply too late!
The only way to conduct forensics, or track down any type of user behaviour is to have a WordPress activity log plugin running before the problem occurs. Think of it this way – if you drive uninsured, it doesn’t help to get insurance cover after crashing. The insurance won’t cover you.
If you have a WordPress activity log plugin installed and running all the time, there’s no need to wait around for problems to repeat themselves. You’ll already have the information you need in the audit logs. So you can tackle the issue immediately, leading to a faster resolution that doesn’t rely on chance.
3. Your site could be hacked or modified without you realizing
Finally, there’s one more key reason not to wait until there’s a problem on your site to install WP Security Audit Log. No matter how experienced you are when it comes to WordPress and website management, everyone can still make human errors.
Sometimes, hackers upload malicious files in places where you wouldn’t think to look. It’s entirely possible, and not uncommon, for site owners to be unaware that their website has been compromised. You could go months or even years harboring malware on your site.
The same goes for user accountability. Store managers or editors could be changing prices, or carrying out a variety of tasks without your knowledge that might harm your business.
In either situation, you’ll likely lose a significant amount of revenue before you realize that something is wrong. Even then, installing WP Security Audit Log after the fact won’t help you retrieve the lost funds, and won’t be as helpful as maintaining a running log, since it can’t show you activities that occurred prior to installation.
If you’re not monitoring your site’s activity, or if you do not have an activity log for your WooCommerce store, you can’t know for sure that everything is operating as it should, and that it’s secure.
4. You do not know the future (and neither does anyone else!)
Your WordPress website is secure today. However, there is no guarantee that someone won’t identify a zero-day exploit on your WordPress website. The same applies to your team, who manages your WooCommerce store. Someone someday will make a mistake that can impact your business’ revenue and reputation.
The list of issues that can happen on your WordPress websites which with logs you can address before they damage your website or business is endless. Here are just a few of the benefits to keeping activity logs.
Keeping your WordPress website and business running smoothly & secure
The WP Security Audit Log plugin is a prime tool for troubleshooting errors, holding users accountable, and monitoring your site’s security. However, it’s also important to understand that it’s most effective as a preventative measure.
If you’re considering uninstalling it because your site seems secure and is functioning properly, remember:
- Activity monitoring is a WordPress security staple.
- You can’t see activities that took place before you started keeping a log.
- Your site could be hacked or modified without you realizing it.
- You do not know the future!