Home
WordPress Activity Log: WP Security Audit Plugin

WordPress Activity Log: WP Security Audit Plugin

No Comments Entrepreneurialism

Hosting Mautic QuickStart -50% with support in Spanish
24 hours and free training

Send up to 1,000,000 emails/year. Mautic Support in Spanish 24 hours, 365 days

The issue of security on a WordPress website is something that is talked about a lot, but little is done.

That is to say, when you finish creating your website, and launch it into the online world, you make sure that everything works perfectly, but you never think that your website may be exposed to “pirate” attacks.

And it is that the security issue for your WordPress website is the order of the day, and you should never assume that your website “will not happen to it”.

And you may be wondering: Why am I so sure? Because when we think of web security, or “pirate” attacks, we always imagine the typical hacker, in the dark, in his room, and with a hood, with a bad face, trying to hack your website. But that only happens in the movies, I’m afraid.

The security of which I speak, starts from within. And we are going to see that in this article: how to control or monitor everything that happens on your website, so that you know where a problem arises from, and you can nip it at the root.

And I take this opportunity to remind you that, if you are from , there is a very good security service (which is the first step to have a more secure web), called . (and beware, I have not been asked to mention it here, I do it because it really works).

Now let’s move on to the main topic of the article, which, although simple and concrete, is very important.

With the plugin that I bring you below (in its free version, although it has a version premium) You will be able to know at all times who has done what on your website, and have a global idea of ​​each of the movements that occur within your website.

Why use WP Security Audit Log (free version)

The plugin we are reviewing in this article has a free version and a premium.

While we’ll go over paid features later, I’ve considered that with the free versionIn this case, you will have more than enough to carry out some security control on your website.

The company behind this plugin is called WP White Security, and the plugin itself has more than 100,000 active installationswhich is why so many people can’t be wrong about how good it is.

Also, if you are one of those who likes everything in your native language on your website, the plugin is completely in Spanish, so you will have no problem understanding each of its features.

And since it is a good plugin analysis, let’s go step by stepscreen by screen, explaining all the possibilities it offers.

And finally, I will show you everything that has been discussed, with the occasional example, in a video tutorial at the end of this article.

Let’s go mess!

See also  Ads google adsense wordpress newspaper X theme

Learning to use the plugin in 6 steps

We start with the analysis of this fantastic security plugin for your website.

I wanted to do it in several steps, to make it easier to “digest”, since these security configuration themes are usually not as attractive as other plugins for other functions in WordPress.

What I can assure you is that, the plugin is fun in the part of “Big Brother” that it has, that is, in the part of seeing what everyone is doing, without you being seen, and acting as an “almighty being of light” within your website.

Step 1: Install the plugin

Nothing new to tell you in this step, because the installation is like any other within WordPress (although this step must always be mentioned).

Find the plugin in the repository, install it, and activate it. That easy.

Of course, you can directly do it from within your website, in the plugins section, or from the official repository outside the web, download it, and “upload” it to your website from WP-Admin or from FTP. Either one is valid.

If in the future you decide to purchase the version premiumthe license can be activated directly from the plugin options (as we will see later).

Step 2: Run the wizard

When you activate the plugin in Step 1, a wizard will appear to edit the main plugin settings.

Everything you configure during this wizard, you can edit again in the general plugin preferencesso don’t worry about “getting it wrong”.

During the wizard, what you are going to configure is:

  • The log detail level (if you want it at a basic level or advanced level, which they call “Geek”).
  • If you access your website by wp-admin or other combination (to make access to the administrator panel of your website more secure).
  • How do you want to deal with them? 404 records (those that “the page does not exist”).
  • If you want possibility of register on the web or not (There are many people who forget to uncheck this if they really do not need to register on your website).
  • The holding time registration (6 months, 12 months or always).
  • Who can access the registry of activity (among all your users).
  • Exclude certain users of your log (for example, if you do not want to appear).

I know it seems “too much” all these configurations, and more without seeing them directly. So in the video later, I explain them to you in more detail (you will see that it is very simple).

Step 3: Audit Log Viewer

This is the plugin options page What else are you going to visit? because it is the one that collects the log (or audit log).

It is a list of “events”, and for each of them, you can see different information, divided into columns:

  • Event ID: to know the type of event it is (you will already know them as they repeat themselves).
  • Gravity: a kind of traffic light to know the urgency of attention that said event has (for example if it is red, it is the first thing you have to look at).
  • Date: when the event occurred.
  • User: who produced the event
  • source IP: from where it has occurred (useful to be able to block certain users).
  • Message: More details about the event.
See also  Why -

each of the columns you can order them “from less to more” and vice versa, so you can group all the events that have occurred. For example, all urgent events that require your attention, or all events per user, etc.

Step 4: Check which elements will appear in the LOG

In this part of the configuration, you can activate or deactivate different events so that they appear or not, in your log of security.

We see it in detail in the video tutorial, since there are hundreds of them, but here I mention the most important groups:

  • User profiles and activity (all user activity within your website).
  • Content and comments (all the activity related to the “Custom Post Types” of your website and the comments).
  • WordPress installation (The most technical part of the log, which contains any movement with the database, the plugins, themes you use, WordPress settings, widgets, the system in general and the menu).
  • Multisite Network (This part focuses on the activity of the installations of ).
  • Third party plugins (More options will appear here, as you install third-party plugins. For example, WooCommerce, BBPress, Yoast SEO, etc).
  • event cover (Registration of other events not so related to the previous ones, but for certain advanced users, the information generated by each of the available options will be useful).

Remember that all these activations or deactivations of the events that are going to be registered in the security log of your website, can be seen “basic” or advanced way or “geek” (the name they have decided to use).

I know that this part is a bit more difficult to digest, since you are facing all the types of events available on your website, but I recommend that you go one by one, understanding them, and deciding if you are interested in activating them or not (in this way way you will get a perfect balance between what your website needs, and what you need to know).

Step 5: Review Settings

In the next section of the menu (after skipping all the options premium that we see later above), you will be able to find the plugin settings itself.

As we have already mentioned, luckily, this plugin takes great care of its users, and all the options also come in perfect Spanish, and they are also quite intuitive.

It is here where you can re-edit the options you chose during the wizard in step 2.

And as with the events that are activated or deactivated in the previous step, there are many options here, and we will not cover them all (so as not to make this article infinite), but I will tell you about the most important groups of options. , and in the video, I review the vast majority.

See also  Icons Social Networks In the Footer / Footer

The plugin options are divided into:

  • Options “generals
  • Options of “Activity Register
  • Options for the “File integrity scan
  • Options for “exclude items
  • Options of “Import and export
  • advanced settings

Some options may seem very advanced, but really, if you read the descriptions that accompany each of the options, you will immediately know what they are for. (As I said before, this plugin really cares about quality and UX for all its users).

Step 6: Review the help

And as a good plugin that it is, a Help and Support section could not be missing in the plugin.

For such help, the plugin offers a free support forumas well as a free support email.

And in addition to all this, they accompany it with a extensive documentation of the plugin.

Of course, there is bad news here, and it is that everything is in english. But if you don’t speak English, perhaps, with all the screenshots that accompany each page of the documentation, it may still guide you until you find a solution to your doubts.

If not, you will have to pull the dictionary.

Also add that, in the second tab of this section, you will find information about your systemwhich will be very useful to the support you contact, in case they need it.

Odds premium

Although it does not enter “by itself” in the objective of this article, it is worth mentioning very “above” the extra possibilities offered by the paid version of the plugin.

At any time you can “upgrade” by clicking on the super colorful link (they have already taken care of it by putting it on Green phosphorite) on the menu.

With the paid version, apart from everything we have seen in this article, you can also:

  • To receive SMS alerts and email what events you say.
  • See what users are connected to your website at that time.
  • Automate reports security of your site.
  • To integrate the plugin with other third-party services (for example, to notify you of certain events by Slack).
  • search events concrete throughout the log (perhaps this is the most interesting of all).

I think that if you really find this plugin useful, and you love it deeply and it forms part of your website in your day-to-day life, that you pay for the version premiumbecause the plugin deserves it.

If you use it as a complement to your website, it is enough to use the free version, but yes, it is recommended…

Related posts:

  1. How to integrate PayPal Express in WooCommerce
  2. Image attributes in WordPress and SEO –
  3. SHEET STYLE LOOKS TOUGH AND MESSY
  4. too many connections filezilla

Related Posts

Loading Facebook Comments ...
Loading Disqus Comments ...