Description
THE MOST COMPREHENSIVE & EASY TO USE WORDPRESS ACTIVITY LOG PLUGIN
Keep an activity log of everything that happens on your WordPress and WordPress multisite with the WP Security Audit Log plugin to:
- Ensure user productivity
- Ease troubleshooting
- Know exactly what all your users are doing
- Better manage & organize your WordPress site
- Easily spot suspicious behavior before there are security problems.
WP Security Audit Log is the most comprehensive real time user activity and monitoring log plugin. It helps thousands of WordPress administrators and security professionals keep an eye on what is happening on their websites. It is also the most highly rated WordPress activity log plugin and have been featured on popular sites such as GoDaddy, ManageWP, Pagely, Shout Me Loud and WPKube.
Note: All WordPress logging functionality is FREE. Features such as reports, email notifications & search are available in the Premium Edition.
Maintained & Supported by WP White Security
WP White Security builds high-quality niche WordPress security & admin plugins such as Password Policy Manager for WordPress, a plugin with which you can ensure all your users use strong passwords.
Browse our list of WordPress plugins that can help you better manage and improve the security of your WordPress websites and users.
WordPress Changes & Details the Plugin Keeps a Log Of
As a comprehensive & complete WordPress activity log solution WP Security Audit Log does not just tell you that a post, a user profile, or an object was updated. It keeps a log of what was changed within the post, profile or object.
Below is a summary of the changes that the plugin can keep a record of:
-
Post, Page and Custom Post Type changes such as status, content changes, title, URL, date and custom field changes
-
Tags and Categories changes such as creating, modifying or deleting them, and adding or removing them from posts
-
Widgets and Menus changes such as creating, modifying or deleting them
-
User changes such as user created or registered, deleted or added to a site on multisite network
-
User profile changes such as password, email, display name and role changes
-
User activity such as login, logout, failed logins and terminating other sessions
-
WordPress core and settings changes such as installed updates, permalinks, default role, URL and other site-wide changes
-
WordPress multisite network changes such as adding, deleting or archiving sites, adding or removing users from sites etc (activity logs for multisite networks).
-
Plugins and Themes changes such as installing, activating, deactivating, uninstalling and updating them
-
WordPress database changes such as when a plugin adds or removes a table
-
Changes on WooCommerce Stores & Products, Yoast SEO, Advanced Custom Fields (ACF), MainWP and other popular WordPress plugins.
-
WordPress site file changes such as new files are added, or existing ones are modified or deleted.
For every event that the plugin keeps a log of it also reports the:
- Date & time (and milliseconds) of when it happened,
- User & role of the user who did the change,
- Source IP address from where the change happened.
Refer to WordPress Activity Log Events for a complete list of all the changes the WP Security Audit Log can keep a record of.
Extend the Functionality of the WP Security Audit Log Plugin
Upgrade to WP Security Audit Log Premium to:
- See who is logged,
- See what everyone is doing in real time,
- Log off any user with just a click,
- Generate HTML and CSV reports,
- Export the activity log in CSV (ideal for integrations),
- Get notified via email of important changes,
- Get instant SMS message notifications of critical site changes,
- Search the activity log using text-based searches,
- Use built-in filters to fine tune the searches,
- Store activity log in an external database to improve security,
- Mirror the WordPress activity logs to Slack, Papertrail, Syslog and other central log management and collaboration solutions,
- Configure archiving and mirroring of logs.
See our premium features page for more detailed information.
Free and Premium Support
Support for the WP Security Audit Log plugin on the WordPress forums is free.
Premium world-class support is available via email to all WP Security Audit Log Premium customers.
Note: paid customers support is always given priority over free support. Paid customers support is provided via one-to-one email and over the phone. Upgrade to Premium to benefit from priority support.
Other Noteworthy Features
WP Security Audit Log plugin also has a number of features that make WordPress and WordPress multisite monitoring and auditing easier, such as:
- Built-in support for reverse proxies and web application firewalls
- Full WordPress multisite support
- Easily create your custom alerts to monitor additional functionality
- Developer tools including the logging of all HTTP GET and POST requests
- Integration with WhatIsMyIpAddress.com so you can get all information about an IP address with just a mouse click
- Limit who can view the WordPress activity log by either users or roles
- Limit who can manage the plugin by either users or roles
- Configurable WordPress dashboard widget highlighting the most recent critical activity
- Configurable WordPress security audit trail data retention
- User avatar is shown in the alerts for better recognizability
- Enable or disable any security alerts
- and much more…
Refer to the WordPress activity log plugin datasheet for a complete list of features.
As Featured On:
- GoDaddy
- Kinsta
- Pagely
- Shout Me Loud
- The Dev Couple
- WPKube
- WPLift
- WP SmackDown
- SourceWP
- Techwibe
- KevinMuldoon.com
- Cloudways
- Collective Ray
- MyWPExpert
- BlogVault
- Firewall.cx
- Design Wall
- Tidy Repo
- Monster Post
- The Darknet
- WebEmpresa
- KitPloit
- EHacking
WordPress Security Audit Log in your Language!
We need help translating the plugin and the WordPress Security Alerts. Please visit the WordPress Translate Project to translate the plugin and drop us an email on support@wpwhitesecurity.com to get mentioned in the list of translators below.
- Italian translation by Leonardo Musumeci
- Brazilian Portuguese by Hudson Santos
- German translation by Mourad Louha
- Brazilian Portuguese translation by Hudson Santos
- Spanish translation by the WP Body team
- French translations by Denis Moscato
Activity Log add-ons for third party plugins
- Activity Log for MainWP: This MainWP extension allows you to keep a log of MainWP network changes and to view the activity logs of all child sites from one central location – the MainWP dashboard.
- Activity Log add-on for WPForms: Install this add-on with the WP Security Audit Log to keep a log of changes in WPForms plugin, forms, form files, entries (leads) and more.
Related Links and Documentation
- What is a WordPress Activity Log?
- List of WordPress Activity Log events
- WordPress Multisite Features
- WP Security Audit Log and Reverse Proxy and WAFs Support
- WP Security Audit Log Database Documentation
- Official WP Security Audit Log Plugin Website
- Activity logs for MainWP
Install WP Security Audit Log from within WordPress
- Visit ‘Plugins > Add New’
- Search for ‘WP Security Audit Log’
- Install and activate the WP Security Audit Log plugin
- Allow or skip diagnostic tracking
Install WP Security Audit Log manually
- Upload the
wp-security-audit-logdirectory to the/wp-content/plugins/directory - Activate the WP Security Audit Log plugin from the ‘Plugins’ menu in WordPress
- Allow or skip diagnostic tracking
Screenshots

The WordPress activity logs from where the site administrator can see all the user and site changes. 
See who is logged in to your WordPress and manage users sessions with Users Sessions Management 
The plugin settings from where site administrator can configure generic plugin settings such as reverse proxy support, who can manage the plugin etc. 
The WordPress audit trail settings from where you can configure automatic pruning of alerts, which timestamp should be used, how many 404 requests should be logged and more. 
Configuring WordPress email and SMS alerts with the Email & SMS Notifications module 
Search in the WordPress security audit log with the use filters to fine tune the search results. 
The Enable/Disable events section from where Administrators can disable or enable activity log events. 
The Audit Log Viewer of a Super Admin in a WordPress multisite network installation with the Site selection drop down menu. 
WP Security Audit Log is integrated with the built-in revision system of WordPress, thus allowing you to see what content changes users make on your WordPress posts, pages and custom post types. For more information read Keep Record of All WordPress Content Changes 
Mirror the WordPress activity log to an external solution such as Syslog or Papertrail to centralize logging, ensure logs are always available and cannot be tampered with in the unfortunate case of a hack attack. 
FAQ
- Support and Documentation
-
Please refer to our Support & Documentation pages for all the technical information and support documentation on the WP Security Audit Log plugin.
Reviews
Contributors & Developers
“WP Security Audit Log” is open source software. The following people have contributed to this plugin.
Contributors“WP Security Audit Log” has been translated into 4 locales. Thank you to the translators for their contributions.
Translate “WP Security Audit Log” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
4.0.3 (2020-04-16)
Release notes: Update 4.0.3 – New bbPress add-on & improved WooCommerce activity logs
-
BREAKING CHANGE
- Individual add-ons (pre 2018) will not be supported anymore.
-
New features
- Two new activity log objects: WooCommerce coupon and Yoast SEO metabox.
- Plugin detector that detects plugins for which we have add-ons and prompts the user to install the add-ons.
-
New activity log event IDs
- 9105: The stock quantity of a product was changed due to an order.
- 9085: The WooCommerce setting “Selling location(s)” was changed.
- 9086: List of excluded countries to sell to in WooCommerce was changed.
- 9087: List of countries to sell to in WooCommerce was changed.
- 9088: The WooCommerce setting “Shipping location(s)” was changed.
- 9090: The WooCommerce setting “Default custom location” was changed.
- 9091: The “Cart page” in the WooCommerce settings was changed.
- 9092: The “Checkout page” in the WooCommerce settings was changed.
- 9093: The “My Account page” in the WooCommerce settings was changed.
- 9094: The “Terms & conditions page” in the WooCommerce settings was changed.
Refer to the activity logs for WooCommerce for more details on WooCommerce support.
-
Improvements
- Drastically improved the coverage of the WooCommerce activity log sensor.
- WooCommerce sensor now detects changes done from the new interface (WooCommerce Admin).
- Event 9029 (WooCommerce store base location change) now reports both the old and new address.
- Updated WooCommerce sensor to detect all the changes in the tax options (event IDs 9078 – 9081).
- Changed the event type from “Modified” to “Renamed” in the events where in which the object is renamed.
- “Plugins” is reported instead of a username when a change is done automatically by a plugin.
- Improved the activity logs external database connection test during connection setup.
- Removed obsolete code which was only used in previous versions from the defaults.php file.
- Improved event ID 2055 (deleted custom field) so it is not reported when a custom field is deleted autoamtically due to the post being deleted.
- Removed redundant filters wsal_event_type_text and wsal_event_object_text.
- Moved 10 plugin settings to the WordPress options table as part of the plugin improvement project.
- External database connector now reports actual MySQL error for improved troubleshooting.
- All the changes done to a bbPress forum or topic are reported, even when done at the same time.
-
Bug fixes
- Event ID 8808 not firing when Cornerstone article setting is enabled or disabled in a post.
- Event ID 9066 not firing when the expiry date of a WooCommerce coupon is changed.
- Plugin reporting event ID 2001 instead of 5019 when a plugin automatically creates posts.
- Fixed a minor compatibility issue in the Hide plugin functionality (support ticket).
- Event ID 9063 reported instead of event ID 9071 when reporting a WooCommerce coupon change.
- Events ID 1005 (multiple sessions detected) and 1007 (user terminated another user’s session) were only working when frontend sensor was enabled.
- Activity logs view buttons link to first site on network instead of network dashboard on multisite network.
- Error reported when the role property was undefined.
- Fixed a PHP 7.3 compatibility issue (support ticket).
Please refer to the complete plugin change log for more detailed information about what was new, improved and fixed in previous versions of the WP Security Audit Log plugin.

