WP Security Audit Log – A Complete Audit Log Plugin For WordPress


WP Security Audit Log is a complete audit log plugin for WordPress, which helps you keep an audit log of everything that is happening on your WordPress and WordPress multisite installation. Ensure user productivity and identify WordPress security issues before they become a security problem. This is claimed to be the most comprehensive user monitoring and audit log plugin for WordPress and is already helping thousands of WordPress administrators, owners and security professionals ensure the security of their websites and blogs.

WP Security Audit Log - A Complete Audit Log Plugin For WordPress

Increase the security of your WordPress install with good security measures, supplement it by installing WP Security Audit Log and using tools like WPScan the WordPress Vulnerability Scanner.

Features

The plugin has a number of features that make WordPress and WordPress multisite monitoring and auditing easier, such as:

  • Realtime Audit Log viewer to watch user activity as it happens without any delays
  • Built-in support for reverse proxies and web application firewalls more information
  • Limit who can view the security alerts by users and roles
  • Limit who can manage the plugin by users and roles
  • Configurable WordPress dashboard widget highlighting the most recent critical activity
  • Configurable WordPress security alerts pruning rules
  • User role is reported in alerts for a complete overview of what is happening
  • User avatar is reported in the alerts for better recognizability
  • Enable or disable any security alerts

It also has a whole bunch of extensions/add-ons which are mostly paid which allow you to do things like store the log in an external database and generate compliance reports.

Logs Generated

The main purpose of using this, is that it keeps a log of everything happening on your WordPress blog or website and WordPress multisite install. This plugin makes it easier to track suspicious user activity before it becomes a problem or a security issue. A security alert is generated by the plugin when:

  • New user is created via registration or by another user
  • User changes the role, password or other profile settings of another user
  • User on a WordPress multisite network is added or removed from a site
  • User uploads or deletes a file, changes a password or email address
  • User installs, activates, deactivates, upgrades or uninstalls a plugin
  • User creates a new post, page, category or a custom post type
  • User modifies an existing post, page, category or a custom post type
  • User creates, modifies or deletes a custom field from a post, page or custom post type
  • User adds, moves, modifies or deletes a widget
  • User installs or activates a new WordPress theme
  • User changes WordPress settings such as permalinks or administrator notification email
  • WordPress is updated / upgraded
  • Failed login attempts

It also helps with troubleshooting and enables you to quickly pin-point what went down before a problem occured. Very helpful if you support a lot of WordPress customer sites.

You can download WP Security Audit Log latest stable version here:

wp-security-audit-log.latest-stable.zip

Or read more here.

Posted in: Countermeasures, Security Software

,


Latest Posts:


tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.


Comments are closed.