WP Security Audit Log – A Complete Audit Log Plugin For WordPress

Keep on Guard!


WP Security Audit Log is a complete audit log plugin for WordPress, which helps you keep an audit log of everything that is happening on your WordPress and WordPress multisite installation. Ensure user productivity and identify WordPress security issues before they become a security problem. This is claimed to be the most comprehensive user monitoring and audit log plugin for WordPress and is already helping thousands of WordPress administrators, owners and security professionals ensure the security of their websites and blogs.

WP Security Audit Log - A Complete Audit Log Plugin For WordPress

Increase the security of your WordPress install with good security measures, supplement it by installing WP Security Audit Log and using tools like WPScan the WordPress Vulnerability Scanner.

Features

The plugin has a number of features that make WordPress and WordPress multisite monitoring and auditing easier, such as:

  • Realtime Audit Log viewer to watch user activity as it happens without any delays
  • Built-in support for reverse proxies and web application firewalls more information
  • Limit who can view the security alerts by users and roles
  • Limit who can manage the plugin by users and roles
  • Configurable WordPress dashboard widget highlighting the most recent critical activity
  • Configurable WordPress security alerts pruning rules
  • User role is reported in alerts for a complete overview of what is happening
  • User avatar is reported in the alerts for better recognizability
  • Enable or disable any security alerts

It also has a whole bunch of extensions/add-ons which are mostly paid which allow you to do things like store the log in an external database and generate compliance reports.

Logs Generated

The main purpose of using this, is that it keeps a log of everything happening on your WordPress blog or website and WordPress multisite install. This plugin makes it easier to track suspicious user activity before it becomes a problem or a security issue. A security alert is generated by the plugin when:

  • New user is created via registration or by another user
  • User changes the role, password or other profile settings of another user
  • User on a WordPress multisite network is added or removed from a site
  • User uploads or deletes a file, changes a password or email address
  • User installs, activates, deactivates, upgrades or uninstalls a plugin
  • User creates a new post, page, category or a custom post type
  • User modifies an existing post, page, category or a custom post type
  • User creates, modifies or deletes a custom field from a post, page or custom post type
  • User adds, moves, modifies or deletes a widget
  • User installs or activates a new WordPress theme
  • User changes WordPress settings such as permalinks or administrator notification email
  • WordPress is updated / upgraded
  • Failed login attempts

It also helps with troubleshooting and enables you to quickly pin-point what went down before a problem occured. Very helpful if you support a lot of WordPress customer sites.

You can download WP Security Audit Log latest stable version here:

wp-security-audit-log.latest-stable.zip

Or read more here.

Posted in: Countermeasures, Security Software

,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


Comments are closed.