Do you run a multi user WordPress blog?
Do you want to track user activity in WordPress to keep an audit trail of activities performed by users in creating pages, image upload, comment moderation, and more.
This is where WordPress Website Monitoring comes in to help you with user activity log. There could be serious consequences if you are unable to monitor user activity in WordPress.
Just imagine a scenario, where, a malicious user hacks into your website and perform dubious activities or changes on your important pages. He can harm your website to extent that it can loose organic traffic and google rankings. Hence, monitoring activity and monitoring logs for suspicious admin activity can help you Secure your WordPress site.
Is your site secure. Let’s Find Out
One of the fears we have, as administrators of a website, where more users have access, is that they do improper things that endanger the security of our site. That’s why it’s so important to register the activity of your WordPress site.
A common concern of any administrator of WordPress is to be able to control the changes made by clients or users with file and folder permissions to modify WordPress settings. This concern is easy to eliminate with Tracking User Activity WordPress Plugins given below. These plugins act as effective means for monitoring, track your users and recording their actions .
In this post, we’re going to show you how to track user activity in WordPress. This allows you to put a control and balance system in place for when things get ugly. The question is to find out what went wrong, who did it, and how to fix it.
WordPress user activity logs
By default WordPress does not have an audit trail or log. Though you can use the free plugins to keep a comprehensive WordPress audit trail, in which a record of every changes that takes place on your WordPress blogs and websites is kept.
Also known as an audit log, we can say that it is a kind of chronological listing where all the changes and activities that occur within your WordPress installation are added. These changes includes
- WordPress Core Update changes
- Posts change log
- Pages change log
- Custom Post Type Posts change log
- Tags change log
- Categories change log
- Taxonomies terms change log
- Comments change log
- Media change log
- Users change log
- Plugins change log
- Themes change log
- Widgets change log
- Menus change log
- Setting change log
- Export change log
For Additional security:
- Admin can be notified via email when selected user logged in.
- Admin can be notified via email when selected role’s any user logged in.
If you share WordPress administration with other users, you may have wondered many times if someone has started or closed your website. If someone has made a publication, or who has installed or deleted that plugin that was so useful to you.
Perhaps, on some other occasion, several editors have stepped on the text they were writing within an article.
There is also the possibility that you are in charge of the technical maintenance of a client’s website and “suddenly” has stopped working and “nobody touched anything”.
Thanks to the track user activity wordpress log you can locate the changes that have been made and see what caused a certain problem or error that prevents the correct functioning of WordPress.
Attacks or hacking attempts
All credit goes to the activity wordpress log, for example, we can also detect failed attempts to the back end or continuous requests to pages that do not exist and return a 404.
Knowing this in advance can avoid long-term problems, since you can set up warnings to reinforce security.
Can you imagine that suddenly you receive a notice that someone has created a new admin user on your website from some unsuspected location?
How does WordPress activity log work?
The plugin to track user activity wordpress runs in the background, which means you have nothing to do. Once the plugin is activated, the site is immediately supported by the monitoring tool.
By default, notifications are sent to the administrator’s email address. Using a very simple configuration page, you have the option of changing the email address of the recipient of notifications.
There are a multitude of monitoring services for WordPress, Uptime Monitoring by Pingdom or even Jetpack, each service has its advantages, but also its disadvantages. They all have one thing in common: the obligation to create an account (email/password) on their platform to enjoy monitoring.
Even Jetpack requires a connection to WordPress.com for the module to work. It’s a shame for “free” software!
With WordPress Website Monitoring, you benefit from a free monitoring service without creating an account and without a password. In addition, the only data stored via the plugin are:
- The URL of the site to watch
- The notification email address
You will not be a victim of spam since the only emails you will receive will only concern the monitoring of your WordPress site.
It also allows you to get better editorial control of your website. You can see which items are current and which items/items are waiting to be reviewed. Which users accessed the website and what tasks they did when they visited.
Why track user activity in WordPress?
Of course, you trust users, which is why you gave them access to certain things on your website. However, people make mistakes all the time. If you knew who made a mistake and what it did wrong, you can quickly fix it and teach the user how to avoid this error in the future.
Here are a few reasons tracking WordPress activity can help your site:
- Improved security.
- Informed support.
- Content integrity.
- Better debugging.
For example, if a moderator approves a comment that does not match your comment guidelines, you can quickly correct the error, notify it, and save time.
Many WordPress website administrators do not activate user log to simplify tasks, or perhaps because they do not have an adequate infrastructure to allow the management of a large number of users.
The development of a multi-user website has benefits but also comes with its own problems and drawbacks, for example, the registration of spam users, the management of the editorial workflow, etc. One of the solutions sought by most administrators of a WordPress site of several authors is the ability to easily control activity on their websites.
In addition to knowing what users are doing on your website, registering user log in WordPress can help defend against unauthorized access attempts by signaling logins, unsuccessful logins, password reset and other specific actions of a user account.
Think of registering user as installing a security camera in your office. It is likely that at first, you do not see any use but the day comes when one of your donuts disappears, surely with the camera you will find out who it was. You’ll be glad to have that thing watching when things start to get ugly.
What are the things we should monitor in WordPress Activity Logs?
Remember, we are not saving analysis of the visited pages, this is better to leave it in real analysis solutions like Google Analytics. What we want to do is to track the changes of the users that alter our website.
So what we need to monitor are the following 7 types of WP user activities:
We need a history or log of all content changes made by the user. When a user creates an entry, modifies something on a page, deletes a comment, etc.
It is another area to monitor which are the changes made in the content and status of blog posts, content, comments and other publications. This is to inform the administrator that the user may have forgotten a detail or need to make a correction.
If you still provide edit access to published posts, monitoring this may actually show unusual activity, so you can make sure no one comes back and change it at a later date without your knowledge.
User profile tweaks
Did you know that 83% of WordPress sites are vulnerable to hacker attacks?
We have already discussed users in the broad sense – the information related to new and deleted users that you must know and it is very essential part of WordPress security.
However, staying abreast of changes to existing user profiles is vital. This can be done by creating user profile forms, creating custom user pages or having a list of users on your frontend using a plugin. You can go through the series of articles here by Meta Box.
We also need a record of all the actions that are carried out to organize a website such as creating labels, creating categories, assigning categories to an entry, editing taxonomies, etc.
The same as for any type of change between the parent relationship/child between hierarchical content types, such as pages.
Actions such as integrity checks are important for auditing a WordPress installation because these can provide an early warning and alarm you about potential website compromise.
In Integrity checks, you can identify things such as:
- Changes made in the DNS.
- Disabling the WAF as a part of security.
- Changes in downtime occurrence availability.
- Email notifications about WordPress settings updates.
- If any site is added or deleted.
- If there are users added or removed from WordPress.
There are also other settings that can destroy the site, in case of abuse, such as changes in the permalinks of your site, enable or disable comments, etc.
Failed login attempts
Everyone needs to login before they can access your WordPress admin pages – even you.
In fact, your login screen is a crucial first line of defense for protecting your dashboard or “customer-only” pages. Although there are different ways to force access to your site, most attackers focus on attempting to access through the login screen.
We would be interested to know when plugins are installed, activated or deactivated when a user uses the backend to make changes in plugins files.
In addition, the sites with WordPress are passed in a series of basic settings, such as “Reading”, “Permanent Links” and “Privacy” to name a few. The log of any of these changes would be a blessing.
We would like to know any activity that might suggest that someone is trying to gain unauthorized access to your site.
Knowing when user accounts are correctly registered, when profiles are updated, and when password change requests occur can help us discover suspicious activities and find Invisible/Hidden Admin User In WordPress
Besides your WordPress sites, it is also advisable to keep track of what is happening on your WordPress hosting account. This is of course what feeds everything behind the scenes.
Best Plugins To Track User Activity in WordPress
After knowing how important it is to monitor the changes made by users on our website and what are these changes that we can monitor. Now we will see what are the plugins that can help us in this task.
We have chosen 6 plugins that we will describe and analyze:
- Activity Log
- WP Security Audit Log
- Simple history
- Activity Log For MainWP
- WordPress File Monitor
By default, WordPress does not bring an activity record, so to obtain it, we will have to resort to the installation of a free plugin of WordPress repository:
ACTIVITY LOG AND USER ACTIVITY LOG
Like the other plugins mentioned, the activities carried out by users are monitored. In this case, the Activity Log or User Log plugin records the most general types of activity. It is a simple, fast and easy to configure solution.
We have joined these two plugins because their functionalities are practically the same and do not differ in practically nothing. Either plugin is perfectly valid to record activity of users.
The Log records the following activities:
- WordPress Core Updates
- Post types
- Media Uploaded
- Users profile update
- Registered users
- Plugins Installed
- Topics Installed
- Permanent links
- WooCommerce store options
- bbPress Forums
- Provides the option to make email notification when a user connects.
Activity Log is by far the most complete and easy-to-use plugin for WordPress activity. That’s why it’s used by more than 70,000 WordPress administrators, and among other features, it offers:
- Changes in entries, pages or custom post types: As for example, the status, content, title, URL, date and changes in custom fields.
- Changes in labels and categories. For example, the creation or deletion, and those that have been added or removed from any entry.
- Creation, modification or deletion of widgets and menus.
- Changes in users: created or registered, deleted or added to an individual site or a multisite.
- Changes in user profiles: password, mail, name to show and role changes.
- User activity: accesses, disconnections, failed access attempts and end of other sessions.
- Changes in settings and WordPress core: installed updates, permalinks, default profile, URLs and other global changes of the site.
- Changes in WordPress Multisites, such as adding or archiving sites, adding or removing site users, etc.
- Changes in plugins and themes. Activation, deactivation, uninstallation and updates.
- Changes in the WordPress database: for example, when a plugin adds or removes a table.
- Changes in WooCommerce Stores and Products, Yoast SEO, Advanced Custom Fields (ACF), MainWP and other plugins of the most used in WordPress.
In each of these events, the plugin records the following data:
- Date and time (and milliseconds) of when it happened.
- User and profile of the user who made the change.
- Source IP addresses where the change occurred.
This free Tracking wordpress plugin is one of the best options for anyone who wants to keep an easy-to-read record and contains all modifications that occur on your WordPress site. Once installed, start recording all the activity of all registered users:
- Login and logout
- Failed logins
- File Upload
- Registration, cancellation or modification of pages and entries
- User registration, cancellation or modification
- Changes in widgets
- Changes in plugins
- Site Configuration Changes
- System activities (Cron, transients, etc)
All the data that can be followed is easy to filter so that we see what really interests us. Logs are easy to read and filters help a lot to see specific data.
The only thing that the plugin does not register are configuration changes in themes, so you should keep this in mind if you want to use it.
The configuration of WP Security Audit Log
WP Security Audit Log ”will be responsible for keeping a complete record of all changes and tasks performed by users registered on your website with WordPress. The WordPress User Activity monitoring plugin is also useful for identifying any abnormal details before it becomes a security issue.
Once the settings of your choice have been activated, the second step is to click on the activity log, to do this go to the “Audit Log” side menu “Audit Log Viewer” option:
The “Audit Log Viewer” page will show the activities of all users as a table. The information is sorted in 4 columns, so we have the activity code, its type, the date it was executed, the name of the user involved in the activity, IP of Origin, and message or description:
“WP Security Audit Log” also offers support for extensions that add advanced features: notifications, search, and reporting. These extensions are available through three types of license: for 1, 5, or a maximum of 20 websites.
The configuration is super easy, because when we activate it, an assistant (in Spanish) will automatically appear on the screen, guiding us through the different steps.
When starting the installer, we can choose between two types of registration (although later you can change from one to another without problem):
Related Post – WordPress Security Checklist Guide
Basic registration: in which the details of the events will not appear
Geek: in which shows all kinds of details of the records.
On the other hand, you will have to decide how long you want to store the data (6 months, 12 months or indefinitely).
Keep in mind that the data is stored as a table in the WordPress database, so it will consume space on your hard drive. The premium version of this plugin, among other things, will allow you to store it in an external database.
You can also decide if you want to give access to the log record to a specific user or role, besides the administrators (who already have it by default). In this case, it will be enough to select it.
In the same way, in the following screen, you can decide if you want to exclude a specific user so that your data is not stored.
In a few minutes, you will have the plugin installed and configured. Now it’s ready to use.
Once the plugin is configured, a new option will appear in the administration side menu called in the same way as the plugin and there you will see the complete list, activate or deactivate events and make some adjustments.
The rest of the functions will only be available in the Premium version of the plugin.
In the list, you will see the date, the user (with their roles) the IP from which you have connected and the activity you have done within WordPress.
To the right of each event, there is a small icon in which you can click to expand information, such as the browser from which you have connected, the computer, and the operating system that you have on your device, for example.
Activate or deactivate events
From this option of the administration side menu, you can activate or deactivate the events you want or do not want to register, as well as the users from whom you store your activity.
Also from here, you can choose again between default registration profiles (such as basic, geek) or a custom one.
As the name implies, this plugin records the site changes at its highest level. Good functionality is that it allows you to use a Desktop widget to have a first view of the changes which users have made on the site. The SIMPLE HISTORY also has its own page if we want to see a more detailed report.
Some of the activities and events that Simple History can record include:
- Changes in pages and entries
- Changes in attachments
- Comment Handling
- Changes in Widgets
- Changes in Plugins
- Changes in Users
- Session starts
- Support to monitor bbPress and Gravity Form
Simple History includes an Extender System that allows developers to add configurations and options that can be monitored. It also provides an RSS feed where all detected changes are published. This allows you to see any changes to the site from your feed reader or via subscription.
Default Simple History brings a predefined set of actions. This includes logging in, logging out, incorrect password, post/page editing, upload media, plugins, widgets, user profile changes, etc.
For a complete list consult the plugin page. It also includes support for bbPress forums that allows you to see the activities of forums and topics on your website.
Simple History also allows you to add your own custom events. If you have experience in development and want to add your custom events, then you’re in luck. Look at the details on their page.
This is a very good plugin to monitor user activity in wordpress site. Any administrator or webmaster can track changes in WordPress on any of these elements by default:
- Custom input types
- Custom Taxonomies
- Custom headers
- Custom backgrounds
- Multimedia library
- Theme Editor
- WordPress updates
But it also records changes in the following plugins:
- Advanced Custom Fields
- Easy Digital Downloads
- Gravity forms
- WordPress SEO by Yoast
All this thanks to the following characteristics:
- Desktop widget of recent user activity
- Limitation of who can view user activity logs based on profiles
- It grew from exclusion rules to ignore certain types of activity
- Live update of user activity logs
- Private RSS and JSON feeds of user activity logs, to view in your favorite reader
- IPv6 address support
- Really simple, visual user interface
Stream is completely free unless you want to keep a complete history of the changes. The free version stores the activity logs for 30 days, and in everything, as listed above. The only difference from the premium (paid) version is that it stores all the history, adds a warning and the possibility of generating activity reports to export them or whatever you want.
A WordPress activity log plugin to keep a log of what happened on the MainWP dashboard and also on child sites without having to login to the child sites. The good thing is that it can show the history of changes in the frontend and backend. You can also track and deny blacklist access to unwanted access attempts.
Activity monitored by WP-Activity:
- New user
- New comment
- Comment edit
- Comment removal
- Profile update
- New post published
- Post published edition
- Post deleted (really deleted, not trash)
- New link
- Login failure (shown only in the administration panel)
- Access denied by IP blacklists (only appears in the administration panel)
- Monitor unwanted connection attempts on your blog.
- Monitor the activity of registered users in a multi-user blog.
- Improve your blog, showing all users what other members have done.
If activated, the user who does not want to be listed in the blog activity can hide their own activity by checking a privacy option on the profile page. In that case, this user activity is not stored in the database. When a login failure occurs, the IP address is also registered.
In addition, user activity can be followed by RSS and can be exported in the csv file (semicolon separation).
To avoid spammers or hackers trying to steal accounts, you can use the blacklist with their IP addresses.
Finally, the simplest plugin with fewer options when making a correct user activity log. Monitor your website for added, modified and deleted files! It helps you in track all changes in website directories and get email alerts.
Track all changes made to the structure of WordPress in content, network, plugins and options.
Our recommendation is that any of the other plugins mentioned above can perform a better history of activities.
Bluetrait Event Viewer (BTEV) tracks passwords, user logins, and other events. You can publish these events via a password-protected RSS feed.
As you can imagine, having access to WordPress track visitor activity becomes so easy with the help of these plugins. Well, it is always a good idea to keep track of everything that happens in our installation.
The smallest changes made to a WordPress website can have dramatic results.
This log should track all of the most important (and potentially problematic) changes, such as:
- Changes to content.
- New and removed users.
- Failed login attempts.
- Changes to themes or plugins.
- WordPress core and settings changes.
- User profile tweaks.
- Changes to websites and users on multisite setups.
This information will be much helpful to you in case of hack attempts on your site, it can be any of these types of hacks such as Japanese seo keywords spam, Brute Force Attacks, .htaccess wordpress hacked, IndoXploit Hack , Malicious Code Injection, Pharma Hack WordPress caused due to some common WordPress security vulnerabilities present.
All these details associated to track user activity log in wordpress will come handy when you remove malware from your wordpress site.
Do you have any questions about how to monitor user activity in WordPress via dashboard easily?
We recommend you take a look, discover all the possibilities you will get. Ask away in the comments section below!