The larger your WordPress website grows, the more important it is for you to find a way of monitoring all site activity and changes. When you have a multi-user site or blog, and share WordPress administration tasks with other users or editors, or use a multisite network, this need only multiplies. The more people that use or access your site, the more necessary it is for you to track what’s going on in it. The best way to accomplish this is by using an activity log.

In this blog post, we describe what an activity log is, how it works and the details it records. We also explain the benefits of using an activity log for your WordPress website, particularly when it comes to site and user security and management. Finally, we provide some advice on how to select an activity log plugin that meets your needs.

What is an activity log?

In the field of information security, an activity log is a chronological, sequenced record of all actions performed by website users. It provides a recorded audit trail that you can then search and analyze for out-of-scope, damaging or positive-impact activities. An activity log is sometimes also called an audit log or a security log.

With WordPress websites, there is all the overt user activity – page creation, updates, image uploads, comments and deletions. Then, there are all kinds of administrator functions, such as logins and login attempts, plugin installation, file modifications, theme changes and the rest. E-commerce solutions have their own specific activities, such as order processing and product meta data changes, and stock quantity changes.

WordPress does not keep a log or audit trail of user activity by default. However, a record of all these activities can be kept in an activity log by means of an activity log plugin.

What details can you find in an activity log?

Typically, in a WordPress activity log you will find a record of the user changes and actions on your WordPress site. These recorded changes include content changes, changes to categories, comments, menus, tags, and media. You can also find information about the WordPress core and settings changes, themes and plugin changes (including install, activation, update, deactivation and uninstall, activations and deactivations) and more.

Some activity log plugins also keep a log of changes in third party plugins. For example, if you use WooCommerce for your e-commerce store some activity log plugins keep a log of changes users make to products, the store itself, orders, coupons and much more. The same applies to changes in plugins such as Yoast SEO, MainWP and Gravity Forms.

Most activity log plugins also keep a record of the user and its role, the date and time of when the change happened, and the IP address from where the user is accessing the WordPress dashboard. It is important to note that the level of detail in the activity log and the coverage varies from plugin to plugin.

What are the benefits of having an activity log on your WordPress website?

There are many benefits to keeping an activity log on your WordPress website. The below list highlights some of the benefits;

• An activity log helps clarify unexpected or unexplained events on the website. For instance, a blog post might be prematurely published, a page section might disappear, and users might suddenly register to and delete from your site.
• An activity log helps administrators track user access, so administrators can see a record of changes made to files, and monitor which users tried to go where on your website.
• An activity log is an excellent tool to help managers and leaders hold their staff and teams to account – as well as themselves! From the information collected in an activity log, team leaders can keep track of who is doing what, when they start doing it, and for how long.
• Troubleshooting a technical issue without an activity log is like looking for a needle in a haystack. An activity log is invaluable in any situation where errors occur and a troubleshooting process is initiated. The records can be used to help track technical errors and the cause of website problems, so you can perform technical maintenance checks that aren’t based on guesswork. This simplifies and streamlines the entire troubleshooting process, saving time and resources.
• By having an activity log on your website you also ensure that your website complies with legal and industry regulations. Many regulatory compliance bodies require businesses by law to keep a log of all the changes that happen on their websites. This includes GDPR, PCI DSS, CCPA, ISO 27001, HIPAA and others.
• An activity log supplies the data needed to generate reports. These reports can be used by management to evaluate how the overall business is progressing towards hitting its targets. Or, the data can help generate reports for customers, clients and other audiences as required.
• An activity log also helps in boosting customer confidence and trust in your site. If you are engaged in e-commerce or similar activities, your site will contain highly sensitive financial and commercial information. An activity log is an essential part of your overall security and compliance to provide a highly shielded environment for the information and transactions involved. And not just your commercial data, but all of your site’s information, assuring your audience and users that they can trust what you have to offer.
• Last but not least, an activity log allows you to gain real time editorial control of your site. For example, you can see which items are current, and which are waiting to be reviewed. With some activity log plugins you can also mirror the logs to third-party platforms – such as Slack or AWS CloudWatch – to assist easy real-time monitoring.

How does an activity log help with WordPress security?

As well as the general website and user management benefits listed above, an activity log also provides specific help with the security of your WordPress websites. For example;

• An activity log helps you monitor suspicious online behaviour and service abuse on your site. For example, in the logs you can see suspicious login activities – unauthorized access attempts, a large volume of failed login attempts from the same IP address or user logins from unusual places and times. You can also see simultaneous sessions from a single user and from different locations etc.
• In the unfortunate case of a successful hack attack, the activity log can help you to catch the attackers as they are working. Because an activity log is populated in real time, it enables you to identify suspicious or malicious users that are currently logged in and causing problems. This gives you the opportunity to take the necessary actions to remediate from the attack.
• As well as reacting to the current activities of malicious attackers, it is important to understand that with an activity log you can preempt malicious behaviour and prevent the attacks from happening in the first place. In the activity log you can see a record of previous attempts and strategies. From this information, you can harden the security of your WordPress website, and so thwart future attacks before they happen.
• An activity log provides useful data in post-hack forensic analysis. In the log you can find details about the security breach, and trace back the attackers’ actions so the security hole can be fixed and avoid being hacked again.

What sort of activity log plugin should you use?

Generally speaking, the more information your activity log plugin can track, the more useful you will find its logs. Some activity log plugins only record events but not the details involved in those events. This greatly limits the usefulness of the log for troubleshooting technical and security issues.

It is also better to find an activity log plugin that is easy to use, that doesn’t require pre-configuration, and that starts to work automatically upon installation.

There are at least six key criteria for evaluating WordPress activity log plugins:

1. Activity coverage – the scope of those activities the plugin can keep a log of.
2. Level of detail in the activity logs – the specifics it keeps a log of within those activities.
3. Coverage of changes in third party plugins – a log of the changes made on the other WordPress plugins.
4. Interoperability with a large-scale system – the ability for the plugin to be incorporated into a larger system, maybe to send logs to a central logs management system.
5. Plugin configuration options – how configurable the plugin is. Can it be configured to meet your specific requirements?
6. Additional features – apart from the actual log, you need other features in the plugin to get the best out of the activity log, such as notifications, reports and other features.

Keep your finger on the pulse of your WordPress website

With the rise of remote working and distributed teams, activity logs are more important than ever. An activity log aids in monitoring of user activity and improving user accountability and communication, eases troubleshooting, helps you improve the security of your WordPress website and more.

Questions on activity logs? Feel free to ask in the comments below…

 

About the Article Contributor:

Robert Abela is the founder and CEO of Melapress, the developers of WP Activity Log and a number of other WordPress security and site management plugins. When not at the office, Robert likes to spend time outdoors with his family and on his bike.