=== WP Security Audit Log ===
Contributors: WPWhiteSecurity, robert681
Plugin URI: http://www.wpsecurityauditlog.com
License: GPLv3
License URI: http://www.gnu.org/licenses/gpl.html
Tags: wordpress security plugin, wordpress security audit log, audit log, activity logs, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, wordpress security monitor, wordpress admin, wordpress admin monitoring, user activity, admin, multisite, dashboard, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
Requires at least: 3.6
Tested up to: 4.9.7
Stable tag: 3.2.4
Requires PHP: 5.4.43

An easy to use & comprehensive WordPress activity log plugin to log all changes on WordPress sites & multisite networks.

== Description ==

<strong>THE MOST COMPREHENSIVE & EASY TO USE WORDPRESS ACTIVITY LOG PLUGIN</strong><br />

Keep an activity log of everything that happens on your WordPress and [WordPress multisite](http://www.wpsecurityauditlog.com/documentation/wordpress-multisite-plugin-features-support/) with the WP Security Audit Log plugin to:

* Ensure user productivity
* Ease troubleshooting
* Better manage and organize your WordPress site
* Easily spot suspicious behavior before it becomes a security problem.

[WP Security Audit Log](http://www.wpsecurityauditlog.com) is WordPress' most comprehensive real time user activity and monitoring log plugin. It helps thousands of WordPress administrators and security professionals keep an eye on what is happening on their websites. It is also the most highly rated WordPress activity log plugin and have been featured on popular WordPress blogs such as GoDaddy, ManageWP, Pagely, Shout Me Loud and WPKube.

Refer to the [WordPress activity log plugin datasheet](https://www.wpsecurityauditlog.com/plugin-datasheet/) for a detailed list of all the features and settings.

> <strong>Note</strong>: All logging functionality is and will always remain FREE. Additional features such as reports, instant email alerts and search are available in the <Strong>[Premium Edition](https://www.wpsecurityauditlog.com/premium-features/)</strong>.
>

[youtube https://www.youtube.com/watch?v=1nopATCS-CQ]

#### WordPress Changes & Details the Plugin Keeps a Log Of
If you are looking for a comprehensive & complete WordPress activity log solution you are in the right place. The WP Security Audit Log plugin does not just tell you that a post, a user profile or an object was updated. It reports what was changed within the post, profile or object in real time.

Below is a summary of the changes that the plugin can keep a record of:

* **Post, Page and Custom Post Type changes** such as status, content, title, URL, date and custom field changes

* **Tags and Categories changes** such as creating, modifying or deleting them, and adding or removing them from posts

* **Widgets and Menus changes** such as creating, modifying or deleting them

* **User changes** such as user created or registered, deleted or added to a site on multisite network

* **User profile changes** such as password, email, display name and role changes

* **User activity** such as login, logout, failed logins and terminating other sessions

* **WordPress core and settings changes** such as installed updates, permalinks, default role, URL and other site-wide changes

* **WordPress multisite network changes** such as adding, deleting or archiving sites, adding or removing users from sites etc

* **Plugins and Themes changes** such as installing, activating, deactivating, uninstalling and updating them

* **WordPress database changes** such as when a plugin adds or removes a table

* Changes on **WooCommerce Stores and Products**, **Yoast SEO**, **Advanced Custom Fields (ACF)**, **MainWP** and other popular WordPress plugins.

* **[WordPress site file changes](https://www.wpsecurityauditlog.com/support-documentation/wordpress-files-changes-warning-activity-logs/)** such as new files are added, or existing ones are modified or deleted.

For every change the plugin keeps record of it also reports the:

* Date & time (and milliseconds) of when it happened,
* User & role of the user who did the change,
* Source IP address from where the change happened.

Refer to [WordPress Activity Log Events](https://www.wpsecurityauditlog.com/support-documentation/list-wordpress-audit-trail-alerts/) for a complete list of all the changes the WP Security Audit Log can keep a record of.

### Extend the Functionality of the WP Security Audit Log Plugin
<strong>[Upgrade to WP Security Audit Log Premium](https://www.wpsecurityauditlog.com/premium-features/)</strong> to:

* See who is logged,
* See what everyone is doing in real time,
* Log off any user with just a click,
* Generate HTML and CSV reports,
* Export the activity log in CSV (ideal for integrations),
* Get instantly notified via email of important changes,
* Search the activity log using text-based searches,
* Use built-in filters to fine tune the searches,
* Store activity log in an external database to improve security,
* Integrate & centralize the WordPress activity log in syslog, Papertrail and other third party log management solutions,
* Configure archiving and mirroring of logs.

See our [premium features page](https://www.wpsecurityauditlog.com/premium-features/) for more detailed information.

### Free and Premium Support

Support for the WP Security Audit Log plugin on the WordPress forums is free.

Premium world-class support is available via email to all [WP Security Audit Log Premium](https://www.wpsecurityauditlog.com/premium-features/) customers.

> <strong>Note</strong>: paid customers support is always given priority  over free support. Paid customers support is provided via one-to-one email and over the phone. [Upgrade to Premium](https://www.wpsecurityauditlog.com/premium-features/) to benefit from priority support.
>

#### Other Noteworthy Features
WP Security Audit Log plugin also has a number of features that make WordPress and WordPress multisite monitoring and auditing easier, such as:

* Built-in [support for reverse proxies and web application firewalls](http://www.wpsecurityauditlog.com/documentation/automatically-retrieve-originating-wordpress-user-ip-address/)
* Full [WordPress multisite support](http://www.wpsecurityauditlog.com/documentation/wordpress-multisite-plugin-features-support/)
* Easily [create your custom alerts](https://www.wpsecurityauditlog.com/support-documentation/create-custom-alerts-wordpress-audit-trail/) to monitor additional functionality
* Developer tools including the logging of all HTTP GET and POST requests
* Integration with WhatIsMyIpAddress.com so you can get all information about an IP address with just a mouse click
* Limit who can view the WordPress activity log by either users or roles
* Limit who can manage the plugin by either users or roles
* Configurable WordPress dashboard widget highlighting the most recent critical activity
* Configurable WordPress security audit trail data retention
* User avatar is shown in the alerts for better recognizability
* Enable or disable any security alerts
* and much more...

### As Featured On:

* [GoDaddy](https://www.godaddy.com/garage/decode-security-logs-wordpress/)
* [Pagely](https://pagely.com/blog/2015/01/log-wordpress-dashboard-activity-improved-security-auditing/)
* [Shout Me Loud](https://www.shoutmeloud.com/wordpress-security-audit-log.html)
* [WP Couple](https://wpcouple.com/wp-security-audit-log-review/)
* [WPKube](http://www.wpkube.com/improve-wordpress-security-wp-security-audit-log/)
* [WPLift](http://wplift.com/audit-wordpress-security-logs) - Review by Ahmad Awais
* [WP Mayor](http://www.wpmayor.com/wp-security-audit-log-plugin-review-user-activity-logging-wordpress/)
* [WP SmackDown](https://wpsmackdown.com/wp-plugins/wp-security-audit-log/)
* [SourceWP](https://www.sourcewp.com/wp-security-audit-log-plugin-review/)
* [Techwibe](https://www.techwibe.com/wp-security-audit-log-wordpress-plugin/)
* [KevinMuldoon.com](https://www.kevinmuldoon.com/wp-security-audit-log-review/)
* [Cloudways](https://www.cloudways.com/blog/monitor-wordpress-with-wp-security-audit-log-plugin/)
* [Collective Ray](https://www.collectiveray.com/wp/plugins/wordpress-security-audit-log)
* [MyWPExpert](http://www.mywpexpert.com/wp-security-audit-log/)
* [BlogVault](https://blogvault.net/wp-security-audit-log-plugin-review/)
* [Firewall.cx](http://www.firewall.cx/general-topics-reviews/security-articles/1146-wordpress-audit-monitor-log-site-security-alerts.html)
* [Design Wall](http://www.designwall.com/blog/10-wordpress-multisite-plugins-you-shouldnt-live-without/)
* [Tidy Repo](https://tidyrepo.com/wp-security-audit-log-wordpress-activity-log/)
* [Shout Me Loud](http://www.shoutmeloud.com/how-to-monitor-user-activities-wordpress-dashboard.html)
* [Monster Post](http://blog.templatemonster.com/2015/12/15/wp-security-audit-log-plugin-review/)
* [The Darknet](http://www.darknet.org.uk/2015/10/wp-security-audit-log-a-complete-audit-log-plugin-for-wordpress/)
* [WebEmpresa](https://www.webempresa.com/blog/auditando-cambios-en-wordpress.html)
* [KitPloit](http://www.kitploit.com/2016/10/wp-security-audit-log-ultimate.html)

#### WordPress Security Audit Log in your Language!
We need help translating the plugin and the WordPress Security Alerts. Please visit the [WordPress Translate Project](https://translate.wordpress.org/projects/wp-plugins/wp-security-audit-log) to translate the plugin and drop us an email on support@wpwhitesecurity.com to get mentioned in the list of translators below.

* Italian translation by [Leonardo Musumeci](http://leonardomusumeci.net/)
* German translation by [Mourad Louha](http://excel-translator.de)
* Spanish translation by the [WP Body team](https://wpbody.com/)
* French translations by Denis Moscato

#### Related Links and Documentation

* [What is a WordPress Activity Log?](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/what-is-a-wordpress-audit-trail/)
* [List of WordPress Activity Log events](http://www.wpsecurityauditlog.com/documentation/list-monitoring-wordpress-security-alerts-audit-log/)
* [WordPress Multisite Features](http://www.wpsecurityauditlog.com/documentation/wordpress-multisite-plugin-features-support/)
* [WP Security Audit Log and Reverse Proxy and WAFs Support](http://www.wpsecurityauditlog.com/documentation/automatically-retrieve-originating-wordpress-user-ip-address/)
* [WP Security Audit Log Database Documentation](http://www.wpsecurityauditlog.com/documentation/plugin-wordpress-database-documentation/)
* [Official WP Security Audit Log Plugin Website](http://www.wpsecurityauditlog.com/)

== Installation ==

=== Install WP Security Audit Log from within WordPress ===

1. Visit 'Plugins > Add New'
1. Search for 'WP Security Audit Log'
1. Install and activate the WP Security Audit Log plugin
1. Allow or skip diagnostic tracking

=== Install WP Security Audig Log manually ===

1. Upload the `wp-security-audit-log` directory to the `/wp-content/plugins/` directory
1. Activate the WP Security Audit Log plugin from the 'Plugins' menu in WordPress
1. Allow or skip diagnostic tracking

== Frequently Asked Questions ==

= Support and Documentation =
Please refer to our [Support & Documentation pages](https://www.wpsecurityauditlog.com/documentation/frequently-asked-questions-faqs) for all the technical information and support documentation on the WP Security Audit Log plugin.

== Screenshots ==

1. The Audit Log Viewer from where the WordPress administrator can see all the security events generated by WP Security Audit Log WordPress plugin.
2. See who is logged in to your WordPress and manage users sessions with the [Users Sessions Management Add-On](http://www.wpsecurityauditlog.com/extensions/user-sessions-management-wp-security-audit-log/)
3. The WP Security Audit Log plugin settings from where WordPress administrator can configure generic plugin settings such as [reverse proxy support](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/wp-security-audit-log-supports-reverse-proxies-wordpress-firewalls/), who can manage the plugin etc.
4. The WordPress audit trail settings from where you can configure automatic pruning of alerts, which timestamp should be used, how many 404 requests should be logged and more.
5. Configuring WordPress email alerts with the [Email Notifications Add-On](http://www.wpsecurityauditlog.com/extensions/wordpress-email-notifications-add-on/)
6. Search and filters functionality to automatically search through the WordPress security audit log with the [Search Extension](http://www.wpsecurityauditlog.com/extensions/search-add-on-for-wordpress-security-audit-log/)
7. The Enable/Disable Alerts settings node from where Administrators can disable or enable WordPress security alerts.
8. The Audit Log Viewer of a Super Admin in a WordPress multisite network installation with the Site selection drop down menu.
9. If there are more than 15 sites in a multisite, an auto complete site search shows up instead of the drop down menu (see [screenshots](https://wordpress.org/plugins/wp-security-audit-log/screenshots/) for reference)
10. WP Security Audit Log is integrated with the built-in revision system of WordPress, thus allowing you to see what content changes users make on your WordPress posts, pages and custom post types. For more information read [Keep Record of All WordPress Content Changes with WP Security Audit Log Plugin](http://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/record-all-wordpress-content-changes-wp-security-audit-log-plugin/)
11. Mirror the WordPress activity log to an external solution such as Syslog or Papertrail to centralize logging, ensure logs are always available and cannot be tampered with in the unfortunate case of a hack attack.

== Changelog ==

= 3.2.4 (2018-10-04) =

Release Notes: [click here](https://www.wpsecurityauditlog.com/releases/3-2-4-gutenberg-support/)

* **New Activity Log Features**
	* Support for Gutenberg
	* [Daily activity log overview email](https://www.wpsecurityauditlog.com/support-documentation/daily-activity-logs-overview-email/).
	* Live notification of latest event in the WordPress admin bar.

* **Plugin Improvements**
	* Revamped the [Users management module and settings](https://www.wpsecurityauditlog.com/premium-features/wordpress-users-sessions-management-tools/) - part of the easy to use updates.
	* Error message for blocked simultaneous users sessions can now be configured.
	* Updated the order of the plugin menu entries to a more convenient one.
	* Invalid usernames used in failed logins are now kept for 30 days in the database.
	* Improved WordPress menu sensor - added coverage and improved accuracy.
	* Changed Event Code to Event ID in [email notifications trigger builder](https://www.wpsecurityauditlog.com/support-documentation/getting-started-email-notifications-add/).
	* Improved MainWP Child Site Stealth Mode for premium edition.
	* Sidebar admin notification on first install now only shown to the first user accessing the activity log.
	* Removed in activity log adverts.
	* Updated top banner adverts in activity log - now users can hide them.
	* Updated WordPress icon used to report system events in activity log.

* **Bug Fixes**
	* Added support for arrays in ACF [Support Ticket](https://wordpress.org/support/topic/array-to-string-warning/)
	* Handled an exception error in which user has same event ID. Now instead plugin shows an show error and disable custom sensor.
	* Fixed an issue in which the startup wizard was shown twice on the free edition of the plugin.
	* Fixed an issue in which reports were not generated because of non-standard paths.