Simple History – Track, Log, and Audit WordPress Changes

Description

“So far the best and most comprehensive logging plugin”@herrschuessler

Simple History shows recent changes made within WordPress, directly on your dashboard or on a separate page.

The plugin works as a audit log of the most important events that occur in WordPress.

It’s a plugin that is good to have on websites where several people are involved in editing the content.

No coding is required to use the plugin. Just install it and it will start logging events.

✨ Simple History Features

Out of the box Simple History has support for:

  • Posts and pages – see who added, updated or deleted a post or page

  • Attachments – see who added, updated or deleted an attachment

  • Taxonomies (Custom taxonomies, categories, tags) – see who added, updated or deleted an taxonomy

  • Comments – see who edited, approved or removed a comment

  • Widgets – get info when someone adds, updates or removes a widget in a sidebar

  • Plugins – activation and deactivation

  • User profiles – info about added, updated or removed users

  • User logins – see when a user login & logout. Also see when a user fails to login (good way to catch brute-force login attempts).

  • User edits – see when a user is added, updated or removed, and get detailed information about the changes made to the user.

  • Failed user logins – see when someone has tried to log in, but failed. The log will then include ip address of the possible hacker.

  • Menu edits

  • Option screens – view details about changes made in the different settings sections of WordPress. Things like changes to the site title and the permalink structure will be logged.

  • Privacy page – when a privacy page is created or set to a new page.

  • Data Export – see when a privacy data export request is added and when this request is approved by the user, downloaded by an admin, or emailed to the user.

  • User Data Erasure Requests – see when a user privacy data export request is added and when this request is approved by the user and when the user data is removed.

Build in logging for third party plugins

Simple History comes with built in support for many plugins:

  • Jetpack – See what Jetpack modules that are activated and deactivated.

  • Advanced Custom Fields (ACF) – See when field groups and fields are created and modified.

  • User Switching – See each user switch being made.

  • WP Crontrol – See when cron events are added, edited, deleted, paused, resumed, and manually ran, and when cron schedules are added and deleted.

  • Enable Media Replace – See details about the file being replaced and details about the new file.

  • Limit Login Attempts – See login attempts, lockouts, and configuration changes made in the plugin Limit Login Attempts.

  • Redirection – See redirects and groups that are created, changed, enabled or disabled and also when the global plugin settings have been modified.

  • Duplicate Post –See when a clone of a post or page is done.

  • Beaver Builder – See when a Beaver Builder layout or template is saved or when the settings for the plugins are saved.

Is your plugin missing? No problem – plugin authors can add support for Simple History in their plugins using the logging API.

Plugins that have support for Simple History includes:

What users say 💬

🌟 300+ five-star reviews speak to the reliability of this plugin. 🌟

  • “So far the best and most comprehensive logging plugin”@herrschuessler

  • “The best history plugin I’ve found”Rich Mehta

  • “Custom Logs Are Crazy Awesome!”Ahmad Awais

  • “Amazing activity logging plugin”digidestination

  • “Fantastic plugin I use on all sites”Duncan Michael-MacGregor

  • “Useful Quick View of Activity”Dan O

  • “The best Activity Plugin”Rahim

  • “The best free history plugin ever”abazeed

  • “It is a standard plugin for all of our sites”Mr Tibbs

Getting Started

After installation, Simple History automatically starts logging activities. Access the history log through the dashboard widget or via the ‘Simple History’ page in the dashboard menu.

RSS feed with changes

Using the optional password protected RSS feed you can keep track of the changes made on your website using your favorite RSS reader.

Comes with WP-CLI commands

For those of you who like to work with the command line there are also some WP-CLI commands available.

  • wp simple-history list – List the latest logged events.

Example scenarios

Keep track of what other people are doing:
“Has someone done anything today? Ah, Sarah uploaded
the new press release and created an article for it. Great! Now I don’t have to do that.”

Or for debug purposes:
“The site feels slow since yesterday. Has anyone done anything special? … Ah, Steven activated ‘naughty-plugin-x’,
that must be it.”

API so you can add your own events to the audit log

If you are a theme or plugin developer and would like to add your own things/events to Simple History you can do that by using the function SimpleLogger() like this:

`php

if ( function_exists(“SimpleLogger”) ) {
// Most basic example: just add some information to the log
SimpleLogger()->info(“This is a message sent to the log”);

    // A bit more advanced: log events with different severities
    SimpleLogger()->info("User admin edited page 'About our company'");
    SimpleLogger()->warning("User 'Jessie' deleted user 'Kim'");
    SimpleLogger()->debug("Ok, cron job is running!");

}
?>
`

See the documentation for examples on how to log your own events and how to query the log, and more.

🔆 Extend the plugin functionality with Add-ons

Powerful add-ons are available to extend the functionality of Simple History even further:

WooCommerce Logger
Enhance your site’s tracking with comprehensive logs for WooCommerce orders, products, settings, and coupons.

Extended Settings
Extend the settings of Simple History with more options and settings.

Developer tools (coming soon)
Log sent emails, HTTP API requests, cron jobs, and more.

💚 Sponsor this project

If you like this plugin please consider donating to support the development. The plugin has been free for the last 10 years and will continue to be free.

Screenshots

  • The log view + it also shows the filter function in use – the log only shows event that are of type post and pages and media (i.e. images & other uploads), and only events initiated by a specific user.

  • The Post Quick Diff feature will make it quick and easy for a user of a site to see what updates other users have done to posts and pages.

  • When users are created or changed you can see details on what have changed.

  • Events have context with extra details – Each logged event can include useful rich formatted extra information. For example: a plugin install can contain author info and a the url to the plugin, and an uploaded image can contain a thumbnail of the image.

  • Click on the IP address of an entry to view the location of for example a failed login attempt.

  • See even more details about a logged event (by clicking on the date and time of the event).

  • A chart with some quick statistics is available, so you can see the number of events that has been logged each day. A simple way to see any uncommon activity, for example an increased number of logins or similar.

FAQ

Is the plugin free?

Yes! It has been free for the last 10 years and will continue to be free. There are some add-ons that you can buy to support the development of this plugin and get some extra features. View add-ons.

How do I view the log?

You can view the log on the dashboard or on a separate page in the admin area.

Can I see the log in the front end?

No, the log is only available in the admin area.

Do I need to have coding skills to use the plugin?

No, you don’t need to write any code to use the plugin.
Just install the plugin and it will start collecting data.

Where is the log stored?

The log is stored in the database used by WordPress.

Can I export the log?

Yes, you can export the log to a CSV or JSON file.

Is my theme supported?

Yes, the plugin works with all themes.

Is my plugin supported?

The plugin comes with built in support for many plugins and support for Simple History can be added to any plugin using the Logging API.

Will my website slow down because of this plugin?

No, the plugin is very lightweight and will not slow down your website.

Who can view the log?

How much information that is shown in the log depends on the user role of the user viewing the log. Admins can see everything, while editors can only see events related to posts and pages.

Is it possible to exclude users from the log?

Yes, you exclude users by role or email using the filter simple_history/log/do_log.

See the hooks documentation for more info.

For how long are the history kept?

By default, logs are stored for 60 days. This duration can be adjusted in the settings.

This can be modified using the filter simple_history/db_purge_days_interval or using the Simple History Extended Settings add-on.

Can I track changes made by specific users?

Yes, Simple History allows you to filter the history by user names, making it easy to monitor individual activities.

Is this plugin GDRP compliant?

Since GDRP is such a complex topic and since WordPress plugins are not allowed to imply that they provide legal compliance we can not simply just say that the plugin is GDPR compliant.

GDPR is very much about how you use the data and how you inform your users about what data you collect and how you use it. No site is the same and the usage together with the plugin can be very different from site to site. So you should always make sure that you are compliant with GDPR when using the plugin.

That said, the plugin does not use Google Fonts, does not set cookies, uses no local storage, and by default the ip addresses are anonymized. The plugin is however a plugin that logs events and that can contain personal data, so you should always make sure that you are compliant with GDPR when using the plugin.

Read more at the FAQ on the plugin website.

Reviews

9 November 2024
If you’re managing sites that have multiple people contributing to them or you want to be able to see what changed before something went wrong it’s essential.
17 May 2024
As its name suggests, it’s very simple, but it’s a wealth of information that we’re delighted to have and that deserves to be integrated into WP. Thanks to the author for his work.
12 April 2024
me muestra todo, incluso, el IP real (paso pro cloudflare) del usuario que se logueo, ademas muestra si se modifica , incluso el menu, que era un problema q tenia, doy 5 estrellas. solo un pequeño detalle, quisiera que cuanto tenga un wordpress multisite, aparezcan los logs de todos los sitios en la seccion network.
Read all 384 reviews

Contributors and Developers

“Simple History – Track, Log, and Audit WordPress Changes” is open source software. The following people have contributed to this plugin.

Contributors

“Simple History – Track, Log, and Audit WordPress Changes” has been translated into 16 locales. Thank you to the translators for their contributions.

Translate “Simple History – Track, Log, and Audit WordPress Changes” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Change Log

✨ Do you use Simple History a lot?
Then sponsor the plugin to keep it free or
add a 5-star review so other users know it’s good.

5.1.0 (November 2024)

This release contains some bugfixes 🐞 but also a new experimental Admin Bar Quick View feature. See the release post for info and screenshots.

Added

  • Add “Admin Bar Quick View” as experimental feature. This new feature adds a “History” link in the admin bar, that when hovered shows the latest events in a compact timeline format.
    This is very convenient when you quickly want to check the latest events without leaving the page you are on.
    (This feature is experimental and can be enabled on the settings page.) #476
  • Add helper function get_settings_page_url().
  • Add helper function sh_dd().

Changed

  • Tested on WordPress 6.7.

Fixed

  • Use selected WP admin theme colors for colors in links and buttons. #463
  • Add pagination buttons to first page and last page. #479
  • Add option to go enter page number to go to. #479
  • Fix username not always showing in the event details modal.

5.0.4 (October 2024)

  • Fix PHP warning when viewing events from anonymous users (for example logged failed logins). #477
  • Add tests for REST API endpoints.

5.0.3 (October 2024)

  • Fix for wrong version number in the readme.txt and index.php file, causing the plugin to find updates forever.

5.0.2 (October 2024)

Added

  • Add occasions_id to the context data modal.
  • Include user_display_name in events REST API response.
  • Autoload options simple_history_detective_mode_enabled, simple_history_experimental_features_enabled, and simple_history_db_version to improve performance. Related: Options API: Disabling Autoload for Large Options.

Changed

  • Better output of JSON data in event details view. #464

Fixed

  • Display user “display name”, with fallback to “username”, in the event feed. This restores how it was displayed in version 4 of the plugin. #468
  • Disable autoload of option SimplePluginLogger_plugin_info_before_update, to improve performance. #457
  • Fix PHP warnings when fetching occasions.
  • Only get edit link for a post if get_post() returns a post object. This may fix issues with, for example, old versions of WPML. #469
  • Make more strings in the GUI translatable. #470, #471

5.0.1 (September 2024)

A minor update to quickly fix an issue with avatars that affected a few people.

  • Fix: Correct default value used in get_avatar_data() when no user found for an event. Solves compatibility issues with BuddyBoss and possible other similar plugins. #461

5.0.0 (September 2024)

A big update that keeps everything familiar. 🚀
See what’s changed under the hood.

Changed

  • Event Feed Rewrite: The event GUI has been entirely rewritten using React and WordPress components.
  • Auto-Refreshing Filters: The event feed now updates automatically when filters are changed.
  • IP Address Info Update: IP address information popup now include the name of the server header where the IP was sourced.
  • Quickstats Relocation: The “quickstats” box has been repositioned to the top of the stats sidebar.
  • WordPress 6.6 Minimum Requirement: Simple History now requires WordPress 6.6.
  • SecuPress Compatibility: Changes to post types introduced by SecuPress will no longer be logged.

Added

  • REST API Endpoints: REST API endpoints to fetch event logs at /simple-history/v1/events and /wp-json/simple-history/v1/events/<id>.
  • Action Menu for Events: Each event now includes an actions menu, with options to view event details, copy permalinks, and soon more. (Plugins and add-ons can extend the menu with custom actions so keep your eyes opened for more actions in the future.)
  • New Hooks for Developers:
    • simple_history/history_page/gui_wrap_top: Fired at the top of the history page GUI wrapper.
    • simple_history/dropin/stats/before_content: Fired inside the stats sidebar, after the headline but before the content.
  • Experimental Features: New option on the setting page to enable experimental features.

Removed

  • Settings Metabox: The metabox linking to the settings page has been removed, as settings are now accessible from the top menu bar.
  • Legacy Code Cleanup: Removed several old and unused files, functions, and JavaScript hooks that are no longer relevant to the current implementation.

4.17.0 (August 2024)

🐞 This release contains some small bug fixes and enhancements. The previous version had more cool new features so check out that one if you haven’t already.

  • Tested on WordPress 6.6.
  • Correct URL for “Go to Simple History” link on updated page on multisite.
  • Add simple_history/log_query_inner_where_array as a replacement for filter simple_history/log_query_inner_where that got removed in 4.9.0. The new filter is an array filter and can be used to add or modify the where clauses that the log query will use. See this GitHub issue for some examples.
  • Add link to Simple History below the “All updates have been completed” message for more cases (it was missing when translations was updated, for example).
  • Add filter simple_history/show_action_link that can be used to disable the link to the action that is shown in the log. This can be useful if you want to hide the link to the action for some users or in some cases. Example usage: add_filter("simple_history/show_action_link", "__return_false");.
  • Update Select2. #456

🌟 Pssst…. Don’t forget that you can sponsor this project to keep it free and open source. And if you need more features you can buy add-ons that also get you some extra features. 🌟

4.16.0 (July 2024)

This release contains many new features and improvements. Especially updates made on the settings screen has gonne through a major overhaul and is now much more user friendly and informative.
View the release post for screenshots and more information.

Added

  • Debug page additions
    • Display detected db engine to debug page. Can be useful for debugging since Simple History supports MySQL, MariaDB, and SQLite.
    • Table size and number of rows for SQLite databases are shown on the debug page (they were already shown for MySQL and MariaDB).
    • Display Drop-ins on the debug page.
  • Throw exception if log query has any db errors instead of just dying silently. This should help with debugging since the message often is visible in the log. #438
  • Plugin update failures are now logged, with error message added to context. This can happen when a plugin can’t remove it’s folder. #345
  • Support for the ANSI_QUOTES mode in MySQL/MariaDB. #334
  • RSS feed support for filtering by loglevels ( e.g.,?loglevels=warning,notice). See https://simple-history.com/docs/feeds/ for all available filters. #443
  • Log when an admin user changes the way WordPress handles auto updates of core, from “automatic updates for all new versions of WordPress” to “automatic updates for maintenance and security releases only”, or vice versa. #449
  • Add Update URI plugin header, if available, to context for plugin installs or updates. This field was added in WordPress 5.8 so it was really time to add it now 🙂 #451
  • Add link to the Simple History site history below the “All updates have been completed” message that is shown when plugins or themes are updated. #453
  • Add title, alternative text, caption, description, and slug to modified attachments. #310
  • Add a link next to number or failed login attempts. If the extended settings add-on is installed the link goes to the settings page for that add-on. If that add-on is not installed the link goes to the website of the add-on.

Changed

  • Changes to settings screens and logging of their options have gotten a major overhaul and is now much more user friendly and informative:

    • Only built in WordPress options are logged. Previously other options could “sneak in” when they was added using a filter or similar on the same screen.
    • When updating the site language option (the options WPLANG), set “en_US” as the language when the option is empty. Previously it was set to an empty string which what a bit confusing.
    • “Week Starts On” now displays the new and previous weekday as human readable text instead of a number.
    • Use wording “Updated setting…” instead of “Updated option…” in the log when a setting is updated because it’s more user friendly to say “setting” instead of “option”, since that’s the wordings used in the WordPress UI.
    • Include the name of the settings page in the main log message for each setting updated and also include a link to the settings page.
    • Use “On” or “Off” when display the changed values for settings that can be toggled on or off. Previously “1” or “0” was used.
    • Setting “For each post in a feed, include…” now displays “Full text” or “Excerpt”, instead of “1” or “0”.
    • The “blog_public” settings is now shown as “Discourage search engines from indexing this site” setting was changed.
  • Don’t log the uploading and deletion of the ZIP archive when installing a plugin or theme from a ZIP file. #301

  • Update testing framework wp-browser to 3.5.
  • Misc refactoring and code cleanup.

Fixed

  • Fix a possible strpos()-warning in the ACF logger. #440
  • Ensure Post via email SMTP password is not exposed in the log.

Pssst! Did you know that you can sponsor this project to keep it free and open source? 🌟

4.15.1 (April 2024)

This release contains a new feature that logs when scheduled blog posts or site pages automatically publish themselves at any time in the future. It also contains the regular bug fixes and improvements. View the release post.

Added

  • Log when post status changes from future to publish, i.e. when scheduled blog posts or site pages automatically publish themselves at any time in the future. #343

Fixed

  • Log theme file edits and plugin file edits again. #437
  • Show previous featured image when removing a featured image from a post. Before this change the fields was empty. So confusing.
  • Cleanup the edited post event output by remove context keys post_author/user_login, post_author/user_email, post_author/display_name from post edited events, because author change is already shown as plain text. The context keys are still available to see in the context data table.

Updated

  • Update WordPress Coding Standards to latest version. #436

4.15.0 (April 2024)

Was never released. Skipped to 4.15.1. Something went wrong with tagging.

4.14.0 (April 2024)

🕵️‍♀️ This version introduces a new Detective Mode. Many users use Simple History to catch changes made by users and plugins, but sometimes it can be hard to tell exactly what plugin that was responsible for a specific action. Detective Mode has been created to help users find the responsible plugin, hook, URL, or function used to trigger a specific action. View screenshots and more information.

  • Add Detective Mode, a new feature aimed to help users find what plugin or theme is causing a specific event or action to be logged or happen. Great for debugging. This new feature can be enabled in the settings. Read more. Useful for admins, developers, forensics detectives, security experts, and more.
  • Add support for searching for localized logger message strings. #277
  • Add fix for SQL MAX_JOIN_SIZE related error message, that could happen on low end hosting providers or shared hosting providers. #435
  • Remove check for older PHP versions in helpers::json_encode. (PHP 7.4 is since long the minimum requirement for Simple History and for WordPress itself.)
  • Tested on WordPress 6.5.

4.13.0 (March 2024)

🚀 Introducing the WooCommerce Logger Add-On: Enhance your site’s tracking with comprehensive logs for WooCommerce orders, products, settings, and coupons. Learn more in our release post.

View the release post to see screenshots of the new features.

Changelog for previous versions.