English (UK)

Plugin Directory

Test out the new Plugin Directory and let us know what you think.

WP Security Audit Log

Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.


Keep an audit log of everything that happens on your WordPress and WordPress multisite with WP Security Audit Log to ensure user productivity and identify WordPress security issues before they become a security problem.

WP Security Audit Log is WordPress' most comprehensive user monitoring and audit log plugin and is used by thousands of WordPress administrators, owners and security professionals. The plugin can also be used to keep an audit trail of WooCommerce store and product changes.

Free and Premium Support

Support for the WP Security Audit Log plugin on the WordPress forums is free. Since it is free support it is not always possible to answer all questions on a timely manner, although we do try our best.

Premium world-class support is available via email to anyone who purchases any of the Premium Add-Ons listed below:

Keep A WordPress Security Audit Log & Identify WordPress Security Issues

WP Security Audit Log keeps a log of everything happening on your WordPress blog or website and WordPress multisite network. By using WP Security Audit Log security plugin it is very easy to track suspicious user activity before it becomes a problem or a security issue. A security alert is generated by the plugin when:

  • New user is created via registration or by another user
  • First time a user logs in to WordPress
  • User changes the role, password or other profile settings of another user
  • User on a WordPress multisite network is added or removed from a site
  • User uploads or deletes a file, changes a password or email address
  • User installs, activates, deactivates, upgrades or uninstalls a plugin
  • User creates a new post, page, category or a custom post type
  • User modifies an existing post, page, category or a custom post type
  • User creates, modifies or deletes a custom field from a post, page or custom post type
  • User adds, moves, modifies or deletes a widget
  • User installs or activates a new WordPress theme
  • User changes WordPress settings such as permalinks or administrator notification email
  • WordPress is updated / upgraded
  • Failed login attempts
  • and much more...

Refer to the complete list of WordPress Security Audit Alerts for more information on what WordPress activity can be monitored with WP Security Audit Log.

Monitor WordPress Users Activity & Productivity

If you own a multi user WordPress blog or website, or a WordPress multisite network installation you can use WP Security Audit Log plugin to monitor your users' activity and productivity. With WP Security Audit Log WordPress plugin you can monitor:

  • When WordPress users log in or out
  • From where WordPress users are logging in
  • Users who created. modified or deleted categories
  • Users who created a blog post, page or a custom post
  • Users who published a blog post, page or a custom post
  • Users who modified published WordPress content such as custom posts, pages or a blog posts
  • Users who moves content such as blog posts or WordPress pages to trash or permanently deletes it
  • Users who modify WordPress widgets
  • Uses who upload or delete any sort of files
  • and much more...

Refer to the complete list of WordPress Security Audit Alerts for more information on what other WordPress user activity can be monitored with the WP Security Audit Log WordPress plugin.

Upgrade to Premium and Extend the Functionaly of the WP Security Audit Log Plugin

Upgrade to Premium to add Email Alerts, Search, Reports and see who is logged in to your WordPress. Else you can buy any of the add-ons listed below separately:

  • Email Notifications Add-On: get notified via email of important changes. You can setup your own triggers to for example be alerted via email should any WordPress user log in to your WordPress outside office hours.

  • Users Sessions Management Add-On: see who is logged in to your WordPress and WordPress multisite networks. This add-on also allows you to terminate users' sessions and either allow or deny multiple sessions for the same WordPress user.

  • Search Add-On: do free-text based searches in the WordPress audit trail to easily pin-point a specific WordPress user change. The Search add-on also has built-in filters so you can fine tune your searches and find the WordPress change you are looking for easily and quickly.

  • Reports Add-On: generate any type of HTML and CSV WordPress report. For example generate a WordPress user activity report, role activity report and also site activity report (for WordPress multisite). The Reports Add-On does not restrict you to specific reports types, it allows you to choose any data source for your reports. With this add-on you can also configure automated email summary reports.

  • External DB Add-on: store the WordPress Audit Trail in an external database to improve the security and perforamnce of your WordPress websites and blogs by ensuring such records are not tempered with even in case the website is hacked. By storing the audit trail in an external database you also ensure that your business WordPress website is compliant with today's strict regulatory compliance requirements.

WP Security Audit Log for WordPress Multisite

WP Security Audit Log is the first tracking and audit WordPress security monitoring plugin that supports WordPress multisite network installations and can monitor activity on such WordPress multisite network installations.

For more information about the features for WordPress Multisite network installation refer to WP Security Audit Log Features for WordPress Multisite

Easily Create Your Own Custom Alerts

Is there something on your WordPress that the plugin does not monitor, but you would like to keep a record of it? Refer to the Hooks for custom alerts documentation to easily create your own custom alerts and keep record of any change on your WordPress, be it a change in a WordPress customization, a third party plugin and more.

WordPress & PHP Errors Monitoring Tools

Plugins and themes customizations are most probably the norm of the day on large WordPress websites, not to mention the installation of new plugins and components. With WP Security Audit Log now it is easier than ever before to monitor your plugins', theme's and other code behaviour, it will generate a alert when a PHP error, warning, exception or shutdown is detected. It is also possible to log all HTTP GET and POST requests that are reaching your WordPress installation to a log file with WP Security Audit Log. Simply enable the PHP Errors monitoring or logging from the plugins settings.

NOTE: Developer options should NEVER be enabled on Live websites. They should only be enabled on testing, staging and development WordPress and WordPress multisite installations.

Other Noteworthy Features

WP Security Audit Log plugin also has a number of features that make WordPress and WordPress multisite monitoring and auditing easier, such as:

  • Realtime Audit Log viewer allowing you to see the changers as they happen without any delays
  • Built-in support for reverse proxies and web application firewalls more information
  • Detailed WordPress audit trail allowing you to see what actually changed when the content of posts, pages and custom post types is changed
  • WhatIsMyIpAddress.com integration so you can get all information about an IP address with just a mouse click
  • Limit who can view the WordPress audit trail by either users or roles
  • Limit who can manage the plugin by either users or roles
  • Configurable WordPress dashboard widget highlighting the most recent critical activity
  • Configurable WordPress security audit trail automatic pruning
  • User role is reported in alerts for a complete overview of what is happening
  • User avatar is shown in the alerts for better recognizability
  • Enable or disable any security alerts
  • and much more...

As Featured On:

WordPress Security Audit Log in your Language!

We need help translating the plugin and the WordPress Security Alerts. Please visit the WordPress Translate Project to translate the plugin and drop us an email on support@wpwhitesecurity.com to get mentioned in the list of translators below.

Related Links and Documentation

For more information and to get started with WordPress Security, check out the following:

Stay a Step Ahead of the Bad Guys - Keep Yourself Informed

Even if WordPress security is not your cup of tea, the security of your WordPress is your responsibility. Keep yourself up to date with the latest WordPress Security Tips, Tricks and news. Subscribe to the WP Security Bloggers newsletter, for an aggregate of posts from the most popular WordPress security blogs.

WP Security Audit Log Plugin Newsletter

To keep yourself updated with what is new and updated in the WP Security Audit Log plugin please subscribe to the newsletter.

Note: This plugin requires PHP 5.3 or higher. Older versions of PHP are no longer maintained by PHP and are prone to security issues. For more information or if you need assistance with your version of PHP please get in touch with us by using our contact form.

Requires: 3.6 or higher
Compatible up to: 4.7.3
Last Updated: 6 days ago
Active Installs: 50,000+


4.7 out of 5 stars


4 of 9 support threads in the last two months have been marked resolved.

Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1 100,1,1
89,9,8 100,1,1
67,3,2 100,3,3
100,1,1 100,4,4
75,4,3 100,2,2 80,5,4 100,1,1
100,1,1 100,2,2
100,1,1 100,2,2
100,2,2 100,1,1
100,1,1 100,1,1 100,1,1
0,2,0 100,3,3
100,1,1 100,1,1