Solved

Wordpress activity log

Posted on 2013-06-26
2
321 Views
Last Modified: 2013-08-01
We have several weird things happen with our wordpress site.  Several pages were sent to trash and we're curious to know if there is a log file that may track the activity in the site from Wordpress.  I'm not thinking its malicious, but rather someone in our church that didn't know what they were doing.

suggestions?
0
Comment
Question by:axessJosh
2 Comments
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 500 total points
Comment Utility
The best log file to look at is the apache access log.  You should be able to narrow down who submitted the trash request from that log.

If not, there are several plugins that you could install to track activity on the site.  I know that VaultPress keeps an audit trail but it's a premium plugin.  Most of the better security plugins also keep an audit trail as it is useful to diagnose attacks; catching a rogue user is just a bonus.  

You might also look into a small but growing class of audit plugins:

http://wordpress.org/plugins/wp-security-audit-log/

Looks promising.

But right now, the access log is your best bet if you don't have anything else that tracks stuff installed on the site.  You might be able to go through the wp_posts and wp_postmeta tables and get some useful info about who last edited the file or see the revision history if you are allowing WP to track revisions.  The problem with tha approach is that if the person deleted the posts from the list page, it may not leave a trail there.
0
 
LVL 18

Expert Comment

by:Matthew Kelly
Comment Utility
Perhaps easier; Deletes and Restores show up as "Revisions". After you restore the item, if you open the post up and then click "Screen Options" in the top right hand corner and check the "Revisions" box there will be a list of revision dates.

It is not labeled "Moved to Trash" or "Restored" but if you know the time frame it happened in and there weren't a bunch of other edits made to it you could tell which user did it. Or at least tell which users recently touched the post so you can perhaps give some user training about avoiding accidentally clicking the "Move to Trash" link, which is easy to do for non-computer literate because you can do it right from the grid view of "All Posts". Especially someone with a touch screen computer, they may have just meant to click "Edit" or "View" and accidentally clicked "Trash".
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Like there are many different versions of Wordpress, there are also a handful of related side projects WordPress users should be familiar with.   All of these projects are open source and GPL licensed, which means there are few restrictions to us…
I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
The purpose of this video is to demonstrate how to insert an Iframe into WordPress. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp-login.php : Open Page or Post…
The purpose of this video is to demonstrate how to prevent comment spam on a WordPress Website. This will be demonstrated using a Windows 8 PC. Plugin Akismet will be used. Go to your WordPress login page. This will look like the following: myw…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now