Security is one of your top priorities if you run a WooCommerce-powered store. And knowing what your logged-in users are doing and what has been changed, can give you peace of mind and help you to be better prepared.
The WP Security Audit Log Plugin for WooCommerce
Although it works on all WordPress sites, the WP Security Audit Log plugin is unique as it’s the only user activity plugin that keeps a detailed log of changes in WooCommerce store settings, simple and variable products, coupons, orders and other WooCommerce-specific elements.
It has a very comprehensive activity log, extensive coverage of all WordPress changes and includes email and SMS notifications and reports, just to name a few.
It’s the perfect solution to keep track of changes, help with troubleshooting and stay on top of any suspicious behavior on your store.
Installing with the Wizard
We are working with the premium version of the plugin so we can show you all that it can bring to your store. When you install it, you have the option of walking through a wizard. I always recommend this as it’s a good way to get your initial features set. It also gives you a nice overview of your options.
For this post I opted to activate all the options.
As a WooCommerce store, I can make the obvious choice of logins beyond the standard WordPress login page.
An option to keep track of 404 errors:
This is a setting you may choose to have on or off for your store:
Next, you choose who has access to the logs:
If you have any user or user role that you would like to exclude from the logs, you can do that here:
Now you can finish the install knowing you have the basics set up.
WP Security Audio Log Settings
Now you can go into your settings where you can either change or fine tune what you set in your wizard.
The general settings has a variety of options.
Activity Log Settings
Next are some options to fine tune a bit of the activity log you will be viewing.
File Integrity Scan
One of the features for this plugin is that it scans your WooCommerce site whenever a file is added, modified or deleted. You can choose to show these changes and control what is scanned.
Exclude Objects Settings
To further customize the scan, you can exclude objects, the objects being post types, users, roles, etc.
Not so much a setting as the ability to export or import the settings. Great if you want to duplicate from another install or even as a backup.
SMS Provider Settings
Here you can connect to integrate Twilio a great feature of this plugin as SMS notifications outweigh email notifications, are instant and cannot be blocked by antispam or other filters.
A few more options for the plugin.
Audit Log Viewer
This is where you will see all logged activity. I went into my site as a customer and here you see all the activity that was logged from that single visit. As I mentioned before, this plugin covers activity on your WooCommerce site down to every detail that you have activated regarding your logs, plus a bit of what I had done as an admin.
For any of these logs, you can click through for further details.
You can further fine-tune what events you want to log. As you can see from the tabs, there are several options and I won’t be showing you each of these. But as an example, here are the events for WooCommerce products.
User Sessions and Management
You can control the number of logged-in sessions that you want to retrieve.
User Sessions Management
In addition, for these sessions, you are able to limit or block any simultaneous connections from the same username.
And set a time limit to terminate any idle sessions.
At any time, you can view which users are logged in, with the abiliy to terminate a session if needed.
As mentioned, you can get notifications via email and/or SMS. As with the events, there are numerous options so I won’t go through each one. But specifically for WooCommerce you have these four options for notifications:
To generate and configure your reports, you can filter what details you want on your report. Then you can generate that report for either daily, weekly, monthly or quarterly.
And options for your statistics reports:
External Databases and Services Configurations
There are a few options here, including the ability to store the WordPress activity log in an external database, archive old entries and mirror the WordPress activity log to another database or a third party service such as Slack or Syslog.
Log Activity in Your Dashboard
You will have a latest-events list that you can find in your main dashboard page.
And at the top, the current log activity:
Staying on Top of Your WooCommerce Store
When it comes to your WooCommerce store, this plugin can help you to stay on top of everything. Its power is that it does not tell you just when a product has been updated, but it lets you know if the price, stock quantity, product type, product description and other details have been changed. It will soon be able to monitor checkout store changes, but here is a list of events that it does monitor for your store:
To sum it up, on their site they give you a great overview of the Detailed Activity Log for WooCommerce.
As you can see, this is a highly detailed activity log plugin. Not only does it provide information that can help you keep your WooCommerce store secure, but it also helps to improve and ensure user accountability to help keep your store compliant.
Get weekly news on and around the WooCommerce community. Updates to our podcast, news from our weekly roundup and extra news from within and outside the WooCommerce space. I write this myself and it is delivered to your inbox every Saturday morning.