WP Security Audit Log - Version 2.6.9

Version Description

(2017-10-24) =

  • New Audit Trail Alerts for logging of Tag changes

    • Alert 2119: User added tag to a post
    • Alert 2120: User removed a tag from a post
    • Alert 2121: User added new tag on WordPress
    • Alert 2122: User deleted a tag from WordPress
    • Alert 2123: User renamed a tag
    • Alert 2124: User changed the slug of a tag
    • Alert 2125: User changed the description of a tag

  • New Audit Trail Alerts for logging of User Profile Changes

    • Alert 4017: Changed the first name of a user
    • Alert 4018: Changed the last name of a user
    • Alert 4019: Changed the nickname of a user
    • Alert 4020: Changed the display name of a user

  • New Functionality

    • New hover over option to modify alerts' behaviour. This applies to alerts that have configuration such as 1002, 1003, 6007 and 6023.
    • Option to record referrer URL in log file when logging 404 errors to a log file.
    • Option to specify how many failed logins the plugin should log.
    • Option to capture the usernames used during failed login attempts with non WordPress users.

  • Improvements

    • Drop down menu to select number of alerts to display in Audit Log Viewer now has only fixed numbers.
    • Renamed first column to Alert ID (standardising text in plugin)
    • New French translation by Denis Moscato

Refer to the WP Security Audit Log change log on the plugin page for a complete changelog.

Download this release

Release Info

Developer WPWhiteSecurity
Plugin Icon 128x128 WP Security Audit Log
Version 2.6.9
Comparing to
See all releases

Code changes from version 2.6.8 to 2.6.9

Files changed (19) hide show
  1. classes/AuditLogListView.php +29 -7
  2. classes/Sensors/Content.php +230 -4
  3. classes/Sensors/LogInOut.php +131 -30
  4. classes/Sensors/MetaData.php +80 -7
  5. classes/Sensors/System.php +28 -4
  6. classes/Sensors/UserProfile.php +2 -2
  7. classes/Settings.php +46 -0
  8. classes/Views/Settings.php +5 -1
  9. classes/Views/ToggleAlerts.php +58 -17
  10. css/auditlog.css +10 -2
  11. defaults.php +19 -4
  12. js/auditlog.js +41 -20
  13. languages/wp-security-audit-log-de_DE.mo +0 -0
  14. languages/wp-security-audit-log-es_ES.mo +0 -0
  15. languages/wp-security-audit-log-fr_FR.mo +0 -0
  16. languages/wp-security-audit-log-it_IT.mo +0 -0
  17. languages/wp-security-audit-log-ro_RO.mo +0 -0
  18. readme.txt +27 -812
  19. wp-security-audit-log.php +2 -2
classes/AuditLogListView.php CHANGED
@@ -43,11 +43,9 @@ class WSAL_AuditLogListView extends WP_List_Table
43
  public function extra_tablenav($which)
44
  {
45
  // items-per-page widget
46
- $o = __('Other', 'wp-security-audit-log');
47
  $p = $this->_plugin->settings->GetViewPerPage();
48
- $items = array($o, 5, 10, 15, 30, 50);
49
  if (!in_array($p, $items)) $items[] = $p;
50
- if ($p == $o || $p == 0) $p = $o[1]; // a sane default if things goes bust
51
 
52
  ?><div class="wsal-ipp wsal-ipp-<?php echo $which; ?>">
53
  <?php _e('Show ', 'wp-security-audit-log'); ?>
@@ -141,7 +139,7 @@ class WSAL_AuditLogListView extends WP_List_Table
141
  $cols = array(
142
  //'cb' => '<input type="checkbox" />',
143
  //'read' => __('Read', 'wp-security-audit-log'),
144
- 'type' => __( 'Code', 'wp-security-audit-log' ),
145
  'code' => __( 'Type', 'wp-security-audit-log' ),
146
  'crtd' => __( 'Date', 'wp-security-audit-log' ),
147
  'user' => $name_column,
@@ -158,7 +156,7 @@ class WSAL_AuditLogListView extends WP_List_Table
158
  foreach ( $sel_columns as $key => $value ) {
159
  switch ( $key ) {
160
  case 'alert_code':
161
- $cols['type'] = __( 'Code', 'wp-security-audit-log' );
162
  break;
163
  case 'type':
164
  $cols['code'] = __( 'Type', 'wp-security-audit-log' );
@@ -216,8 +214,19 @@ class WSAL_AuditLogListView extends WP_List_Table
216
  . ($item->is_read ? 'old' : 'new')
217
  . '" title="' . __('Click to toggle.', 'wp-security-audit-log') . '"></span>';
218
  case 'type':
219
- $code = $this->_plugin->alerts->GetAlert($item->alert_id);
220
- return '<span class="log-disable" data-tooltip="'. __('Disable this type of alerts.', 'wp-security-audit-log').'<br>'.$item->alert_id.' - '.esc_html($code->desc).'" data-alert-id="'.$item->alert_id.'">'
 
 
 
 
 
 
 
 
 
 
 
221
  . str_pad($item->alert_id, 4, '0', STR_PAD_LEFT) . ' </span>';
222
  case 'code':
223
  $code = $this->_plugin->alerts->GetAlert($item->alert_id);
@@ -392,6 +401,9 @@ class WSAL_AuditLogListView extends WP_List_Table
392
  case $name == '%CategoryLink%':
393
  return ' <a target="_blank" href="'.esc_url($value).'">View the category</a>';
394
 
 
 
 
395
  case $name == '%EditorLinkForum%':
396
  return ' <a target="_blank" href="'.esc_url($value).'">View the forum</a>';
397
 
@@ -417,6 +429,16 @@ class WSAL_AuditLogListView extends WP_List_Table
417
  return 'Click <a href="'.esc_url(admin_url("admin.php?page=wsal-togglealerts#tab-system-activity")).'">here</a> to log such requests to file';
418
  }
419
 
 
 
 
 
 
 
 
 
 
 
420
  case strncmp($value, 'http://', 7) === 0:
421
  case strncmp($value, 'https://', 7) === 0:
422
  return '<a href="' . esc_html($value) . '"' . ' title="' . esc_html($value) . '"' . ' target="_blank">' . esc_html($value) . '</a>';
43
  public function extra_tablenav($which)
44
  {
45
  // items-per-page widget
 
46
  $p = $this->_plugin->settings->GetViewPerPage();
47
+ $items = array(5, 10, 15, 30, 50);
48
  if (!in_array($p, $items)) $items[] = $p;
 
49
 
50
  ?><div class="wsal-ipp wsal-ipp-<?php echo $which; ?>">
51
  <?php _e('Show ', 'wp-security-audit-log'); ?>
139
  $cols = array(
140
  //'cb' => '<input type="checkbox" />',
141
  //'read' => __('Read', 'wp-security-audit-log'),
142
+ 'type' => __( 'Alert ID', 'wp-security-audit-log' ),
143
  'code' => __( 'Type', 'wp-security-audit-log' ),
144
  'crtd' => __( 'Date', 'wp-security-audit-log' ),
145
  'user' => $name_column,
156
  foreach ( $sel_columns as $key => $value ) {
157
  switch ( $key ) {
158
  case 'alert_code':
159
+ $cols['type'] = __( 'Alert ID', 'wp-security-audit-log' );
160
  break;
161
  case 'type':
162
  $cols['code'] = __( 'Type', 'wp-security-audit-log' );
214
  . ($item->is_read ? 'old' : 'new')
215
  . '" title="' . __('Click to toggle.', 'wp-security-audit-log') . '"></span>';
216
  case 'type':
217
+ $code = $this->_plugin->alerts->GetAlert( $item->alert_id );
218
+ $extra_msg = '';
219
+ $data_link = '';
220
+ $modification_alerts = array( 1002, 1003, 6007, 6023 );
221
+ if ( in_array( $item->alert_id, $modification_alerts, true ) ) {
222
+ $extra_msg = '. Modify this alert.';
223
+ if ( 1002 === $item->alert_id || 1003 === $item->alert_id ) {
224
+ $data_link = add_query_arg( 'page', 'wsal-togglealerts#tab-users-profiles---activity', admin_url( 'admin.php' ) );
225
+ } elseif ( 6007 === $item->alert_id || 6023 === $item->alert_id ) {
226
+ $data_link = add_query_arg( 'page', 'wsal-togglealerts#tab-system-activity', admin_url( 'admin.php' ) );
227
+ }
228
+ }
229
+ return '<span class="log-disable" data-tooltip="' . __( 'Disable this type of alerts.', 'wp-security-audit-log' ) . '<br>' . $item->alert_id . ' - ' . esc_html( $code->desc ) . $extra_msg . '" data-alert-id="' . $item->alert_id . '" ' . esc_attr( 'data-link=' . $data_link ) . ' >'
230
  . str_pad($item->alert_id, 4, '0', STR_PAD_LEFT) . ' </span>';
231
  case 'code':
232
  $code = $this->_plugin->alerts->GetAlert($item->alert_id);
401
  case $name == '%CategoryLink%':
402
  return ' <a target="_blank" href="'.esc_url($value).'">View the category</a>';
403
 
404
+ case $name == '%TagLink%':
405
+ return ' <a target="_blank" href="'.esc_url($value).'">View the tag</a>';
406
+
407
  case $name == '%EditorLinkForum%':
408
  return ' <a target="_blank" href="'.esc_url($value).'">View the forum</a>';
409
 
429
  return 'Click <a href="'.esc_url(admin_url("admin.php?page=wsal-togglealerts#tab-system-activity")).'">here</a> to log such requests to file';
430
  }
431
 
432
+ case '%LogFileLink%' === $name:
433
+ if ( ! empty( $value ) && 'on' === $this->_plugin->GetGlobalOption( 'log-visitor-failed-login' ) ) {
434
+ return '<a href="' . esc_url( $value ) . '" download>Download the Log file</a>';
435
+ } elseif ( ! empty( $value ) ) {
436
+ return '<a href="' . esc_url( $value ) . '">Keep a record of the usernames</a>';
437
+ }
438
+ // Failed login file link.
439
+ case '%LogFileText%' === $name:
440
+ return esc_html( $value );
441
+ // Failed login file text.
442
  case strncmp($value, 'http://', 7) === 0:
443
  case strncmp($value, 'https://', 7) === 0:
444
  return '<a href="' . esc_html($value) . '"' . ' title="' . esc_html($value) . '"' . ' target="_blank">' . esc_html($value) . '</a>';
classes/Sensors/Content.php CHANGED
@@ -77,6 +77,13 @@
77
  * 2088 User changed title of a custom post type
78
  * 2104 User opened a custom post type in the editor
79
  * 2105 User viewed a custom post type
 
 
 
 
 
 
 
80
  */
81
  class WSAL_Sensors_Content extends WSAL_AbstractSensor {
82
  /**
@@ -94,6 +101,13 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
94
  */
95
  protected $_OldCats = null;
96
 
 
 
 
 
 
 
 
97
  /**
98
  * @var string old path to file
99
  */
@@ -119,11 +133,68 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
119
  add_action('edit_category', array($this, 'EventChangedCategoryParent'));
120
  add_action('save_post', array($this, 'SetRevisionLink'), 10, 3);
121
  add_action('publish_future_post', array($this, 'EventPublishFuture'), 10, 1);
122
- // to do change with 'create_term' instead 'create_category' for trigger Tags
123
  add_action('create_category', array($this, 'EventCategoryCreation'), 10, 1);
 
124
 
125
  add_action( 'wp_head', array( $this, 'ViewingPost' ), 10 );
126
  add_filter('post_edit_form_tag', array($this, 'EditingPost'), 10, 1);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
127
  }
128
 
129
  /**
@@ -155,6 +226,9 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
155
  $this->RetrieveOldData();
156
  // check for category changes
157
  $this->CheckCategoryDeletion();
 
 
 
158
  }
159
 
160
  /**
@@ -172,6 +246,7 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
172
  $this->_OldLink = get_permalink($postID);
173
  $this->_OldTmpl = $this->GetPostTemplate($this->_OldPost);
174
  $this->_OldCats = $this->GetPostCategories($this->_OldPost);
 
175
  $this->_OldStky = in_array($postID, get_option('sticky_posts'));
176
  }
177
  }
@@ -212,6 +287,16 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
212
  return wp_get_post_categories($post->ID, array('fields' => 'names'));
213
  }
214
 
 
 
 
 
 
 
 
 
 
 
215
  /**
216
  * Check all the post changes.
217
  * @param string $newStatus new status
@@ -255,8 +340,8 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
255
  + $this->CheckStickyChange($this->_OldStky, isset($_REQUEST['sticky']), $post)
256
  + $this->CheckVisibilityChange($this->_OldPost, $post, $oldStatus, $newStatus)
257
  + $this->CheckTemplateChange($this->_OldTmpl, $this->GetPostTemplate($post), $post)
258
- + $this->CheckCategoriesChange($this->_OldCats, $this->GetPostCategories($post), $post)
259
- ;
260
 
261
  if (!$changes) {
262
  $changes = $this->CheckDateChange($this->_OldPost, $post);
@@ -495,6 +580,64 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
495
  }
496
  }
497
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
498
  /**
499
  * Author changed.
500
  * @param stdClass $oldPost old post
@@ -766,6 +909,21 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
766
  ));
767
  }
768
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
769
  /**
770
  * Category deleted.
771
  * @global array $_POST post data
@@ -786,7 +944,9 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
786
  if (isset($_POST['taxonomy'])) {
787
  if ($action == 'delete' && $_POST['taxonomy'] == 'category' && !empty($_POST['delete_tags'])) {
788
  // bulk delete
789
- $categoryIds[] = $_POST['delete_tags'];
 
 
790
  } elseif ($action == 'delete-tag' && $_POST['taxonomy'] == 'category' && !empty($_POST['tag_ID'])) {
791
  // single delete
792
  $categoryIds[] = $_POST['tag_ID'];
@@ -803,6 +963,58 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
803
  }
804
  }
805
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
806
  /**
807
  * Changed the parent of the category.
808
  * @global array $_POST post data
@@ -885,6 +1097,20 @@ class WSAL_Sensors_Content extends WSAL_AbstractSensor {
885
  }
886
  }
887
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
888
  /**
889
  * Ignore post from BBPress, WooCommerce Plugin
890
  * Triggered on the Sensors
77
  * 2088 User changed title of a custom post type
78
  * 2104 User opened a custom post type in the editor
79
  * 2105 User viewed a custom post type
80
+ * 2119 User added blog post tag
81
+ * 2120 User removed blog post tag
82
+ * 2121 User created new tag
83
+ * 2122 User deleted tag
84
+ * 2123 User renamed tag
85
+ * 2124 User changed tag slug
86
+ * 2125 User changed tag description
87
  */
88
  class WSAL_Sensors_Content extends WSAL_AbstractSensor {
89
  /**
101
  */
102
  protected $_OldCats = null;
103
 
104
+ /**
105
+ * Old tags.
106
+ *
107
+ * @var array
108
+ */
109
+ protected $_old_tags = null;
110
+
111
  /**
112
  * @var string old path to file
113
  */
133
  add_action('edit_category', array($this, 'EventChangedCategoryParent'));
134
  add_action('save_post', array($this, 'SetRevisionLink'), 10, 3);
135
  add_action('publish_future_post', array($this, 'EventPublishFuture'), 10, 1);
136
+
137
  add_action('create_category', array($this, 'EventCategoryCreation'), 10, 1);
138
+ add_action( 'create_post_tag', array( $this, 'EventTagCreation' ), 10, 1 );
139
 
140
  add_action( 'wp_head', array( $this, 'ViewingPost' ), 10 );
141
  add_filter('post_edit_form_tag', array($this, 'EditingPost'), 10, 1);
142
+
143
+ add_filter( 'wp_update_term_data', array( $this, 'event_terms_rename' ), 10, 4 );
144
+ }
145
+
146
+ /**
147
+ * Method: Triggered when terms are renamed.
148
+ *
149
+ * @param array $data Term data to be updated.
150
+ * @param int $term_id Term ID.
151
+ * @param string $taxonomy Taxonomy slug.
152
+ * @param array $args Arguments passed to wp_update_term().
153
+ * @since 2.6.9
154
+ */
155
+ public function event_terms_rename( $data, $term_id, $taxonomy, $args ) {
156
+
157
+ // Check if the taxonomy is term.
158
+ if ( 'post_tag' !== $taxonomy ) {
159
+ return $data;
160
+ }
161
+
162
+ // Get data.
163
+ $new_name = ( isset( $data['name'] ) ) ? $data['name'] : false;
164
+ $new_slug = ( isset( $data['slug'] ) ) ? $data['slug'] : false;
165
+ $new_desc = ( isset( $args['description'] ) ) ? $args['description'] : false;
166
+
167
+ // Get old data.
168
+ $term = get_term( $term_id, $taxonomy );
169
+ $old_name = $term->name;
170
+ $old_slug = $term->slug;
171
+ $old_desc = $term->description;
172
+
173
+ // Update if both names are not same.
174
+ if ( $old_name !== $new_name ) {
175
+ $this->plugin->alerts->Trigger( 2123, array(
176
+ 'old_name' => $old_name,
177
+ 'new_name' => $new_name,
178
+ ) );
179
+ }
180
+
181
+ // Update if both slugs are not same.
182
+ if ( $old_slug !== $new_slug ) {
183
+ $this->plugin->alerts->Trigger( 2124, array(
184
+ 'tag' => $new_name,
185
+ 'old_slug' => $old_slug,
186
+ 'new_slug' => $new_slug,
187
+ ) );
188
+ }
189
+
190
+ // Update if both descriptions are not same.
191
+ if ( $old_desc !== $new_desc ) {
192
+ $this->plugin->alerts->Trigger( 2125, array(
193
+ 'tag' => $new_name,
194
+ ) );
195
+ }
196
+ return $data;
197
+
198
  }
199
 
200
  /**
226
  $this->RetrieveOldData();
227
  // check for category changes
228
  $this->CheckCategoryDeletion();
229
+
230
+ // Check for tag changes.
231
+ $this->check_tag_deletion();
232
  }
233
 
234
  /**
246
  $this->_OldLink = get_permalink($postID);
247
  $this->_OldTmpl = $this->GetPostTemplate($this->_OldPost);
248
  $this->_OldCats = $this->GetPostCategories($this->_OldPost);
249
+ $this->_old_tags = $this->get_post_tags( $this->_OldPost );
250
  $this->_OldStky = in_array($postID, get_option('sticky_posts'));
251
  }
252
  }
287
  return wp_get_post_categories($post->ID, array('fields' => 'names'));
288
  }
289
 
290
+ /**
291
+ * Get post tags (array of tag names).
292
+ *
293
+ * @param stdClass $post - The post.
294
+ * @return array list of categories
295
+ */
296
+ protected function get_post_tags( $post ) {
297
+ return wp_get_post_tags( $post->ID, array( 'fields' => 'names' ) );
298
+ }
299
+
300
  /**
301
  * Check all the post changes.
302
  * @param string $newStatus new status
340
  + $this->CheckStickyChange($this->_OldStky, isset($_REQUEST['sticky']), $post)
341
  + $this->CheckVisibilityChange($this->_OldPost, $post, $oldStatus, $newStatus)
342
  + $this->CheckTemplateChange($this->_OldTmpl, $this->GetPostTemplate($post), $post)
343
+ + $this->CheckCategoriesChange($this->_OldCats, $this->GetPostCategories($post), $post);
344
+ $this->check_tags_change( $this->_old_tags, $this->get_post_tags( $post ), $post );
345
 
346
  if (!$changes) {
347
  $changes = $this->CheckDateChange($this->_OldPost, $post);
580
  }
581
  }
582
 
583
+ /**
584
+ * Tags changed.
585
+ *
586
+ * @param array $old_tags - Old tags.
587
+ * @param array $new_tags - New tags.
588
+ * @param stdClass $post - The post.
589
+ */
590
+ protected function check_tags_change( $old_tags, $new_tags, $post ) {
591
+ // Check for added tags.
592
+ $added_tags = array_diff( $new_tags, $old_tags );
593
+
594
+ // Check for removed tags.
595
+ $removed_tags = array_diff( $old_tags, $new_tags );
596
+
597
+ // Convert tags arrays to string.
598
+ $old_tags = implode( ', ', $old_tags );
599
+ $new_tags = implode( ', ', $new_tags );
600
+ $added_tags = implode( ', ', $added_tags );
601
+ $removed_tags = implode( ', ', $removed_tags );
602
+
603
+ // Declare event variables.
604
+ $add_event = '';
605
+ $remove_event = '';
606
+ if ( $old_tags !== $new_tags && ! empty( $added_tags ) ) {
607
+ $add_event = $this->GetEventTypeForPostType( $post, 2119, 0, 0 );
608
+ if ( $add_event ) {
609
+ $editor_link = $this->GetEditorLink( $post );
610
+ $post_status = ( 'publish' === $post->post_status ) ? 'published' : $this->post_status;
611
+ $this->plugin->alerts->Trigger( $add_event, array(
612
+ 'PostID' => $post->ID,
613
+ 'status' => $post_status,
614
+ 'post_title' => $post->post_title,
615
+ 'tag' => $added_tags ? $added_tags : 'no tags',
616
+ $editor_link['name'] => $editor_link['value'],
617
+ ) );
618
+ }
619
+ }
620
+
621
+ if ( $old_tags !== $new_tags && ! empty( $removed_tags ) ) {
622
+ $remove_event = $this->GetEventTypeForPostType( $post, 2120, 0, 0 );
623
+ if ( $remove_event ) {
624
+ $editor_link = $this->GetEditorLink( $post );
625
+ $post_status = ( 'publish' === $post->post_status ) ? 'published' : $this->post_status;
626
+ $this->plugin->alerts->Trigger( $remove_event, array(
627
+ 'PostID' => $post->ID,
628
+ 'status' => $post_status,
629
+ 'post_title' => $post->post_title,
630
+ 'tag' => $removed_tags ? $removed_tags : 'no tags',
631
+ $editor_link['name'] => $editor_link['value'],
632
+ ) );
633
+ }
634
+ }
635
+
636
+ if ( $add_event || $remove_event ) {
637
+ return 1;
638
+ }
639
+ }
640
+
641
  /**
642
  * Author changed.
643
  * @param stdClass $oldPost old post
909
  ));
910
  }
911
 
912
+ /**
913
+ * New tag created.
914
+ *
915
+ * @param int $tag_id - Tag ID.
916
+ */
917
+ public function EventTagCreation( $tag_id ) {
918
+ $tag = get_tag( $tag_id );
919
+ $tag_link = $this->get_tag_link( $tag_id );
920
+ $this->plugin->alerts->Trigger( 2121, array(
921
+ 'TagName' => $tag->name,
922
+ 'Slug' => $tag->slug,
923
+ 'TagLink' => $tag_link,
924
+ ) );
925
+ }
926
+
927
  /**
928
  * Category deleted.
929
  * @global array $_POST post data
944
  if (isset($_POST['taxonomy'])) {
945
  if ($action == 'delete' && $_POST['taxonomy'] == 'category' && !empty($_POST['delete_tags'])) {
946
  // bulk delete
947
+ foreach ( $_POST['delete_tags'] as $delete_tag ) {
948
+ $categoryIds[] = $delete_tag;
949
+ }
950
  } elseif ($action == 'delete-tag' && $_POST['taxonomy'] == 'category' && !empty($_POST['tag_ID'])) {
951
  // single delete
952
  $categoryIds[] = $_POST['tag_ID'];
963
  }
964
  }
965
 
966
+ /**
967
+ * Tag deleted.
968
+ *
969
+ * @global array $_POST - Post data
970
+ */
971
+ protected function check_tag_deletion() {
972
+
973
+ // Filter global post array for security.
974
+ $post_array = filter_input_array( INPUT_POST );
975
+
976
+ // If post array is empty then return.
977
+ if ( empty( $post_array ) ) {
978
+ return;
979
+ }
980
+
981
+ // Check for action.
982
+ $action = ! empty( $post_array['action'] ) ? $post_array['action']
983
+ : ( ! empty( $post_array['action2'] ) ? $post_array['action2'] : '' );
984
+ if ( ! $action ) {
985
+ return;
986
+ }
987
+
988
+ $tag_ids = array();
989
+
990
+ if ( isset( $post_array['taxonomy'] ) ) {
991
+ if ( 'delete' === $action
992
+ && 'post_tag' === $post_array['taxonomy']
993
+ && ! empty( $post_array['delete_tags'] )
994
+ && wp_verify_nonce( $post_array['_wpnonce'], 'bulk-tags' ) ) {
995
+ // Bulk delete.
996
+ foreach ( $post_array['delete_tags'] as $delete_tag ) {
997
+ $tag_ids[] = $delete_tag;
998
+ }
999
+ } elseif ( 'delete-tag' === $action
1000
+ && 'post_tag' === $post_array['taxonomy']
1001
+ && ! empty( $post_array['tag_ID']
1002
+ && wp_verify_nonce( $post_array['_wpnonce'], 'delete-tag_' . $post_array['tag_ID'] ) ) ) {
1003
+ // Single delete.
1004
+ $tag_ids[] = $post_array['tag_ID'];
1005
+ }
1006
+ }
1007
+
1008
+ foreach ( $tag_ids as $tag_id ) {
1009
+ $tag = get_tag( $tag_id );
1010
+ $this->plugin->alerts->Trigger( 2122, array(
1011
+ 'TagID' => $tag_id,
1012
+ 'TagName' => $tag->name,
1013
+ 'Slug' => $tag->slug,
1014
+ ) );
1015
+ }
1016
+ }
1017
+
1018
  /**
1019
  * Changed the parent of the category.
1020
  * @global array $_POST post data
1097
  }
1098
  }
1099
 
1100
+ /**
1101
+ * Builds tag link.
1102
+ *
1103
+ * @param integer $tag_id - Tag ID.
1104
+ * @return string|null link
1105
+ */
1106
+ private function get_tag_link( $tag_id ) {
1107
+ if ( ! empty( $tag_id ) ) {
1108
+ return admin_url( 'term.php?taxnomy=post_tag&tag_ID=' . $tag_id );
1109
+ } else {
1110
+ return null;
1111
+ }
1112
+ }
1113
+
1114
  /**
1115
  * Ignore post from BBPress, WooCommerce Plugin
1116
  * Triggered on the Sensors
classes/Sensors/LogInOut.php CHANGED
@@ -36,8 +36,15 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
36
  add_action('wp_login_failed', array($this, 'EventLoginFailure'));
37
  add_action('clear_auth_cookie', array($this, 'GetCurrentUser'), 10);
38
  add_filter('wp_login_blocked', array($this, 'EventLoginBlocked'), 10, 1);
 
 
 
 
 
 
 
39
  }
40
-
41
  /**
42
  * Sets current user.
43
  */
@@ -45,7 +52,7 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
45
  {
46
  $this->_current_user = wp_get_current_user();
47
  }
48
-
49
  /**
50
  * Event Login.
51
  */
@@ -63,7 +70,7 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
63
  'CurrentUserRoles' => $userRoles,
64
  ), true);
65
  }
66
-
67
  /**
68
  * Event Logout.
69
  */
@@ -76,16 +83,25 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
76
  ), true);
77
  }
78
  }
79
-
80
  /**
81
  * Login failure limit count.
82
- * @return integer limit
 
83
  */
84
- protected function GetLoginFailureLogLimit()
85
- {
86
- return 10;
87
  }
88
-
 
 
 
 
 
 
 
 
 
89
  /**
90
  * Expiration of the transient saved in the WP database.
91
  * @return integer Time until expiration in seconds from now
@@ -94,7 +110,7 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
94
  {
95
  return 12 * 60 * 60;
96
  }
97
-
98
  /**
99
  * Check failure limit.
100
  * @param string $ip IP address
@@ -105,15 +121,23 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
105
  protected function IsPastLoginFailureLimit($ip, $site_id, $user)
106
  {
107
  $get_fn = $this->IsMultisite() ? 'get_site_transient' : 'get_transient';
108
- if ($user) {
109
- $dataKnown = $get_fn(self::TRANSIENT_FAILEDLOGINS);
110
- return ($dataKnown !== false) && isset($dataKnown[$site_id.":".$user->ID.":".$ip]) && ($dataKnown[$site_id.":".$user->ID.":".$ip] > $this->GetLoginFailureLogLimit());
 
 
 
 
111
  } else {
112
- $dataUnknown = $get_fn(self::TRANSIENT_FAILEDLOGINS_UNKNOWN);
113
- return ($dataUnknown !== false) && isset($dataUnknown[$site_id.":".$ip]) && ($dataUnknown[$site_id.":".$ip] > $this->GetLoginFailureLogLimit());
 
 
 
 
114
  }
115
  }
116
-
117
  /**
118
  * Increment failure limit.
119
  * @param string $ip IP address
@@ -146,7 +170,7 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
146
  $set_fn(self::TRANSIENT_FAILEDLOGINS_UNKNOWN, $dataUnknown, $this->GetLoginFailureExpiration());
147
  }
148
  }
149
-
150
  /**
151
  * Event Login failure.
152
  * @param string $username username
@@ -154,9 +178,9 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
154
  public function EventLoginFailure($username)
155
  {
156
  list($y, $m, $d) = explode('-', date('Y-m-d'));
157
-
158
  $ip = $this->plugin->settings->GetMainClientIP();
159
-
160
  $username = array_key_exists('log', $_POST) ? $_POST["log"] : $username;
161
  $newAlertCode = 1003;
162
  $user = get_user_by('login', $username);
@@ -178,8 +202,8 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
178
  return;
179
  }
180
 
181
- $objOcc = new WSAL_Models_Occurrence();
182
-
183
  if ($newAlertCode == 1002) {
184
  if (!$this->plugin->alerts->CheckEnableUserRoles($username, $userRoles)) {
185
  return;
@@ -195,17 +219,20 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
195
  )
196
  );
197
  $occ = count($occ) ? $occ[0] : null;
198
-
199
  if (!empty($occ)) {
200
  // update existing record exists user
201
  $this->IncrementLoginFailure($ip, $site_id, $user);
202
  $new = $occ->GetMetaValue('Attempts', 0) + 1;
203
-
204
- if ($new > $this->GetLoginFailureLogLimit()) {
 
205
  $new = $this->GetLoginFailureLogLimit() . '+';
206
  }
 
207
  $occ->UpdateMetaValue('Attempts', $new);
208
  $occ->UpdateMetaValue('Username', $username);
 
209
  //$occ->SetMetaValue('CurrentUserRoles', $userRoles);
210
  $occ->created_on = null;
211
  $occ->Save();
@@ -227,22 +254,45 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
227
  mktime(0, 0, 0, $m, $d + 1, $y) - 1
228
  )
229
  );
230
-
231
  $occUnknown = count($occUnknown) ? $occUnknown[0] : null;
232
  if (!empty($occUnknown)) {
233
  // update existing record not exists user
234
  $this->IncrementLoginFailure($ip, $site_id, false);
235
  $new = $occUnknown->GetMetaValue('Attempts', 0) + 1;
236
-
237
- if ($new > $this->GetLoginFailureLogLimit()) {
238
- $new = $this->GetLoginFailureLogLimit() . '+';
 
 
 
 
 
239
  }
 
240
  $occUnknown->UpdateMetaValue('Attempts', $new);
 
 
 
 
 
 
241
  $occUnknown->created_on = null;
242
  $occUnknown->Save();
243
  } else {
244
- // create a new record not exists user
245
- $this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1));
 
 
 
 
 
 
 
 
 
 
 
246
  }
247
  }
248
  }
@@ -279,4 +329,55 @@ class WSAL_Sensors_LogInOut extends WSAL_AbstractSensor
279
  'CurrentUserRoles' => $userRoles
280
  ), true);
281
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
282
  }
36
  add_action('wp_login_failed', array($this, 'EventLoginFailure'));
37
  add_action('clear_auth_cookie', array($this, 'GetCurrentUser'), 10);
38
  add_filter('wp_login_blocked', array($this, 'EventLoginBlocked'), 10, 1);
39
+
40
+ // Directory for logged in users log files.
41
+ $user_upload_dir = wp_upload_dir();
42
+ $user_upload_path = trailingslashit( $user_upload_dir['basedir'] . '/wp-security-audit-log/failed-logins/' );
43
+ if ( ! $this->CheckDirectory( $user_upload_path ) ) {
44
+ wp_mkdir_p( $user_upload_path );
45
+ }
46
  }
47
+
48
  /**
49
  * Sets current user.
50
  */
52
  {
53
  $this->_current_user = wp_get_current_user();
54
  }
55
+
56
  /**
57
  * Event Login.
58
  */
70
  'CurrentUserRoles' => $userRoles,
71
  ), true);
72
  }
73
+
74
  /**
75
  * Event Logout.
76
  */
83
  ), true);
84
  }
85
  }
86
+
87
  /**
88
  * Login failure limit count.
89
+ *
90
+ * @return int
91
  */
92
+ protected function GetLoginFailureLogLimit() {
93
+ return $this->plugin->settings->get_failed_login_limit();
 
94
  }
95
+
96
+ /**
97
+ * Non-existing Login failure limit count.
98
+ *
99
+ * @return int
100
+ */
101
+ protected function GetVisitorLoginFailureLogLimit() {
102
+ return $this->plugin->settings->get_visitor_failed_login_limit();
103
+ }
104
+
105
  /**
106
  * Expiration of the transient saved in the WP database.
107
  * @return integer Time until expiration in seconds from now
110
  {
111
  return 12 * 60 * 60;
112
  }
113
+
114
  /**
115
  * Check failure limit.
116
  * @param string $ip IP address
121
  protected function IsPastLoginFailureLimit($ip, $site_id, $user)
122
  {
123
  $get_fn = $this->IsMultisite() ? 'get_site_transient' : 'get_transient';
124
+ if ( $user ) {
125
+ if ( -1 === (int) $this->GetLoginFailureLogLimit() ) {
126
+ return false;
127
+ } else {
128
+ $dataKnown = $get_fn(self::TRANSIENT_FAILEDLOGINS);
129
+ return ($dataKnown !== false) && isset($dataKnown[$site_id.":".$user->ID.":".$ip]) && ($dataKnown[$site_id.":".$user->ID.":".$ip] >= $this->GetLoginFailureLogLimit());
130
+ }
131
  } else {
132
+ if ( -1 === (int) $this->GetVisitorLoginFailureLogLimit() ) {
133
+ return false;
134
+ } else {
135
+ $dataUnknown = $get_fn(self::TRANSIENT_FAILEDLOGINS_UNKNOWN);
136
+ return ($dataUnknown !== false) && isset($dataUnknown[$site_id.":".$ip]) && ($dataUnknown[$site_id.":".$ip] >= $this->GetVisitorLoginFailureLogLimit());
137
+ }
138
  }
139
  }
140
+
141
  /**
142
  * Increment failure limit.
143
  * @param string $ip IP address
170
  $set_fn(self::TRANSIENT_FAILEDLOGINS_UNKNOWN, $dataUnknown, $this->GetLoginFailureExpiration());
171
  }
172
  }
173
+
174
  /**
175
  * Event Login failure.
176
  * @param string $username username
178
  public function EventLoginFailure($username)
179
  {
180
  list($y, $m, $d) = explode('-', date('Y-m-d'));
181
+
182
  $ip = $this->plugin->settings->GetMainClientIP();
183
+
184
  $username = array_key_exists('log', $_POST) ? $_POST["log"] : $username;
185
  $newAlertCode = 1003;
186
  $user = get_user_by('login', $username);
202
  return;
203
  }
204
 
205
+ $objOcc = new WSAL_Models_Occurrence();
206
+
207
  if ($newAlertCode == 1002) {
208
  if (!$this->plugin->alerts->CheckEnableUserRoles($username, $userRoles)) {
209
  return;
219
  )
220
  );
221
  $occ = count($occ) ? $occ[0] : null;
222
+
223
  if (!empty($occ)) {
224
  // update existing record exists user
225
  $this->IncrementLoginFailure($ip, $site_id, $user);
226
  $new = $occ->GetMetaValue('Attempts', 0) + 1;
227
+
228
+ if ( -1 !== (int) $this->GetLoginFailureLogLimit()
229
+ && $new > $this->GetLoginFailureLogLimit() ) {
230
  $new = $this->GetLoginFailureLogLimit() . '+';
231
  }
232
+
233
  $occ->UpdateMetaValue('Attempts', $new);
234
  $occ->UpdateMetaValue('Username', $username);
235
+
236
  //$occ->SetMetaValue('CurrentUserRoles', $userRoles);
237
  $occ->created_on = null;
238
  $occ->Save();
254
  mktime(0, 0, 0, $m, $d + 1, $y) - 1
255
  )
256
  );
257
+
258
  $occUnknown = count($occUnknown) ? $occUnknown[0] : null;
259
  if (!empty($occUnknown)) {
260
  // update existing record not exists user
261
  $this->IncrementLoginFailure($ip, $site_id, false);
262
  $new = $occUnknown->GetMetaValue('Attempts', 0) + 1;
263
+
264
+ if ( 'on' === $this->plugin->GetGlobalOption( 'log-visitor-failed-login' ) ) {
265
+ $link_file = $this->WriteLog( $new, $username );
266
+ }
267
+
268
+ if ( -1 !== (int) $this->GetVisitorLoginFailureLogLimit()
269
+ && $new > $this->GetVisitorLoginFailureLogLimit() ) {
270
+ $new = $this->GetVisitorLoginFailureLogLimit() . '+';
271
  }
272
+
273
  $occUnknown->UpdateMetaValue('Attempts', $new);
274
+ if ( ! empty( $link_file ) && 'on' === $this->plugin->GetGlobalOption( 'log-visitor-failed-login' ) ) {
275
+ $occUnknown->UpdateMetaValue( 'LogFileLink', $link_file );
276
+ } else {
277
+ $link_file = site_url() . '/wp-admin/admin.php?page=wsal-togglealerts#tab-users-profiles---activity';
278
+ $occUnknown->UpdateMetaValue( 'LogFileLink', $link_file );
279
+ }
280
  $occUnknown->created_on = null;
281
  $occUnknown->Save();
282
  } else {
283
+ $link_file = site_url() . '/wp-admin/admin.php?page=wsal-togglealerts#tab-users-profiles---activity';
284
+ $log_file_text = ' in a log file';
285
+ if ( 'on' === $this->plugin->GetGlobalOption( 'log-visitor-failed-login' ) ) {
286
+ $link_file = $this->WriteLog( 1, $username );
287
+ $log_file_text = ' with the usernames used during these failed login attempts';
288
+ }
289
+
290
+ // Create a new record not exists user.
291
+ $this->plugin->alerts->Trigger( $newAlertCode, array(
292
+ 'Attempts' => 1,
293
+ 'LogFileLink' => $link_file,
294
+ 'LogFileText' => $log_file_text,
295
+ ) );
296
  }
297
  }
298
  }
329
  'CurrentUserRoles' => $userRoles
330
  ), true);
331
  }
332
+
333
+ /**
334
+ * Write log file.
335
+ *
336
+ * @param int $attempts - Number of attempt.
337
+ * @param string $username - Username.
338
+ * @author Ashar Irfan
339
+ * @since 2.6.9
340
+ */
341
+ private function WriteLog( $attempts, $username = '' ) {
342
+ $name_file = null;
343
+
344
+ // Create/Append to the log file.
345
+ $data = 'Attempts: ' . $attempts . ' — Username: ' . $username;
346
+
347
+ $upload_dir = wp_upload_dir();
348
+ $uploads_dir_path = trailingslashit( $upload_dir['basedir'] ) . 'wp-security-audit-log/failed-logins/';
349
+ $uploads_url = trailingslashit( $upload_dir['baseurl'] ) . 'wp-security-audit-log/failed-logins/';
350
+
351
+ // Check directory.
352
+ if ( $this->CheckDirectory( $uploads_dir_path ) ) {
353
+ $filename = 'failed_logins_usernames_' . date( 'Ymd' ) . '.log';
354
+ $fp = $uploads_dir_path . $filename;
355
+ $name_file = $uploads_url . $filename;
356
+ if ( ! $file = fopen( $fp, 'a' ) ) {
357
+ $i = 1;
358
+ $file_opened = false;
359
+ do {
360
+ $fp2 = substr( $fp, 0, -4 ) . '_' . $i . '.log';
361
+ if ( ! file_exists( $fp2 ) ) {
362
+ if ( $file = fopen( $fp2, 'a' ) ) {
363
+ $file_opened = true;
364
+ $name_file = $uploads_url . substr( $name_file, 0, -4 ) . '_' . $i . '.log';
365
+ }
366
+ } else {
367
+ $latest_filename = $this->GetLastModified( $uploads_dir_path, $filename );
368
+ $fp_last = $uploads_dir_path . $latest_filename;
369
+ if ( $file = fopen( $fp_last, 'a' ) ) {
370
+ $file_opened = true;
371
+ $name_file = $uploads_url . $latest_filename;
372
+ }
373
+ }
374
+ $i++;
375
+ } while ( ! $file_opened );
376
+ }
377
+ fwrite( $file, sprintf( "%s\n", $data ) );
378
+ fclose( $file );
379
+ }
380
+
381
+ return $name_file;
382
+ }
383
  }
classes/Sensors/MetaData.php CHANGED
@@ -14,6 +14,12 @@
14
  * 2055 User deleted a custom field from a post
15
  * 2058 User deleted a custom field from a custom post type
16
  * 2061 User deleted a custom field from a page
 
 
 
 
 
 
17
  *
18
  * @package Wsal
19
  * @subpackage Sensors
@@ -49,6 +55,7 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
49
  add_action( 'update_user_meta', array( $this, 'event_user_meta_updating' ), 10, 3 );
50
  add_action( 'updated_user_meta', array( $this, 'event_user_meta_updated' ), 10, 4 );
51
  add_action( 'user_register', array( $this, 'reset_null_meta_counter' ), 10 );
 
52
  }
53
 
54
  /**
@@ -434,10 +441,10 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
434
  /**
435
  * Updated a custom field name/value.
436
  *
437
- * @param int $meta_id - Meta ID.
438
- * @param int $object_id - Object ID.
439
  * @param string $meta_key - Meta key.
440
- * @param mix $meta_value - Meta value.
441
  */
442
  public function event_user_meta_updated( $meta_id, $object_id, $meta_key, $meta_value ) {
443
 
@@ -449,24 +456,90 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
449
  return;
450
  }
451
 
 
 
 
452
  // Get POST array.
453
  $post_array = $_POST;
454
 
455
  // If update action is set then trigger the alert.
456
  if ( isset( $post_array['action'] ) && 'update' == $post_array['action'] ) {
457
- if ( isset( $this->old_meta[ $meta_id ] ) ) {
458
  // Check change in meta value.
459
  if ( $this->old_meta[ $meta_id ]->val != $meta_value ) {
460
  $this->plugin->alerts->Trigger( 4015, array(
461
- 'TargetUsername' => $user->user_login,
462
  'custom_field_name' => $meta_key,
463
- 'new_value' => $meta_value,
464
- 'old_value' => $this->old_meta[ $meta_id ]->val,
465
  ) );
466
  }
467
  // Remove old meta update data.
468
  unset( $this->old_meta[ $meta_id ] );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
469
  }
470
  }
471
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
472
  }
14
  * 2055 User deleted a custom field from a post
15
  * 2058 User deleted a custom field from a custom post type
16
  * 2061 User deleted a custom field from a page
17
+ * 4015 User updated a custom field value for a user
18
+ * 4016 User created a custom field value for a user
19
+ * 4017 User changed first name for a user
20
+ * 4018 User changed last name for a user
21
+ * 4019 User changed nickname for a user
22
+ * 4020 User changed the display name for a user
23
  *
24
  * @package Wsal
25
  * @subpackage Sensors
55
  add_action( 'update_user_meta', array( $this, 'event_user_meta_updating' ), 10, 3 );
56
  add_action( 'updated_user_meta', array( $this, 'event_user_meta_updated' ), 10, 4 );
57
  add_action( 'user_register', array( $this, 'reset_null_meta_counter' ), 10 );
58
+ add_action( 'profile_update', array( $this, 'event_userdata_updated' ), 10, 2 );
59
  }
60
 
61
  /**
441
  /**
442
  * Updated a custom field name/value.
443
  *
444
+ * @param int $meta_id - Meta ID.
445
+ * @param int $object_id - Object ID.
446
  * @param string $meta_key - Meta key.
447
+ * @param mix $meta_value - Meta value.
448
  */
449
  public function event_user_meta_updated( $meta_id, $object_id, $meta_key, $meta_value ) {
450
 
456
  return;
457
  }
458
 
459
+ // User profile name related meta.
460
+ $username_meta = array( 'first_name', 'last_name', 'nickname' );
461
+
462
  // Get POST array.
463
  $post_array = $_POST;
464
 
465
  // If update action is set then trigger the alert.
466
  if ( isset( $post_array['action'] ) && 'update' == $post_array['action'] ) {
467
+ if ( isset( $this->old_meta[ $meta_id ] ) && ! in_array( $meta_key, $username_meta, true ) ) {
468
  // Check change in meta value.
469
  if ( $this->old_meta[ $meta_id ]->val != $meta_value ) {
470
  $this->plugin->alerts->Trigger( 4015, array(
471
+ 'TargetUsername' => $user->user_login,
472
  'custom_field_name' => $meta_key,
473
+ 'new_value' => $meta_value,
474
+ 'old_value' => $this->old_meta[ $meta_id ]->val,
475
  ) );
476
  }
477
  // Remove old meta update data.
478
  unset( $this->old_meta[ $meta_id ] );
479
+ } elseif ( isset( $this->old_meta[ $meta_id ] ) && in_array( $meta_key, $username_meta, true ) ) {
480
+ // Detect the alert based on meta key.
481
+ switch ( $meta_key ) {
482
+ case 'first_name':
483
+ if ( $this->old_meta[ $meta_id ]->val != $meta_value ) {
484
+ $this->plugin->alerts->Trigger( 4017, array(
485
+ 'TargetUsername' => $user->user_login,
486
+ 'new_firstname' => $meta_value,
487
+ 'old_firstname' => $this->old_meta[ $meta_id ]->val,
488
+ ) );
489
+ }
490
+ break;
491
+
492
+ case 'last_name':
493
+ if ( $this->old_meta[ $meta_id ]->val != $meta_value ) {
494
+ $this->plugin->alerts->Trigger( 4018, array(
495
+ 'TargetUsername' => $user->user_login,
496
+ 'new_lastname' => $meta_value,
497
+ 'old_lastname' => $this->old_meta[ $meta_id ]->val,
498
+ ) );
499
+ }
500
+ break;
501
+
502
+ case 'nickname':
503
+ if ( $this->old_meta[ $meta_id ]->val != $meta_value ) {
504
+ $this->plugin->alerts->Trigger( 4019, array(
505
+ 'TargetUsername' => $user->user_login,
506
+ 'new_nickname' => $meta_value,
507
+ 'old_nickname' => $this->old_meta[ $meta_id ]->val,
508
+ ) );
509
+ }
510
+ break;
511
+
512
+ default:
513
+ break;
514
+ }
515
  }
516
  }
517
  }
518
+
519
+ /**
520
+ * Method: Updated user data.
521
+ *
522
+ * @param int $user_id User ID.
523
+ * @param object $old_user_data Object containing user's data prior to update.
524
+ * @since 2.6.9
525
+ */
526
+ public function event_userdata_updated( $user_id, $old_user_data ) {
527
+
528
+ // Get user display name.
529
+ $old_display_name = $old_user_data->display_name;
530
+
531
+ // Get user's current data.
532
+ $new_userdata = get_userdata( $user_id );
533
+ $new_display_name = $new_userdata->display_name;
534
+
535
+ // Alert if display name is changed.
536
+ if ( $old_display_name !== $new_display_name ) {
537
+ $this->plugin->alerts->Trigger( 4020, array(
538
+ 'TargetUsername' => $new_userdata->user_login,
539
+ 'new_displayname' => $new_display_name,
540
+ 'old_displayname' => $old_display_name,
541
+ ) );
542
+ }
543
+
544
+ }
545
  }
classes/Sensors/System.php CHANGED
@@ -611,8 +611,20 @@ class WSAL_Sensors_System extends WSAL_AbstractSensor {
611
  if ( 'on' == $this->plugin->GetGlobalOption( 'log-404', 'off' ) ) {
612
  // Request URL.
613
  $url = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
614
- // Create/Append to the log file.
615
- $data = 'Attempts: ' . $attempts . ' - Request URL: ' . $url;
 
 
 
 
 
 
 
 
 
 
 
 
616
  if ( ! is_user_logged_in() ) {
617
  $username = '';
618
  } else {
@@ -660,8 +672,20 @@ class WSAL_Sensors_System extends WSAL_AbstractSensor {
660
  if ( 'on' == $this->plugin->GetGlobalOption( 'log-visitor-404', 'off' ) ) {
661
  // Request URL.
662
  $url = $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI'];
663
- // Create/Append to the log file.
664
- $data = 'Attempts: ' . $attempts . ' - Request URL: ' . $url;
 
 
 
 
 
 
 
 
 
 
 
 
665
  $username = '';
666
 
667
  if ( '127.0.0.1' == $ip || '::1' == $ip ) {
611
  if ( 'on' == $this->plugin->GetGlobalOption( 'log-404', 'off' ) ) {
612
  // Request URL.
613
  $url = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
614
+
615
+ // Get option to log referrer.
616
+ $log_referrer = $this->plugin->GetGlobalOption( 'log-404-referrer' );
617
+
618
+ if ( 'on' === $log_referrer ) {
619
+ // Get the referer.
620
+ $referrer = ( isset( $_SERVER['HTTP_REFERER'] ) ) ? $_SERVER['HTTP_REFERER'] : false;
621
+ // Create/Append to the log file.
622
+ $data = 'Request URL ' . $url . ' Referer ' . $referrer . ',';
623
+ } else {
624
+ // Create/Append to the log file.
625
+ $data = 'Request URL ' . $url . ',';
626
+ }
627
+
628
  if ( ! is_user_logged_in() ) {
629
  $username = '';
630
  } else {
672
  if ( 'on' == $this->plugin->GetGlobalOption( 'log-visitor-404', 'off' ) ) {
673
  // Request URL.
674
  $url = $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI'];
675
+
676
+ // Get option to log referrer.
677
+ $log_referrer = $this->plugin->GetGlobalOption( 'log-visitor-404-referrer' );
678
+
679
+ if ( 'on' === $log_referrer ) {
680
+ // Get the referer.
681
+ $referrer = ( isset( $_SERVER['HTTP_REFERER'] ) ) ? $_SERVER['HTTP_REFERER'] : false;
682
+ // Create/Append to the log file.
683
+ $data = 'Request URL ' . $url . ' Referer ' . $referrer . ',';
684
+ } else {
685
+ // Create/Append to the log file.
686
+ $data = 'Request URL ' . $url . ',';
687
+ }
688
+
689
  $username = '';
690
 
691
  if ( '127.0.0.1' == $ip || '::1' == $ip ) {
classes/Sensors/UserProfile.php CHANGED
@@ -74,12 +74,12 @@ class WSAL_Sensors_UserProfile extends WSAL_AbstractSensor
74
  if (is_array($oldRoles)) {
75
  foreach ($oldRoles as $value) {
76
  if (in_array($value, $aBbpRoles)) {
77
- if ($_POST['bbp-forums-role'] != $value) {
78
  $current_user = wp_get_current_user();
79
  $this->plugin->alerts->TriggerIf(4013, array(
80
  'TargetUsername' => $user->user_login,
81
  'OldRole' => ucfirst(substr($value, 4)),
82
- 'NewRole' => ucfirst(substr($_POST['bbp-forums-role'], 4)),
83
  'UserChanger' => $current_user->user_login
84
  ));
85
  }
74
  if (is_array($oldRoles)) {
75
  foreach ($oldRoles as $value) {
76
  if (in_array($value, $aBbpRoles)) {
77
+ if ( isset( $_POST['bbp-forums-role'] ) && $_POST['bbp-forums-role'] != $value ) {
78
  $current_user = wp_get_current_user();
79
  $this->plugin->alerts->TriggerIf(4013, array(
80
  'TargetUsername' => $user->user_login,
81
  'OldRole' => ucfirst(substr($value, 4)),
82
+ 'NewRole' => ( isset( $_POST['bbp-forums-role'] ) ) ? ucfirst(substr($_POST['bbp-forums-role'], 4)) : false,
83
  'UserChanger' => $current_user->user_login
84
  ));
85
  }
classes/Settings.php CHANGED
@@ -963,6 +963,52 @@ class WSAL_Settings
963
  return $this->_plugin->GetGlobalOption( 'log-visitor-404-limit', 99 );
964
  }
965
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
966
  /*============================== Support Archive Database ==============================*/
967
 
968
  public function IsArchivingEnabled()
963
  return $this->_plugin->GetGlobalOption( 'log-visitor-404-limit', 99 );
964
  }
965
 
966
+ /**
967
+ * Sets the log limit for failed login attempts.
968
+ *
969
+ * @param int $value - Failed login limit.
970
+ * @since 2.6.3
971
+ */
972
+ public function set_failed_login_limit( $value ) {
973
+ if ( ! empty( $value ) ) {
974
+ return $this->_plugin->SetGlobalOption( 'log-failed-login-limit', abs( $value ) );
975
+ } else {
976
+ return $this->_plugin->SetGlobalOption( 'log-failed-login-limit', -1 );
977
+ }
978
+ }
979
+
980
+ /**
981
+ * Get the log limit for failed login attempts.
982
+ *
983
+ * @since 2.6.3
984
+ */
985
+ public function get_failed_login_limit() {
986
+ return $this->_plugin->GetGlobalOption( 'log-failed-login-limit', 10 );
987
+ }
988
+
989
+ /**
990
+ * Sets the log limit for failed login attempts for visitor.
991
+ *
992
+ * @param int $value - Failed login limit.
993
+ * @since 2.6.3
994
+ */
995
+ public function set_visitor_failed_login_limit( $value ) {
996
+ if ( ! empty( $value ) ) {
997
+ return $this->_plugin->SetGlobalOption( 'log-visitor-failed-login-limit', abs( $value ) );
998
+ } else {
999
+ return $this->_plugin->SetGlobalOption( 'log-visitor-failed-login-limit', -1 );
1000
+ }
1001
+ }
1002
+
1003
+ /**
1004
+ * Get the log limit for failed login attempts for visitor.
1005
+ *
1006
+ * @since 2.6.3
1007
+ */
1008
+ public function get_visitor_failed_login_limit() {
1009
+ return $this->_plugin->GetGlobalOption( 'log-visitor-failed-login-limit', 10 );
1010
+ }
1011
+
1012
  /*============================== Support Archive Database ==============================*/
1013
 
1014
  public function IsArchivingEnabled()
classes/Views/Settings.php CHANGED
@@ -547,7 +547,11 @@ class WSAL_Views_Settings extends WSAL_AbstractView {
547
  <?php foreach ($columns as $key => $value) { ?>
548
  <label for="columns">
549
  <input type="checkbox" name="Columns[<?php echo $key; ?>]" id="<?php echo $key; ?>" class="sel-columns" style="margin-top: 2px;" <?php if ($value == '1') echo 'checked="checked"'; ?> value="1">
550
- <span><?php echo ucwords(str_replace("_", " ", $key)); ?></span>
 
 
 
 
551
  </label>
552
  <br/>
553
  <?php } ?>
547
  <?php foreach ($columns as $key => $value) { ?>
548
  <label for="columns">
549
  <input type="checkbox" name="Columns[<?php echo $key; ?>]" id="<?php echo $key; ?>" class="sel-columns" style="margin-top: 2px;" <?php if ($value == '1') echo 'checked="checked"'; ?> value="1">
550
+ <?php if ( 'alert_code' !== $key ) : ?>
551
+ <span><?php echo ucwords(str_replace("_", " ", $key)); ?></span>
552
+ <?php else : ?>
553
+ <span><?php echo ucwords(str_replace('_code', ' ID', $key)); ?></span>
554
+ <?php endif; ?>
555
  </label>
556
  <br/>
557
  <?php } ?>
classes/Views/ToggleAlerts.php CHANGED
@@ -59,12 +59,19 @@ class WSAL_Views_ToggleAlerts extends WSAL_AbstractView
59
  }
60
  $this->_plugin->SetGlobalOption('log-404', isset($_REQUEST['log_404']) ? 'on' : 'off');
61
  $this->_plugin->SetGlobalOption('purge-404-log', isset($_REQUEST['purge_log']) ? 'on' : 'off');
 
62
 
63
  $this->_plugin->SetGlobalOption( 'log-visitor-404', isset( $_REQUEST['log_visitor_404'] ) ? 'on' : 'off' );
64
  $this->_plugin->SetGlobalOption( 'purge-visitor-404-log', isset( $_REQUEST['purge_visitor_log'] ) ? 'on' : 'off' );
 
65
 
66
  $this->_plugin->settings->Set404LogLimit( $_REQUEST['user_404Limit'] );
67
  $this->_plugin->settings->SetVisitor404LogLimit( $_REQUEST['visitor_404Limit'] );
 
 
 
 
 
68
  }
69
  ?><h2 id="wsal-tabs" class="nav-tab-wrapper"><?php
70
  foreach ($safeNames as $name => $safe) {
@@ -133,11 +140,14 @@ class WSAL_Views_ToggleAlerts extends WSAL_AbstractView
133
  <td><?php echo str_pad($alert->type, 4, '0', STR_PAD_LEFT); ?></td>
134
  <td><?php echo $this->_plugin->constants->GetConstantBy('value', $alert->code)->name; ?></td>
135
  <td><?php echo esc_html($alert->desc); ?></td>
136
- </tr><?php
 
137
  if ($alert->type == 6007) {
138
  $log_404 = $this->_plugin->GetGlobalOption('log-404');
139
  $purge_log = $this->_plugin->GetGlobalOption('purge-404-log');
140
- ?><tr>
 
 
141
  <td></td>
142
  <td><input name="log_404" type="checkbox" class="check_log" value="1" <?php if ($log_404 == 'on') echo 'checked="checked"'; ?>></td>
143
  <td colspan="2"><?php _e('Capture 404 requests to file (the log file are created in the /wp-content/uploads/wp-security-audit-log/404s/ directory)', 'wp-security-audit-log'); ?></td>
@@ -150,21 +160,21 @@ class WSAL_Views_ToggleAlerts extends WSAL_AbstractView
150
  <tr>
151
  <td></td>
152
  <td colspan="1"><input type="number" id="user_404Limit" name="user_404Limit" value="<?php echo $this->_plugin->settings->Get404LogLimit(); ?>" /></td>
153
- <td colspan="2"><?php esc_html_e( 'Number of 404 Requests to Log', 'wp-security-audit-log' ); ?></td>
154
  </tr>
155
  <tr>
156
  <td></td>
157
- <td></td>
158
- <td colspan="2">
159
- <?php esc_html_e( 'By default the plugin keeps up to 99 requests to non-existing pages from the same IP address. Increase the value in this setting to the desired amount to keep a log of more or less requests.', 'wp-security-audit-log' ); ?><br />
160
- <?php esc_html_e( 'Note that by increasing this value to a high number, should your website be scanned the plugin will consume more resources to log all the requests.', 'wp-security-audit-log' ); ?>
161
- </td>
162
- </tr><?php
163
  }
164
  if ( 6023 == $alert->type ) {
165
  $log_visitor_404 = $this->_plugin->GetGlobalOption( 'log-visitor-404' );
166
  $purge_visitor_log = $this->_plugin->GetGlobalOption( 'purge-visitor-404-log' );
167
- ?><tr>
 
 
168
  <td></td>
169
  <td><input name="log_visitor_404" type="checkbox" class="check_visitor_log" value="1" <?php if ( 'on' == $log_visitor_404 ) echo 'checked="checked"'; ?>></td>
170
  <td colspan="2"><?php esc_html_e( 'Capture 404 requests to file (the log file are created in the /wp-content/uploads/wp-security-audit-log/404s/ directory)', 'wp-security-audit-log' ); ?></td>
@@ -177,16 +187,48 @@ class WSAL_Views_ToggleAlerts extends WSAL_AbstractView
177
  <tr>
178
  <td></td>
179
  <td colspan="1"><input type="number" id="visitor_404Limit" name="visitor_404Limit" value="<?php echo esc_attr( $this->_plugin->settings->GetVisitor404LogLimit() ); ?>" /></td>
180
- <td colspan="2"><?php esc_html_e( 'Number of 404 Requests to Log', 'wp-security-audit-log' ); ?></td>
181
  </tr>
182
  <tr>
183
  <td></td>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
184
  <td></td>
 
185
  <td colspan="2">
186
- <?php esc_html_e( 'By default the plugin keeps up to 99 requests to non-existing pages from the same IP address. Increase the value in this setting to the desired amount to keep a log of more or less requests.', 'wp-security-audit-log' ); ?><br />
187
- <?php esc_html_e( 'Note that by increasing this value to a high number, should your website be scanned the plugin will consume more resources to log all the requests.', 'wp-security-audit-log' ); ?>
188
  </td>
189
- </tr><?php
 
190
  }
191
  }
192
  ?>
@@ -220,9 +262,8 @@ class WSAL_Views_ToggleAlerts extends WSAL_AbstractView
220
  background-color: #fff;
221
  border-bottom: 1px solid #fff;
222
  }
223
- #user_404Limit,
224
- #visitor_404Limit {
225
- width: 100%;
226
  }
227
  </style><?php
228
  }
59
  }
60
  $this->_plugin->SetGlobalOption('log-404', isset($_REQUEST['log_404']) ? 'on' : 'off');
61
  $this->_plugin->SetGlobalOption('purge-404-log', isset($_REQUEST['purge_log']) ? 'on' : 'off');
62
+ $this->_plugin->SetGlobalOption( 'log-404-referrer', isset( $_REQUEST['log_404_referrer'] ) ? 'on' : 'off' );
63
 
64
  $this->_plugin->SetGlobalOption( 'log-visitor-404', isset( $_REQUEST['log_visitor_404'] ) ? 'on' : 'off' );
65
  $this->_plugin->SetGlobalOption( 'purge-visitor-404-log', isset( $_REQUEST['purge_visitor_log'] ) ? 'on' : 'off' );
66
+ $this->_plugin->SetGlobalOption( 'log-visitor-404-referrer', isset( $_REQUEST['log_visitor_404_referrer'] ) ? 'on' : 'off' );
67
 
68
  $this->_plugin->settings->Set404LogLimit( $_REQUEST['user_404Limit'] );
69
  $this->_plugin->settings->SetVisitor404LogLimit( $_REQUEST['visitor_404Limit'] );
70
+
71
+ $this->_plugin->SetGlobalOption( 'log-visitor-failed-login', isset( $_REQUEST['log_visitor_failed_login'] ) ? 'on' : 'off' );
72
+
73
+ $this->_plugin->settings->set_failed_login_limit( $_REQUEST['log_failed_login_limit'] );
74
+ $this->_plugin->settings->set_visitor_failed_login_limit( $_REQUEST['log_visitor_failed_login_limit'] );
75
  }
76
  ?><h2 id="wsal-tabs" class="nav-tab-wrapper"><?php
77
  foreach ($safeNames as $name => $safe) {
140
  <td><?php echo str_pad($alert->type, 4, '0', STR_PAD_LEFT); ?></td>
141
  <td><?php echo $this->_plugin->constants->GetConstantBy('value', $alert->code)->name; ?></td>
142
  <td><?php echo esc_html($alert->desc); ?></td>
143
+ </tr>
144
+ <?php
145
  if ($alert->type == 6007) {
146
  $log_404 = $this->_plugin->GetGlobalOption('log-404');
147
  $purge_log = $this->_plugin->GetGlobalOption('purge-404-log');
148
+ $log_404_referrer = $this->_plugin->GetGlobalOption( 'log-404-referrer', 'on' );
149
+ ?>
150
+ <tr>
151
  <td></td>
152
  <td><input name="log_404" type="checkbox" class="check_log" value="1" <?php if ($log_404 == 'on') echo 'checked="checked"'; ?>></td>
153
  <td colspan="2"><?php _e('Capture 404 requests to file (the log file are created in the /wp-content/uploads/wp-security-audit-log/404s/ directory)', 'wp-security-audit-log'); ?></td>
160
  <tr>
161
  <td></td>
162
  <td colspan="1"><input type="number" id="user_404Limit" name="user_404Limit" value="<?php echo $this->_plugin->settings->Get404LogLimit(); ?>" /></td>
163
+ <td colspan="2"><?php esc_html_e( 'Number of 404 Requests to Log. By default the plugin keeps up to 99 requests to non-existing pages from the same IP address. Increase the value in this setting to the desired amount to keep a log of more or less requests.', 'wp-security-audit-log' ); ?></td>
164
  </tr>
165
  <tr>
166
  <td></td>
167
+ <td><input name="log_404_referrer" type="checkbox" class="check_log" value="1" <?php checked( $log_404_referrer, 'on' ); ?>></td>
168
+ <td colspan="2"><?php esc_html_e( 'Record the referrer that generated the 404 error.', 'wp-security-audit-log' ); ?></td>
169
+ </tr>
170
+ <?php
 
 
171
  }
172
  if ( 6023 == $alert->type ) {
173
  $log_visitor_404 = $this->_plugin->GetGlobalOption( 'log-visitor-404' );
174
  $purge_visitor_log = $this->_plugin->GetGlobalOption( 'purge-visitor-404-log' );
175
+ $log_visitor_404_referrer = $this->_plugin->GetGlobalOption( 'log-visitor-404-referrer', 'on' );
176
+ ?>
177
+ <tr>
178
  <td></td>
179
  <td><input name="log_visitor_404" type="checkbox" class="check_visitor_log" value="1" <?php if ( 'on' == $log_visitor_404 ) echo 'checked="checked"'; ?>></td>
180
  <td colspan="2"><?php esc_html_e( 'Capture 404 requests to file (the log file are created in the /wp-content/uploads/wp-security-audit-log/404s/ directory)', 'wp-security-audit-log' ); ?></td>
187
  <tr>
188
  <td></td>
189
  <td colspan="1"><input type="number" id="visitor_404Limit" name="visitor_404Limit" value="<?php echo esc_attr( $this->_plugin->settings->GetVisitor404LogLimit() ); ?>" /></td>
190
+ <td colspan="2"><?php esc_html_e( 'Number of 404 Requests to Log. By default the plugin keeps up to 99 requests to non-existing pages from the same IP address. Increase the value in this setting to the desired amount to keep a log of more or less requests. Note that by increasing this value to a high number, should your website be scanned the plugin will consume more resources to log all the requests.', 'wp-security-audit-log' ); ?></td>
191
  </tr>
192
  <tr>
193
  <td></td>
194
+ <td><input name="log_visitor_404_referrer" type="checkbox" class="check_log" value="1" <?php checked( $log_visitor_404_referrer, 'on' ); ?>></td>
195
+ <td colspan="2"><?php esc_html_e( 'Record the referrer that generated the 404 error.', 'wp-security-audit-log' ); ?></td>
196
+ </tr>
197
+ <?php
198
+ }
199
+ if ( 1002 === $alert->type ) {
200
+ $log_failed_login_limit = (int) $this->_plugin->GetGlobalOption( 'log-failed-login-limit', 10 );
201
+ $log_failed_login_limit = ( -1 === $log_failed_login_limit ) ? '0' : $log_failed_login_limit;
202
+ ?>
203
+ <tr>
204
+ <td></td>
205
+ <td><input name="log_failed_login_limit" type="number" class="check_visitor_log" value="<?php echo esc_attr( $log_failed_login_limit ); ?>"></td>
206
+ <td colspan="2">
207
+ <?php esc_html_e( 'Number of login attempts to log. Enter 0 to log all failed login attempts. (By default the plugin only logs up to 10 failed login because the process can be very resource intensive in case of a brute force attack)', 'wp-security-audit-log' ); ?>
208
+ </td>
209
+ </tr>
210
+ <?php
211
+ }
212
+ if ( 1003 === $alert->type ) {
213
+ $log_visitor_failed_login = $this->_plugin->GetGlobalOption( 'log-visitor-failed-login', 'on' );
214
+ $log_visitor_failed_login_limit = (int) $this->_plugin->GetGlobalOption( 'log-visitor-failed-login-limit', 10 );
215
+ $log_visitor_failed_login_limit = ( -1 === $log_visitor_failed_login_limit ) ? '0' : $log_visitor_failed_login_limit;
216
+ ?>
217
+ <tr>
218
+ <td></td>
219
+ <td><input name="log_visitor_failed_login" type="checkbox" class="check_visitor_log" value="1" <?php checked( $log_visitor_failed_login, 'on' ); ?>></td>
220
+ <td colspan="2">
221
+ <p><?php esc_html_e( 'Keep a log of the usernames used in the failed logins in a log file. The log file is stored in /wp-content/uploads/wp-security-audit-log/failed-logins/', 'wp-security-audit-log' ); ?></p>
222
+ </td>
223
+ </tr>
224
+ <tr>
225
  <td></td>
226
+ <td><input name="log_visitor_failed_login_limit" type="number" class="check_visitor_log" value="<?php echo esc_attr( $log_visitor_failed_login_limit ); ?>"></td>
227
  <td colspan="2">
228
+ <p><?php esc_html_e( 'Number of login attempts to log. Enter 0 to log all failed login attempts. (By default the plugin only logs up to 10 failed login because the process can be very resource intensive in case of a brute force attack)', 'wp-security-audit-log' ); ?></p>
 
229
  </td>
230
+ </tr>
231
+ <?php
232
  }
233
  }
234
  ?>
262
  background-color: #fff;
263
  border-bottom: 1px solid #fff;
264
  }
265
+ .wsal-tab td input[type=number] {
266
+ width: 100%;
 
267
  }
268
  </style><?php
269
  }
css/auditlog.css CHANGED
@@ -20,10 +20,12 @@
20
 
21
  .column-read,
22
  .column-more,
23
- .column-type,
24
  .column-data {
25
  width: 70px;
26
  }
 
 
 
27
  .column-code {
28
  width: 50px;
29
  }
@@ -234,5 +236,11 @@ td.column-user {
234
  .dark-tooltip.dark ul.confirm li{ background-color:#0085ba;}
235
  .dark-tooltip.dark ul.confirm li:hover{ background-color:#008ec2; cursor: pointer;}
236
  .dark-tooltip.dark ul.confirm li:last-child {
237
- display: none;
 
 
 
 
 
 
238
  }
20
 
21
  .column-read,
22
  .column-more,
 
23
  .column-data {
24
  width: 70px;
25
  }
26
+ .column-type {
27
+ width: 85px;
28
+ }
29
  .column-code {
30
  width: 50px;
31
  }
236
  .dark-tooltip.dark ul.confirm li{ background-color:#0085ba;}
237
  .dark-tooltip.dark ul.confirm li:hover{ background-color:#008ec2; cursor: pointer;}
238
  .dark-tooltip.dark ul.confirm li:last-child {
239
+ padding: 0;
240
+ }
241
+ .dark-tooltip.dark ul.confirm li:last-child span {
242
+ display: inline-block;
243
+ line-height: 8px;
244
+ padding: 10px;
245
+ margin: 0;
246
  }
defaults.php CHANGED
@@ -67,7 +67,7 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal)
67
  array(2017, E_NOTICE, __('User changed blog post URL', 'wp-security-audit-log'), __('Changed the URL of the post %PostTitle% from %OldUrl% to %NewUrl%. %EditorLinkPost%.', 'wp-security-audit-log')),
68
  array(2019, E_NOTICE, __('User changed blog post author', 'wp-security-audit-log'), __('Changed the author of %PostTitle% post from %OldAuthor% to %NewAuthor%. %EditorLinkPost%.', 'wp-security-audit-log')),
69
  array(2021, E_NOTICE, __('User changed blog post status', 'wp-security-audit-log'), __('Changed the status of %PostTitle% post from %OldStatus% to %NewStatus%. %EditorLinkPost%.', 'wp-security-audit-log')),
70
- array(2023, E_NOTICE, __('User created new category', 'wp-security-audit-log'), __('Created a new category called %CategoryName% .Category slug is %Slug%. %CategoryLink%.', 'wp-security-audit-log')),
71
  array(2024, E_WARNING, __('User deleted category', 'wp-security-audit-log'), __('Deleted the category %CategoryName%. Category slug was %Slug%.', 'wp-security-audit-log')),
72
  array(2025, E_WARNING, __('User changed the visibility of a blog post', 'wp-security-audit-log'), __('Changed the visibility of the post %PostTitle% from %OldVisibility% to %NewVisibility%. %EditorLinkPost%.', 'wp-security-audit-log')),
73
  array(2027, E_NOTICE, __('User changed the date of a blog post', 'wp-security-audit-log'), __('Changed the date of the post %PostTitle% from %OldDate% to %NewDate%. %EditorLinkPost%.', 'wp-security-audit-log')),
@@ -89,7 +89,14 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal)
89
  array(2111, E_NOTICE, __('User disabled Comments/Trackbacks and Pingbacks on a published post', 'wp-security-audit-log'), __('Disabled %Type% on the published post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
90
  array(2112, E_NOTICE, __('User enabled Comments/Trackbacks and Pingbacks on a published post', 'wp-security-audit-log'), __('Enabled %Type% on the published post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
91
  array(2113, E_NOTICE, __('User disabled Comments/Trackbacks and Pingbacks on a draft post', 'wp-security-audit-log'), __('Disabled %Type% on the draft post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
92
- array(2114, E_NOTICE, __('User enabled Comments/Trackbacks and Pingbacks on a draft post', 'wp-security-audit-log'), __('Enabled %Type% on the draft post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log'))
 
 
 
 
 
 
 
93
  ),
94
  __('Comments', 'wp-security-audit-log') => array(
95
  array(2090, E_NOTICE, __('User approved a comment', 'wp-security-audit-log'), __('Approved the comment posted in response to the post %PostTitle% by %Author% on %CommentLink%.', 'wp-security-audit-log')),
@@ -255,7 +262,11 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal)
255
  array(6015, E_CRITICAL, __('Enabled/Disabled the option for an author to have previously approved comments for the comments to appear', 'wp-security-audit-log'), __('%Status% the option for an author to have previously approved comments for the comments to appear.', 'wp-security-audit-log')),
256
  array(6016, E_CRITICAL, __('Changed the number of links that a comment must have to be held in the queue', 'wp-security-audit-log'), __('Changed the number of links from %OldValue% to %NewValue% that a comment must have to be held in the queue.', 'wp-security-audit-log')),
257
  array(6017, E_CRITICAL, __('Modified the list of keywords for comments moderation', 'wp-security-audit-log'), __('Modified the list of keywords for comments moderation.', 'wp-security-audit-log')),
258
- array(6018, E_CRITICAL, __('Modified the list of keywords for comments blacklisting', 'wp-security-audit-log'), __('Modified the list of keywords for comments blacklisting.', 'wp-security-audit-log'))
 
 
 
 
259
  )
260
  ),
261
  __('Users Profiles & Activity', 'wp-security-audit-log') => array(
@@ -263,7 +274,7 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal)
263
  array(1000, E_NOTICE, __('User logged in', 'wp-security-audit-log'), __('Successfully logged in.', 'wp-security-audit-log')),
264
  array(1001, E_NOTICE, __('User logged out', 'wp-security-audit-log'), __('Successfully logged out.', 'wp-security-audit-log')),
265
  array(1002, E_WARNING, __('Login failed', 'wp-security-audit-log'), __('%Attempts% failed login(s) detected.', 'wp-security-audit-log')),
266
- array(1003, E_WARNING, __('Login failed / non existing user', 'wp-security-audit-log'), __('%Attempts% failed login(s) detected using non existing user.', 'wp-security-audit-log')),
267
  array(1004, E_WARNING, __('Login blocked', 'wp-security-audit-log'), __('Blocked from logging in because the same WordPress user is logged in from %ClientIP%.', 'wp-security-audit-log')),
268
  array(1005, E_WARNING, __('User logged in with existing session(s)', 'wp-security-audit-log'), __('Successfully logged in. Another session from %IPAddress% for this user already exist.', 'wp-security-audit-log')),
269
  array(1006, E_CRITICAL, __('User logged out all other sessions with the same username', 'wp-security-audit-log'), __('Logged out all other sessions with the same username.', 'wp-security-audit-log')),
@@ -283,6 +294,10 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal)
283
  array(4014, E_NOTICE, __('User opened the profile page of another user', 'wp-security-audit-log'), __('%UserChanger% opened the profile page of the user %TargetUsername%.', 'wp-security-audit-log')),
284
  array( 4015, E_NOTICE, __( 'User updated a custom field value for a user', 'wp-security-audit-log' ), __( 'Changed the value of the custom field %custom_field_name% from %old_value% to %new_value% for the user %TargetUsername%.', 'wp-security-audit-log' ) ),
285
  array( 4016, E_NOTICE, __( 'User created a custom field value for a user', 'wp-security-audit-log' ), __( 'Created the value of the custom field %custom_field_name% with %new_value% for the user %TargetUsername%.', 'wp-security-audit-log' ) ),
 
 
 
 
286
  ),
287
  ),
288
  __('Third Party Support', 'wp-security-audit-log') => array(
67
  array(2017, E_NOTICE, __('User changed blog post URL', 'wp-security-audit-log'), __('Changed the URL of the post %PostTitle% from %OldUrl% to %NewUrl%. %EditorLinkPost%.', 'wp-security-audit-log')),
68
  array(2019, E_NOTICE, __('User changed blog post author', 'wp-security-audit-log'), __('Changed the author of %PostTitle% post from %OldAuthor% to %NewAuthor%. %EditorLinkPost%.', 'wp-security-audit-log')),
69
  array(2021, E_NOTICE, __('User changed blog post status', 'wp-security-audit-log'), __('Changed the status of %PostTitle% post from %OldStatus% to %NewStatus%. %EditorLinkPost%.', 'wp-security-audit-log')),
70
+ array(2023, E_NOTICE, __('User created new category', 'wp-security-audit-log'), __('Created a new category called %CategoryName%. Category slug is %Slug%. %CategoryLink%.', 'wp-security-audit-log')),
71
  array(2024, E_WARNING, __('User deleted category', 'wp-security-audit-log'), __('Deleted the category %CategoryName%. Category slug was %Slug%.', 'wp-security-audit-log')),
72
  array(2025, E_WARNING, __('User changed the visibility of a blog post', 'wp-security-audit-log'), __('Changed the visibility of the post %PostTitle% from %OldVisibility% to %NewVisibility%. %EditorLinkPost%.', 'wp-security-audit-log')),
73
  array(2027, E_NOTICE, __('User changed the date of a blog post', 'wp-security-audit-log'), __('Changed the date of the post %PostTitle% from %OldDate% to %NewDate%. %EditorLinkPost%.', 'wp-security-audit-log')),
89
  array(2111, E_NOTICE, __('User disabled Comments/Trackbacks and Pingbacks on a published post', 'wp-security-audit-log'), __('Disabled %Type% on the published post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
90
  array(2112, E_NOTICE, __('User enabled Comments/Trackbacks and Pingbacks on a published post', 'wp-security-audit-log'), __('Enabled %Type% on the published post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
91
  array(2113, E_NOTICE, __('User disabled Comments/Trackbacks and Pingbacks on a draft post', 'wp-security-audit-log'), __('Disabled %Type% on the draft post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
92
+ array(2114, E_NOTICE, __('User enabled Comments/Trackbacks and Pingbacks on a draft post', 'wp-security-audit-log'), __('Enabled %Type% on the draft post %PostTitle%. View the post: %PostUrl%.', 'wp-security-audit-log')),
93
+ array( 2119, E_NOTICE, __( 'User added blog post tag', 'wp-security-audit-log' ), __( 'Added the tag %tag% on the %status% post %post_title%. View the post: %EditorLinkPost%.', 'wp-security-audit-log' ) ),
94
+ array( 2120, E_NOTICE, __( 'User removed blog post tag', 'wp-security-audit-log' ), __( 'Removed the tag %tag% on the %status% post %post_title%. View the post: %EditorLinkPost%.', 'wp-security-audit-log' ) ),
95
+ array( 2121, E_NOTICE, __( 'User created new tag', 'wp-security-audit-log' ), __( 'Created a new tag called %TagName% .Tag slug is %Slug%. %TagLink%.', 'wp-security-audit-log' ) ),
96
+ array( 2122, E_NOTICE, __( 'User deleted tag', 'wp-security-audit-log' ), __( 'Deleted the tag %TagName%. Tag slug was %Slug%.', 'wp-security-audit-log' ) ),
97
+ array( 2123, E_NOTICE, __( 'User renamed tag', 'wp-security-audit-log' ), __( 'Renamed a tag from %old_name% to %new_name%', 'wp-security-audit-log' ) ),
98
+ array( 2124, E_NOTICE, __( 'User changed tag slug', 'wp-security-audit-log' ), __( 'Changed the slug of tag %tag% from %old_slug% to %new_slug%', 'wp-security-audit-log' ) ),
99
+ array( 2125, E_NOTICE, __( 'User changed tag description', 'wp-security-audit-log' ), __( 'Changed the description of tag %tag%.', 'wp-security-audit-log' ) ),
100
  ),
101
  __('Comments', 'wp-security-audit-log') => array(
102
  array(2090, E_NOTICE, __('User approved a comment', 'wp-security-audit-log'), __('Approved the comment posted in response to the post %PostTitle% by %Author% on %CommentLink%.', 'wp-security-audit-log')),
262
  array(6015, E_CRITICAL, __('Enabled/Disabled the option for an author to have previously approved comments for the comments to appear', 'wp-security-audit-log'), __('%Status% the option for an author to have previously approved comments for the comments to appear.', 'wp-security-audit-log')),
263
  array(6016, E_CRITICAL, __('Changed the number of links that a comment must have to be held in the queue', 'wp-security-audit-log'), __('Changed the number of links from %OldValue% to %NewValue% that a comment must have to be held in the queue.', 'wp-security-audit-log')),
264
  array(6017, E_CRITICAL, __('Modified the list of keywords for comments moderation', 'wp-security-audit-log'), __('Modified the list of keywords for comments moderation.', 'wp-security-audit-log')),
265
+ array(6018, E_CRITICAL, __('Modified the list of keywords for comments blacklisting', 'wp-security-audit-log'), __('Modified the list of keywords for comments blacklisting.', 'wp-security-audit-log')),
266
+ array( 6019, E_CRITICAL, __( 'Created a New cron job', 'wp-security-audit-log' ), __( 'A new cron job called %name% was created and is scheduled to run %schedule%.', 'wp-security-audit-log' ) ),
267
+ array( 6020, E_CRITICAL, __( 'Changed status of the cron job', 'wp-security-audit-log' ), __( 'The cron job %name% was %status%.', 'wp-security-audit-log' ) ),
268
+ array( 6021, E_CRITICAL, __( 'Deleted the cron job', 'wp-security-audit-log' ), __( 'The cron job %name% was deleted.', 'wp-security-audit-log' ) ),
269
+ array( 6022, E_NOTICE, __( 'Started the cron job', 'wp-security-audit-log' ), __( 'The cron job %name% has just started.', 'wp-security-audit-log' ) ),
270
  )
271
  ),
272
  __('Users Profiles & Activity', 'wp-security-audit-log') => array(
274
  array(1000, E_NOTICE, __('User logged in', 'wp-security-audit-log'), __('Successfully logged in.', 'wp-security-audit-log')),
275
  array(1001, E_NOTICE, __('User logged out', 'wp-security-audit-log'), __('Successfully logged out.', 'wp-security-audit-log')),
276
  array(1002, E_WARNING, __('Login failed', 'wp-security-audit-log'), __('%Attempts% failed login(s) detected.', 'wp-security-audit-log')),
277
+ array(1003, E_WARNING, __('Login failed / non existing user', 'wp-security-audit-log'), __('%Attempts% failed login(s) detected using non existing user. %LogFileLink% %LogFileText%.', 'wp-security-audit-log')),
278
  array(1004, E_WARNING, __('Login blocked', 'wp-security-audit-log'), __('Blocked from logging in because the same WordPress user is logged in from %ClientIP%.', 'wp-security-audit-log')),
279
  array(1005, E_WARNING, __('User logged in with existing session(s)', 'wp-security-audit-log'), __('Successfully logged in. Another session from %IPAddress% for this user already exist.', 'wp-security-audit-log')),
280
  array(1006, E_CRITICAL, __('User logged out all other sessions with the same username', 'wp-security-audit-log'), __('Logged out all other sessions with the same username.', 'wp-security-audit-log')),
294
  array(4014, E_NOTICE, __('User opened the profile page of another user', 'wp-security-audit-log'), __('%UserChanger% opened the profile page of the user %TargetUsername%.', 'wp-security-audit-log')),
295
  array( 4015, E_NOTICE, __( 'User updated a custom field value for a user', 'wp-security-audit-log' ), __( 'Changed the value of the custom field %custom_field_name% from %old_value% to %new_value% for the user %TargetUsername%.', 'wp-security-audit-log' ) ),
296
  array( 4016, E_NOTICE, __( 'User created a custom field value for a user', 'wp-security-audit-log' ), __( 'Created the value of the custom field %custom_field_name% with %new_value% for the user %TargetUsername%.', 'wp-security-audit-log' ) ),
297
+ array( 4017, E_NOTICE, __( 'User changed first name for a user', 'wp-security-audit-log' ), __( 'Changed the first name of the user %TargetUsername% from %old_firstname% to %new_firstname%', 'wp-security-audit-log' ) ),
298
+ array( 4018, E_NOTICE, __( 'User changed last name for a user', 'wp-security-audit-log' ), __( 'Changed the last name of the user %TargetUsername% from %old_lastname% to %new_lastname%', 'wp-security-audit-log' ) ),
299
+ array( 4019, E_NOTICE, __( 'User changed nickname for a user', 'wp-security-audit-log' ), __( 'Changed the nickname of the user %TargetUsername% from %old_nickname% to %new_nickname%', 'wp-security-audit-log' ) ),
300
+ array( 4020, E_WARNING, __( 'User changed the display name for a user', 'wp-security-audit-log' ), __( 'Changed the Display name publicly of user %TargetUsername% from %old_displayname% to %new_displayname%', 'wp-security-audit-log' ) ),
301
  ),
302
  ),
303
  __('Third Party Support', 'wp-security-audit-log') => array(
js/auditlog.js CHANGED
@@ -19,17 +19,42 @@ window['WsalAuditLogRefreshed'] = function(){
19
  jQuery('<input type="hidden" name="paged"/>').val(paged)
20
  ).submit();
21
  });
22
- // tooltip Confirm disable alert
23
- jQuery('.log-disable').darkTooltip({
24
- animation: 'fadeIn',
25
- size: 'small',
26
- gravity: 'west',
27
- confirm: true,
28
- yes: 'Disable',
29
- onYes: function(elem){
30
- WsalDisableByCode(elem.attr('data-alert-id'))
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
31
  }
32
- });
 
33
  // tooltip severity type
34
  jQuery('.tooltip').darkTooltip({
35
  animation: 'fadeIn',
@@ -41,7 +66,7 @@ window['WsalAuditLogRefreshed'] = function(){
41
  function WsalAuditLogInit(_WsalData){
42
  WsalData = _WsalData;
43
  var WsalTkn = WsalData.autorefresh.token;
44
-
45
  // list refresher
46
  var WsalAjx = null;
47
  var WsalChk = function(){
@@ -65,7 +90,7 @@ function WsalAuditLogInit(_WsalData){
65
  setInterval(WsalChk, 40000);
66
  WsalChk();
67
  }
68
-
69
  WsalSsasInit();
70
  }
71
 
@@ -76,10 +101,6 @@ function WsalIppsFocus(value){
76
  }
77
 
78
  function WsalIppsChange(value){
79
- if(value === ''){
80
- value = window.prompt(WsalData.tr8n.numofitems, WsalIppsPrev);
81
- if(value === null || value === WsalIppsPrev)return this.value = WsalIppsPrev; // operation canceled
82
- }
83
  jQuery('select.wsal-ipps').attr('disabled', true);
84
  jQuery.post(WsalData.ajaxurl, {
85
  action: 'AjaxSetIpp',
@@ -103,7 +124,7 @@ function WsalSsasInit(){
103
  var SsasVal = SsasInp.val();
104
  if(SsasAjx)SsasAjx.abort();
105
  SsasInp.removeClass('loading');
106
-
107
  // do a new search
108
  if(SsasInp.attr('data-oldvalue') !== SsasVal && SsasVal.length > 2){
109
  SsasInp.addClass('loading');
@@ -131,7 +152,7 @@ function WsalSsasInit(){
131
  }, 'json');
132
  SsasInp.attr('data-oldvalue', SsasVal);
133
  }
134
-
135
  // handle keys
136
  });
137
  SsasInps.blur(function(){
@@ -171,9 +192,9 @@ function WsalDBChange(value){
171
  type: 'POST',
172
  url: ajaxurl,
173
  async: true,
174
- data: {
175
  action: 'AjaxSwitchDB',
176
- selected_db: value
177
  },
178
  success: function() {
179
  location.reload();
19
  jQuery('<input type="hidden" name="paged"/>').val(paged)
20
  ).submit();
21
  });
22
+
23
+ var modification_alerts = [ '1002', '1003', '6007', '6023' ];
24
+
25
+ jQuery( '.log-disable' ).each( function() {
26
+ if ( -1 == modification_alerts.indexOf( this.innerText ) ) {
27
+ // Tooltip Confirm disable alert.
28
+ jQuery( this ).darkTooltip( {
29
+ animation: 'fadeIn',
30
+ size: 'small',
31
+ gravity: 'west',
32
+ confirm: true,
33
+ yes: 'Disable',
34
+ no: '',
35
+ onYes: function( elem ) {
36
+ WsalDisableByCode( elem.attr( 'data-alert-id' ) )
37
+ }
38
+ } );
39
+ } else {
40
+ // Tooltip Confirm disable alert.
41
+ jQuery( this ).darkTooltip( {
42
+ animation: 'fadeIn',
43
+ size: 'small',
44
+ gravity: 'west',
45
+ confirm: true,
46
+ yes: 'Disable',
47
+ no: '<span>Modify</span>',
48
+ onYes: function( elem ) {
49
+ WsalDisableByCode( elem.attr( 'data-alert-id' ) );
50
+ },
51
+ onNo: function( elem ) {
52
+ window.location.href = elem.attr( 'data-link' );
53
+ }
54
+ } );
55
  }
56
+ } );
57
+
58
  // tooltip severity type
59
  jQuery('.tooltip').darkTooltip({
60
  animation: 'fadeIn',
66
  function WsalAuditLogInit(_WsalData){
67
  WsalData = _WsalData;
68
  var WsalTkn = WsalData.autorefresh.token;
69
+
70
  // list refresher
71
  var WsalAjx = null;
72
  var WsalChk = function(){
90
  setInterval(WsalChk, 40000);
91
  WsalChk();
92
  }
93
+
94
  WsalSsasInit();
95
  }
96
 
101
  }
102
 
103
  function WsalIppsChange(value){
 
 
 
 
104
  jQuery('select.wsal-ipps').attr('disabled', true);
105
  jQuery.post(WsalData.ajaxurl, {
106
  action: 'AjaxSetIpp',
124
  var SsasVal = SsasInp.val();
125
  if(SsasAjx)SsasAjx.abort();
126
  SsasInp.removeClass('loading');
127
+
128
  // do a new search
129
  if(SsasInp.attr('data-oldvalue') !== SsasVal && SsasVal.length > 2){
130
  SsasInp.addClass('loading');
152
  }, 'json');
153
  SsasInp.attr('data-oldvalue', SsasVal);
154
  }
155
+
156
  // handle keys
157
  });
158
  SsasInps.blur(function(){
192
  type: 'POST',
193
  url: ajaxurl,
194
  async: true,
195
+ data: {
196
  action: 'AjaxSwitchDB',
197
+ selected_db: value
198
  },
199
  success: function() {
200
  location.reload();
languages/wp-security-audit-log-de_DE.mo ADDED
Binary file
languages/wp-security-audit-log-es_ES.mo CHANGED
Binary file
languages/wp-security-audit-log-fr_FR.mo ADDED
Binary file
languages/wp-security-audit-log-it_IT.mo CHANGED
Binary file
languages/wp-security-audit-log-ro_RO.mo ADDED
Binary file
readme.txt CHANGED
@@ -6,8 +6,8 @@ License: GPLv3
6
  License URI: http://www.gnu.org/licenses/gpl.html
7
  Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
8
  Requires at least: 3.6
9
- Tested up to: 4.8.1
10
- Stable tag: 2.6.8
11
 
12
  Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.
13
 
@@ -119,6 +119,7 @@ WP Security Audit Log plugin also has a number of features that make WordPress a
119
  * [WPLift](http://wplift.com/audit-wordpress-security-logs) - Review by Ahmad Awais
120
  * [WP SmackDown](https://wpsmackdown.com/wp-plugins/wp-security-audit-log/)
121
  * [WPKube](http://www.wpkube.com/improve-wordpress-security-wp-security-audit-log/)
 
122
  * [Cloudways](https://www.cloudways.com/blog/monitor-wordpress-with-wp-security-audit-log-plugin/)
123
  * [ManageWP Plugins of the month](https://managewp.com/free-wordpress-plugins-june-2014)
124
  * [MyWPExpert](http://www.mywpexpert.com/wp-security-audit-log/)
@@ -142,6 +143,7 @@ We need help translating the plugin and the WordPress Security Alerts. Please vi
142
  * Italian translation by [Leonardo Musumeci](http://leonardomusumeci.net/)
143
  * German translation by [Mourad Louha](http://excel-translator.de)
144
  * Spanish translation by the [WP Body team](https://wpbody.com/)
 
145
 
146
  = Related Links and Documentation =
147
  For more information and to get started with WordPress Security, check out the following:
@@ -188,819 +190,32 @@ Please refer to the [FAQs page](https://www.wpsecurityauditlog.com/documentation
188
 
189
  == Changelog ==
190
 
191
- = 2.6.8 (2017-09-19) =
192
 
193
- * **Improvement**
194
- * Improved the sensor for custom post types so posts with NULL value or other temp custom posts are not reported. This was reported in several support tickets; [here](https://wordpress.org/support/topic/a-plugin-automatically-created-the-following-custom-post-null/), [here](https://wordpress.org/support/topic/would-you-tell-me-about-meanings-of-2-message/) and [here](https://wordpress.org/support/topic/pinpointing-the-plugin/).
195
-
196
- * **Bug Fix**
197
- * Add a new check to ensure the object is of WP_Post class [Support Ticket](https://wordpress.org/support/topic/undefined-property-wp_post_typepost_type/)
198
-
199
- = 2.6.7 (2017-09-09) =
200
-
201
- * **Improvements**
202
- * Added a new property in WSAL main class to store the current plugin version.
203
- * Added a new function in WSAL main class to define constants (to be used throughout the plugin)
204
- * Improved the code formatting in AuditLog.php
205
-
206
- = 2.6.6 (2017-08-30) =
207
-
208
- * **New Audit Trail Alerts**
209
- * Alert 4015 for when a user creates a custom field in a user profile.
210
- * Alert 4016 for when a user updates a custom field value in a user profile.
211
-
212
- * **New Feature**
213
- * Logging of changes in custom fields (in posts, pages, custom post types, user profiles) created by Advanced Custom Fields (ACF) or similar plugins.
214
- * New option to show either the Username or Firstname and Lastname of the user in the Audit Trail.
215
-
216
- * **Improvements**
217
- * 404 errors logfiles are now saved in /uploads/wp-security-audit-log/404s/ directory.
218
- * Changed the 404 errors logfile name format to [alert]_[yyyymmdd].log. Thanks to [Enable Security](https://www.enablesecurity.com/) for PoC of vulnerability and advise.
219
- * Removed link to view post from Alerts about permanently deleted posts (2008, 2009, 2033).
220
- * Added tooltip for filter via IP address.
221
-
222
- * **Bug Fix**
223
- * Fixed an issue where the viewing of content was not being logged when Yoast SEO is installed.
224
-
225
- = 2.6.5 (2017-07-18) =
226
-
227
- * **New Audit Trail Alerts**
228
- * Alert 1007 for when an administrator terminate's a logged in session using the Users Sessions Management Add-On
229
- * Alert 6023 to log 404 HTTP errors (requests to non-existing pages) by website visitors (non WordPress users)
230
-
231
- * **Improvements**
232
- * Seggregated the logging of 404 HTTP Errors by who generates them. Alert 6007 for logged in users, 6023 for anonymous website visitors.
233
- * Improved the logging of Alert 4014 so it is not reported every time a user's profile page is reloaded with a refresh or when a change is applied.
234
- * Removed the wsal_wp_session cookie, which was used to store the selected database when [archiving of audit trail alerts is enabled](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/faq-archiving-wordpress-audit-trail/). Using LocalStorage instead.
235
- * Replaced mcrypt (deprecated in PHP 7) with OpenSSL. Mcrypt still used temporarily to convert configured password. Will be removed completely in future updates. [Support Ticket](https://wordpress.org/support/topic/php-issues-9/)
236
-
237
- = 2.6.4 (2017-06-01) =
238
-
239
- * **New Features**
240
- * Added a number of queries in the plugin to support the new version of the [Reports Add-On](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/statistics-scheduled-wordpress-reports/)
241
-
242
- = 2.6.3 (2017-05-03) =
243
-
244
- * **Security Update**
245
- * Updated third party session libraries to a more secure version
246
-
247
- = 2.6.2 (2017-04-22) =
248
-
249
- * **New alerts to record actions & profile changes**
250
- * 1006: User logged out all other sessions with the same username
251
- * 4014: User opened the profile page of another user
252
-
253
- * **New alerts to record post and page specific settings changes**
254
- * 2111: Disabled Comments / Trackbacks and Pingbacks on a published post
255
- * 2112: Enabled Comments / Trackbacks and Pingbacks on a published post
256
- * 2113: Disabled Comments / Trackbacks and Pingbacks on a draft post
257
- * 2114: Enabled Comments / Trackbacks and Pingbacks on a draft post
258
- * 2115: Disabled Comments / Trackbacks and Pingbacks on a published page
259
- * 2116: Enabled Comments / Trackbacks and Pingbacks on a published page
260
- * 2117: Disabled Comments / Trackbacks and Pingbacks on a draft page
261
- * 2118: Enabled Comments / Trackbacks and Pingbacks on a draft page
262
-
263
- * **New alerts to record WordPress site-wide settings changes**
264
- * 6008: User enabled / disabled the option Discourage search engines from indexing this site
265
- * 6009: User enabled / disabled comments on all the website
266
- * 6010: User enabled / disabled the option Comment author must fill out name and email
267
- * 6011: User enabled / disabled the option Users must be logged in and registered to comment
268
- * 6012: User enabled / disabled the option to automatically close comments after [X] days
269
- * 6013: User changed the value of the option Automatically close comments from [X] to [X] days
270
- * 6014: User enabled / disabled the option for comments to be manually approved
271
- * 6015: User enabled / disabled the option for an author to have previously approved comments for the comments to appear
272
- * 6016: User changed the number of links from [X] to [X] that a comment must have to be held in the queue
273
- * 6017: User modified the list of keywords for comments moderation
274
- * 6018: User modified the list of keywords for comments blacklisting
275
-
276
- * **Plugin Improvements**
277
- * URL of content in alert is no longer truncated. Now it will be reported in full
278
- * Organised the alerts in Enable/Disable Alerts section in categories and sub categories, thus they are easier to find
279
- * Plugin no longer links to a non-existing log file when 404 logging is switched off
280
- * Added additional checks for when using the function wp_Sessions_register_garbage_collection, which was causing a conflict with another plugin
281
-
282
- * **Bug Fixes**
283
- * Fixed an issue in which the plugin was changing the titles of WooCommerce product pages for logged in users [Ticket](https://wordpress.org/support/topic/woocommerce-product-name-missing-from-page-titles-after-v2-6/)
284
- * Fixed an issue in which plugin was unable to handle automated generated content with author 0 [Ticket](https://github.com/WPWhiteSecurity/WP-Security-Audit-Log/issues/378)
285
-
286
- = 2.6.1 (2017-03-09) =
287
-
288
- * **Bug Fixes**
289
- * Removed the PHP Session ID cookie created by mistake for non logged in users.
290
-
291
- = 2.6 (2017-02-08) =
292
-
293
- * **New Features**
294
- * [Audit trail for WooCommerce Store and Products](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/audit-trail-woocommerce-store-products).
295
- * New Hover over functionality to disable alerts with a single click.
296
-
297
- * **New WooCommerce Audit Trail Alerts**
298
- * Refer to the [Audit trail WooCommerce Alerts List](https://www.wpsecurityauditlog.com/documentation/list-monitoring-wordpress-security-alerts-audit-log/#woocommerce) for a complete list of alerts the plugin uses to keep a record of changes in the WooCommerce store and products.
299
-
300
- * **Plugin Improvements**
301
- * Improved severity of alerts and added severity description on hover over.
302
- * Removed all code related to PHP error monitoring, which is no longer used (code spring cleaning).
303
-
304
- * **Bug Fixes**
305
- * Fixed an issue in which 404 logs where still being generated when the logs option was disabled but alert 6007 was enabled.
306
-
307
- = 2.5.9.2 (2017-01-11) =
308
-
309
- * **Bug Fix**
310
- * Updated store URL so [premium add-ons](https://www.wpsecurityauditlog.com/extensions/all-add-ons-60-off/) can be updated.
311
-
312
- = 2.5.9 (2017-01-03) =
313
-
314
- * **Support for new features in External DB Add-on:**
315
- * [Mirroring of audit trail to Syslog](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/faq-mirroring-wordpress-audit-trail-syslog/)
316
- * [Mirroring of audit trail to Papertrail](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/faq-mirroring-wordpress-audit-trail-papertrail/)
317
- * Support for [archiving alerts from the audit trail in an external database](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/faq-archiving-wordpress-audit-trail/).
318
-
319
- = 2.5.8 (2016-11-09) =
320
-
321
- * **Plugin Improvement (Standardized all date & time formats and timezone)**
322
- * Plugin now uses the time & date format configured in WordPress (removed the option from plugin that override this).
323
- * Updated all the [Premium Add-Ons](https://www.wpsecurityauditlog.com/extensions/all-add-ons-60-off/) to use the time & date format configured in WordPress.
324
- * Changed the Request Log file extension to php and disabled execution (before it was log, hence users could guess it)
325
-
326
- * **Bug Fixes**
327
- * Fixed a problem with restricting users' access to the plugin ([support ticket](https://wordpress.org/support/topic/sorry-you-are-not-allowed-to-access-this-page-9/)).
328
- * Fixed a bug in the custom alerts - previously custom alerts were overwritten during upgrade. Updated [custom alerts documentation](https://www.wpsecurityauditlog.com/documentation/create-custom-alerts-wordpress-audit-trail/) as well.
329
-
330
- = 2.5.7 (2016-10-05) =
331
-
332
- * **Bug Fix**
333
- * Fixed an issue where a page's title was not being returned [Support Ticket](https://wordpress.org/support/topic/browser-tab-titles-2/)
334
-
335
- = 2.5.6 (2016-09-27) =
336
-
337
- * **Bug Fix**
338
- * Fixed an issue where previous 404 reports were not being correctly merged. [Support Ticket](https://wordpress.org/support/topic/database-error-with-version-2-5-5-column-occurrence_id-cannot-be-null/)
339
-
340
- = 2.5.5 (2016-09-27) =
341
-
342
- * **New WordPress Audit Trail Alerts**
343
- * 2100: User opened a post in the editor
344
- * 2101: User viewed the post
345
- * 2102: User opened page in editor
346
- * 2103: User viewed page
347
- * 2104: User opened custom post type in editor
348
- * 2105: User viewed the custom post type
349
 
350
- * **New Features**
351
- * New setting to configure the number of 404 requests the plugin should record in a logfile from the same IP address.
352
- * Ability to download the 404 log file directly from the alert.
353
- * Added a new setting that disables or enables all of the plugin's logging. It is disabled by default.
 
354
 
355
- * **Plugin Improvements**
356
- * Organized the plugin settings under different tabs making it is easier to configure.
357
- * Updated the [Reports add-on](https://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/) to show 404 log file location in the reports.
358
- * Removed the auto-enabling of 404 requests monitoring (introduced in previous version).
359
- * When 404s are from localhost, localhost is used in filename and not the IP. [Support Ticket](https://wordpress.org/support/topic/receive-the-following-error-message-when-logging-in/)
360
- * The Add Functionality node is now automatically disabled when one or more premium add-ons are activated.
361
- * Changed the location of request log to /wp-content/uploads/wp-security-audit-log/.
362
- * Changed the extension of the request log file from php to log.
363
- * Plugin won't keep a record of newly posted comments that are marked as spam by Akismet.
364
-
365
- * **Bug Fixes**
366
- * Fixed the data inspector that was not working in certain installations.
367
- * Fixed an issue with custom alerts, which were overwritten during upgrade. Refer to the [custom alerts documentation](https://www.wpsecurityauditlog.com/documentation/create-custom-alerts-wordpress-audit-trail/) for more information.
368
-
369
-
370
- = 2.5.4 (2016-09-14) =
371
-
372
- * **Update**
373
- * Updated the Italian translation file with the latest translations.
374
-
375
- * **Bug Fix**
376
- * Fixed a bug related to database collation which was affecting the generation of reports.
377
-
378
- = 2.5.3 (2016-08-16) =
379
-
380
- * **Bug Fix**
381
- * Enabled the 404 logging by default during upgrade and new install. Read this [FAQ](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/logging-404-requests-urls-logfile/) for more information on this functionality.
382
 
383
- = 2.5.2 (2016-08-12) =
384
-
385
- Read the [WP Security Audit Log 2.5.2 release notes](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/logging-404-requests-support-wordpress-4-6/) for more details on what is new.
386
-
387
- * **New Feature**
388
- * Logging of 404 Requests to a Log file. Read this [FAQ](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/logging-404-requests-urls-logfile/) for more information on this functionality.
389
-
390
  * **Improvements**
391
- * Fixed several alerts / monitoring capabilities that were not working correctly in WordPress 4.6.
392
-
393
- = 2.5.1 (2016-07-26) =
394
-
395
- * **Bug fixes**
396
- * Fixed the disabling functionality of Alert 6007 because it was not working.
397
- * Fixed the disabling functionality for Alerts 1000 and 10001.
398
- * Merged bug fixes from version 2.4.4 (were not included in 2.5.0).
399
 
400
- = 2.5.0 (2016-07-12) =
401
-
402
- Read the [WP Security Audit Log 2.5.0 release notes](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/log-wordpress-comments-activity-2-5) for a detailed overview of what is new.
403
-
404
- * **New Features**
405
- * Plugin now keeps a record in the audit trail of changes in WordPress comments. Refer to the list of alerts for WordPress comments for the complete list.
406
- * Audit log alerts for 404 (page not found) requests.
407
- * Audit log alerts for pages / posts / custom post types automatically created by plugins.
408
- * Added wildcard (*) support for when excluding Custom Fields.
409
- * New setting to customize From email address and display name (The [Reports](https://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/), [Email Alerts](https://www.wpsecurityauditlog.com/extensions/wordpress-email-notifications-add-on/) and [Users Sessions Management](https://www.wpsecurityauditlog.com/extensions/user-sessions-management-wp-security-audit-log/) add-ons have been updated to use the configured email address).
410
-
411
- * **New WordPress Audit Trail Alerts for Changes in Comments**
412
- * 2090: User approved a comment
413
- * 2091: User unapproved a comment
414
- * 2092: User replied to a comment
415
- * 2093: User edited a comment
416
- * 2094: User marked a comment as Spam
417
- * 2095: User marked a comment as not Spam
418
- * 2096: User moved a comment to trash
419
- * 2097: User moved a comment out from the trash
420
- * 2098: User permanently deleted a comment
421
- * 2099: Website visitor / User posted a comment (disabled by default. Enable it from the Enable/Disable Alerts node in the plugin menu)
422
-
423
- * **New WordPress Audit Trail Alerts for Plugins Activity**
424
- * 5019: Plugin automatically created a post
425
- * 5020: Plugin automatically created a page
426
- * 5021: Plugin automatically created a custom post type
427
- * 5025: Plugin automatically deleted a post
428
- * 5026: Plugin automatically deleted a page
429
- * 5027: Plugin automatically deleted a custom post type
430
-
431
- * **Other New WordPress Audit Trail Alerts**
432
- * 5031: User updated a theme
433
- * 2089: User moved an object as a sub-object in a menu
434
- * 6007: User / website visitor requested a non-existing page (404 ERROR)
435
-
436
- * **Improvements**
437
- * Standardized all alerts messages / Improved the text of all of them. Each post / page / custom post type alert has a linkt to the Editor now
438
-
439
- = 2.4.4 (2016-06-27) =
440
-
441
- * **Security fix**
442
- * Fixed a [cross-site scripting vulnerability](http://www.wpwhitesecurity.com/wordpress-security/wordpress-security-glossary-terms-keywords/#cross-site-scripting) in the function AjaxDisableCustomField()
443
-
444
- * **Bug fix**
445
- * Fixed the hide plugin setting which was not working in some scenarios. [Support Ticket](https://wordpress.org/support/topic/hide-plugin-in-plugins-page-not-working)
446
-
447
- = 2.4.3 (2016-06-01) =
448
-
449
- * **New Add-On Support**
450
- * Included code to support the new [Users Sessions Management Add-On](http://www.wpsecurityauditlog.com/extensions/user-sessions-management-wp-security-audit-log/), which allows you to see who is logged in to your WordPress and WordPress multisite networks.
451
-
452
- * **New Alerts in the WordPress Audit Trail**
453
- * 1004: A login attempt was blocked because a session with the same username already exists
454
- * 1005: Multiple logged-in sessions for the same WordPress username has been detected
455
-
456
- * **Improvement**
457
- * Plugin reports changes when an object is moved as a sub object in a menu.
458
-
459
- * **Bug fixes**
460
- * Fixed a problem where wrong permissions were assigned to the reports directory in the uploads directory for the [Reports Add-On](https://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/).
461
- * Fixed an issue where multiple incorrect changes were reported when changing the structure of a menu [Support ticket](https://wordpress.org/support/topic/multiple-entries-when-adding-menu-item).
462
- * Fixed a bug in the settings sensor [support ticket](https://wordpress.org/support/topic/php-warning-missing-argument-2-for-wsal_sensors_systemwpupdate?replies=1).
463
-
464
- = 2.4.2 (2016-04-26) =
465
-
466
- * **Improvement**
467
- * Removed hardcoded memory limit in database connector. Now all database connections are done via AJAX calls hence there is no need for such limits.
468
-
469
- = 2.4.1 (2016-04-20) =
470
-
471
- Read the [WP Security Audit Log 2.4 release notes](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/wp-security-audit-log-2-4-1-released/) for a detailed overview of what is new in this version.
472
-
473
- * **New Features**
474
- * New setting allowing the users to configure the timestamp of the alerts. Read the FAQ [How to change the time zone in the WordPress Audit Trial](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-documentation/faq-change-time-zone-wordpress-audit-trail/) for more information.
475
-
476
- * **New WordPress Security Alerts for Content title changes**
477
- * 2086: User changed the title of a post
478
- * 2087: User changed the title of a page
479
- * 2088: User changed the title of a custom post type
480
-
481
- * **Improvements**
482
- * Implemented AJAX calls for when migrating the WordPress Audit Trail between databases with the [External DB add-on](https://www.wpsecurityauditlog.com/extensions/external-database-for-wp-security-audit-log/)
483
-
484
- = 2.4 (2016-03-28) =
485
-
486
- Read the [WP Security Audit Log 2.4 release notes](https://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/integration-hooks-custom-alerts-monitoring-wordpress-menus-2-4) for a detailed overview of what is new.
487
-
488
- * **New Features**
489
- * Monitoring of WordPress menus changes from both admin pages and theme customizer.
490
- * New hook that allows users to create their own custom alerts. Read the [WP Security Audit Log Custom Alerts documentation](https://www.wpsecurityauditlog.com/documentation/create-custom-alerts-wordpress-audit-trail/) for more information.
491
- * New alerts for when a either a post, a post or a custom post type is scheduled.
492
-
493
- * **New WordPress Security Alerts for Menus**
494
- * 2078: User created a new menu
495
- * 2079: User added objects to menu
496
- * 2080: User removed object from menu
497
- * 2081: User deleted a menu
498
- * 2082: User changed menu settings
499
- * 2083: USer modified an object in menu
500
- * 2084: User renamed a menu
501
- * 2085: User changed the order of the objects in menu
502
-
503
- * **New WordPress Security Alerts for Scheduled Items**
504
- * 2074: User scheduled a post for publishing
505
- * 2075: User scheduled a page for publishing
506
- * 2076: User scheduled a custom post type for publishing
507
-
508
- * **Bug Fixes**
509
- * Fixed an issue where WordPress updated alerts were begin generated repeatedly upon accessing the updates page. [Support Ticket](https://wordpress.org/support/topic/weird-update-message-in-logs)
510
- * Fixed an issue where WordPress pruning was not working in an out of the box installation. [Support Ticket](https://wordpress.org/support/topic/huge-wsal-metadata-table-not-being-cleanedfixed)
511
- * Fixed a conflict with Migrate DB. [Support Ticket](https://wordpress.org/support/topic/wp-migrate-db-pro)
512
-
513
- = 2.3.3 (2016-02-16) =
514
- * **Bug Fixes**
515
- * Fixed an issue where automated WordPress updates were not being reported.
516
- * Improved error handling in database queries.
517
-
518
- = 2.3.2 (2016-01-21) =
519
- * **Bug Fix**
520
- * Fixed an issue with the login/logout sensor reported in this [ticket](https://wordpress.org/support/topic/undefined-index-log).
521
-
522
- = 2.3.1 (2016-01-16) =
523
- * **Improvement**
524
- * Improved the SQL queries used by the [Reports Add-On](http://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/)
525
-
526
- = 2.3 (2016-01-12) =
527
- * **New Features**
528
- * Keep track of changes on bbPress forums. For more detailed information read the [WP Security Audit Log 2.3 Release Notes](http://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/track-bbpress-forums-changes-with-wp-security-audit-log/)
529
-
530
- * **New WordPress Security Alerts**
531
- * 8000: User published a new forum
532
- * 8001: User changed the status of a forum
533
- * 8002: User changed the visibility of a forum
534
- * 8003: User changed the URL of a forum
535
- * 8004: User changed the order of a forum
536
- * 8005: User moved forum to trash
537
- * 8006: User permanently deleted a fourm
538
- * 8007: User restored a forum from trash
539
- * 8008: User changed the parent of a forum
540
- * 8009: User changed the role of forum auto user role
541
- * 8010: User changed the option for anonymous posting on forum
542
- * 8011: User changed the forum type
543
- * 8012: User changed the time setting to disallow editing of posts
544
- * 8013: User changed the time setting for post throttling
545
- * 8014: User created new forum topic
546
- * 8015: User changed the status of a forum topic
547
- * 8016: User changed the type of a forum topic
548
- * 8017: User changed the URL of a forum topic
549
- * 8018: User changed the forum for a topic
550
- * 8019: User moved a forum topic to trash
551
- * 8020: User permanently deleted a forum topic
552
- * 8021: User restored a forum topic from trash
553
- * 8022: User changed the visibility of a forum topic
554
-
555
- * **Improvements**
556
- * Improved the performance / queries of the Audit Log Viewer, hence now it is faster when retrieving alerts from bigger databases
557
- * Rewritten and improved the reporting engine for the [Reports Add-On](http://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/)
558
-
559
- * **Bug Fix**
560
- * Fixed an issue where administrators of sub domain websites could see the alerts of other websites from the dashboard widget in a multisite installation. [Ticket](https://wordpress.org/support/topic/in-wordpress-mu-all-users-can-view-the-widget-log-bug)
561
- * Fixed a SQL query error where a NULL value was being saved and it wasn't accepted. [Ticket](https://wordpress.org/support/topic/sql-error-using-wordpress-44)
562
-
563
- = 2.2 (2015-11-10) =
564
- * **New Features**
565
- * Aded the revision link in content change security alerts allowing you to see the actual content changes that took place on posts, pages and custom post types. [Learn More](http://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/record-all-wordpress-content-changes-wp-security-audit-log-plugin/)
566
-
567
- * **Bug Fixes**
568
- * Fixed an issue where user was allowed to disable all columns in Audit Log Viewer [Support ticket](https://wordpress.org/support/topic/audit-log-columns-selection-is-empty). Fix recommendation by Bates College.
569
-
570
- = 2.1.1 (2015-10-08) =
571
- * **New WordPress Security Alerts**
572
- * 2072: User modifies a post that is submitted for review
573
- * 2073: Contributor submits a post for review
574
-
575
- * **Improvements**
576
- * Added the functionality to search by Alert ID in [Search add-on](http://www.wpsecurityauditlog.com/extensions/search-add-on-for-wordpress-security-audit-log/)
577
- * When a background process is reports, plugin now reports "System" as username and not "unkown"
578
- * Improved the connection checks of the [External DB add-on](http://www.wpsecurityauditlog.com/extensions/external-database-for-wp-security-audit-log/) (now it also has a timeout for when incorrect IP / Host is specified)
579
-
580
- * **Bug Fixes**
581
- * Fixed an issue in the [Reports add-on](http://www.wpsecurityauditlog.com/extensions/compliance-reports-add-on-for-wordpress/) where not all available users were being listed to generate a report
582
- * Fixed an issue with licensing notifications - now all licensing notifications will be automatically dismissed upon activating a key.
583
- * Fixed an issue where the user reset passwords were not being recorded (since 4.3). [Ticket](https://wordpress.org/support/topic/wp-43-password-reset?replies=3)
584
-
585
- = 2.1.0 (2015-09-09) =
586
- * **New Features**
587
- * Support for the [External DB Add-on](http://www.wpsecurityauditlog.com/extensions/external-database-for-wp-security-audit-log/).
588
- * Integration with WhatIsMyIPAddress.com (Click an IP addresses in Audit Log viewer to get all information about it).
589
- * Settings to Incude or exclude specific columns from the Audit Log viewer.
590
- * Ability to exclude an IP address from monitoring
591
- * New option to disable the reporting of WordPress background tasks (such as deletion of auto draft posts)
592
-
593
- * **Bug Fixes**
594
- * Fixed a problem when trying to customize a widget via the theme customizer [support ticket](https://wordpress.org/support/topic/customizer-issues?replies=2).
595
- * Handling an error that was generated when someone logged in to a WordPress via social media channels.
596
- * Fixed: incorrect alert generated when a widget is moved from the bottom of a container to another.
597
- * Fixed: incorrect alert generated when a custom filed is deleted from a page.
598
- * Fixed an issue where post related actions were not reported for users with author and contributor roles.
599
- * Fixed an issue where in a specific scenario the settings in the options tabel were duplicate.
600
-
601
- = 2.0.1 (2015-08-05) =
602
- * **Minor Change**
603
- * Launched a new [WP Security Audit Log website](http://www.wpsecurityauditlog.com) and updated all relevant links.
604
-
605
- = 2.0.0 (2015-07-16) =
606
- * **New Features**
607
- * New database connector allowing faster and more efficient plugin to WordPress database communication
608
- * Added new option to switch the display time of alerts between 24 hour or 12 hour format
609
- * Sorting functionality in Audit Log Viewer (sort WordPress security alerts by date & time, code or username)
610
-
611
- * **Bug Fixes**
612
- * Fixed issue where super admin roles was not reported when logging in to "sub sites" in WordPress multisite
613
- * Fixed several formatting issues in the Audit Log Viewer (UI)
614
- * Fixed issue where multiple plugins were upgraded via the drop down menu and no alerts were being reported
615
- * Fixed: When unrestricting plugin access from a single admin was not working properly
616
-
617
- = 1.6.1 (2015-05-04) =
618
- * **Bug Fixes**
619
- * Fixed the monitoring of plugin updates for WordPress 4.2 [Support Ticket](https://wordpress.org/support/topic/not-logging-plugin-updates-in-42)
620
- * Fixed an issue where multiple plugin updates triggered by drop down menu were not being reported
621
- * Fixed a conflict with Magic Fields 2 plugin [Support Ticket](https://wordpress.org/support/topic/major-conflict-with-magic-fields-2)
622
- * Updated the escaping of add_query_arg() function which could result in a potential XSS
623
-
624
- = 1.6.0 (2015-04-16) =
625
- * **New Security Alerts**
626
- * 5010: plugin created new tables in the WordPress database
627
- * 5011: plugin modified the structure of a number of tables in the WordPress database
628
- * 5012: plugin deleted tables from the WordPress database
629
- * 5013: theme created new tables in the WordPress database
630
- * 5014: theme modified the structure of a number of tables in the WordPress database
631
- * 5015: theme deleted tables from the WordPress database
632
- * 5016: an unknown component created new tables in the WordPress database
633
- * 5017: an unknown component theme modified the structure of a number of tables in the WordPress database
634
- * 5018: an unknown component theme deleted tables from the WordPress database
635
- * 2052: a user changed the parent of a category
636
-
637
- = 1.5.2 (2015-04-07) =
638
- * **Bug Fix**
639
- * Removed a clause which changed the debug log path (used for testing) [Support Ticket](https://wordpress.org/support/topic/plugin-is-changing-error-log-location)
640
-
641
- = 1.5.1 (2015-03-26) =
642
- * **Improvements**
643
- * Completely removed the user of the is_admin() function to follow better security practises
644
-
645
- * **Bug Fixes**
646
- * Updated the licensing mechanism to correct problem where [WP Security Audit Log premium add-ons](http://www.wpsecurityauditlog.com/plugin-extensions/) could not be activated.
647
- * Fixed several issues where the database tables were not being created during install or upgrade. [Support ticket](https://wordpress.org/support/topic/wp_wsal_options-not-created-with-plugin-update?replies=8) and [Support ticket 2](https://wordpress.org/support/topic/missing-database-tables-1?replies=9)
648
- * Fixed an issue where the plugin did not monitor any activity in specific scenarios. [Support ticket](https://wordpress.org/support/topic/clean-install-not-reporting-when-posts-or-pages-are-creatededited?replies=4) and [Support ticket 2](https://wordpress.org/support/topic/blank-audit-log-page?replies=2)
649
- * Removed duplicate options in the settings page. [Support ticket](https://wordpress.org/support/topic/refresh-audit-view-refresh-audit-log-viewer?replies=5)
650
-
651
- = 1.5.0 (2015-03-18) =
652
- * **New Features**
653
- * Ability to exclude custom fields from monitoring (custom fields can be excluded from the Audit Log Viewer with a simple click or you can specify them in the settings)
654
- * Ability to exclude WordPress users and roles from monitoring
655
-
656
- * **Improvements**
657
- * WP Security Audit Log now has its own settings table in WordPress database. This will provide us with more flexibility and have more centralization of data
658
- * Updated the code where is_admin() function was being used to follow better security practises
659
-
660
- * **Bug Fixes**
661
- * Fixed a problem where a PHP exception was being thrown during the activation of the plugin [support ticket](https://wordpress.org/support/topic/php-error-alert-with-code-5001-has-not-be-registered?replies=11)
662
-
663
- = 1.4.1 (2015-03-12) =
664
- * **Bug Fix**
665
- * Fixed an issue where the IP address was not being reported for anyone using PHP version 5.3.3 or earlier [support ticket](https://wordpress.org/support/topic/invalid-ip-address-error?replies=4)
666
-
667
- = 1.4 (2015-02-24) =
668
- * **New Features**
669
- * WordPress username is now reported when a failed login is recorded - [More Details](http://www.wpsecurityauditlog.com/wordpress-user-monitoring-plugin-releases/wordpress-failed-logins-monitoring-improved/)
670
- * Plugin is now available in Romanian thanks to [Artmotion](http://www.artmotion.eu)
671
-
672
- * **Improvements**
673
- * Improved IP Address validation checks - if IP address format is incorrect the plugin reports "incorrect format" and not "unknown" - This will help us improve troubleshooting
674
- * Alerts pruning options are now added during activation of the plugin, making pruning options more reliable - existing pruning options will be retained
675
-
676
- * **Bug Fixes**
677
- * Fixed issue with the option "auto / manual" refresh of Audit Log Viewer
678
- * Fixed plugin uninstallation process (added new option to purge all plugin data from WordPress database upon uninstall)
679
-
680
- = 1.3.3 (2015-01-21) =
681
- * **New Features**
682
- * [Premium Add-Ons](http://www.wpsecurityauditlog.com/plugin-extensions/) will be hidden from the WordPress plugins page when the Hide plugin option is enabled.
683
-
684
- * **Improvements**
685
- * Updated some of the help text in plugin's settings page
686
- * Updated the text of some WordPress security alerts
687
-
688
- * **Bug Fixes**
689
- * Fixed a bug related to the reverse proxy / IP retrieval functionality
690
- * Fixed an issue related to Sandbox removal and upgrades [Support Ticket](https://wordpress.org/support/topic/fatal-error-undefined-method-on-upgrade)
691
-
692
- = 1.3.2 (2014-12-16) =
693
- * **New Features and Options**
694
- * Plugin automatically retrieves user's originating IP address even if WordPress is installed behind a reverse proxy, web application firewall or load balancer. For more information refer to [WP Security Audit Log, Reverse Proxies and WAFs](http://www.wpsecurityauditlog.com/documentation/automatically-retrieve-originating-wordpress-user-ip-address/)
695
- * New option to omit internal IP addresses from being reported in the WordPress security audit log
696
-
697
- * **Removed Functionality**
698
- * The sandbox was removed from the plugin. If you need to use the sandbox for troubleshooting and tested contact us since we migrated it to a standalone extension.
699
-
700
- * **Bug Fixes**
701
- * Fixed a bug where site administrators where not able to view the WordPress security alerts for their sites in a WordPress multisite installation
702
- * Improved some SQL queries as reported in this [support ticket](https://wordpress.org/support/topic/syntax-error-d-not-replaced?replies=10#post-6278773)
703
- * Fixed an issue with alerts pruning (when pruning was set by number of alerts the plugin was pruning all alerts)
704
-
705
- = 1.3.1 (2014-11-27) =
706
- * **New WordPress Security Alerts**
707
- * Alert 2065: The content of published post has been modified
708
- * Alert 2066: The content of published page has been modified
709
- * Alert 2067: The content of published custom post type has been modified
710
- * Alert 2068: The content of a draft post has been modified
711
- * Alert 2069: The content of a draft page has been modified
712
- * Alert 2070: The content of a draft custom post type has been modified
713
- * Alert 2071: Changed the position of a widget in the same container
714
-
715
- * **WordPress Security Audit Log Viewer Improvement**
716
- * Removed fixed width from columns, hence now they are dynamically resized depending on your resolution
717
-
718
- * **Bug Fixes**
719
- * Fixed an issue where alert 1001 (logout) was generated without a login [support ticket](https://wordpress.org/support/topic/too-many-records-with-1001-code?replies=2)
720
- * Fixed a PHP coding problem / invalid argument issue [support ticket](https://wordpress.org/support/topic/php-warning-invalid-argument-2?replies=4#post-6229565)
721
-
722
- = 1.3.0 (2014-10-30) =
723
- * **New WordPress Security Alerts**
724
- * Alert 2065: User modified the content of a blog post
725
- * Alert 2066: User modified the content of a WordPress page
726
- * Alert 2067: User modified the content of a custom post type
727
-
728
- * **Improvements**
729
- * We have also improved the code of some of the sensors which monitor the WordPress activity
730
-
731
- = 1.2.9 (2014-10-21) =
732
- * **Bug Fix**
733
- * Fixed an issue with the queries used for the alerts pruning as reported in this [support ticket](https://wordpress.org/support/topic/this-version-of-mysql-doesnt-yet-support).
734
-
735
- = 1.2.8 (2014-10-14) =
736
- * **New Feature**
737
- * Added new Extensions page to allow users to see which extensions they can use to increase the functionality of the plugin
738
- * Included licensing mechanism to support premium extensions
739
-
740
- * **Improvements**
741
- * Updated latest language files for German and Italian translations (also include corrections for some old translations)
742
-
743
- * **Bug Fixes**
744
- * Fixed a problem with the pruning of WordPress Security Alerts [support ticket](https://wordpress.org/support/topic/security-alerts-pruning-not-working-as-intended)
745
- * Fixed pagination issue in the Audit Log Viewer when running on WordPress multisite
746
-
747
- = 1.2.7 (2014-09-26) =
748
- * **New Feature**
749
- * New option "Restrict Plugin Access" that allows WordPress administrators to further restrict access to the plugin and the WordPress security alerts
750
-
751
- * **Improvements**
752
- * Updated the Audit Log Viewer backend to retriev WordPress security alerts much faster and consume less resources on large websites
753
- * Moved the Audit Log plugin menu entry underneath the dashboard entry for better access
754
- * Several minor enhancements to the plugin to perform better on large WordPress installations
755
-
756
- * **Bug Fixes**
757
- * Fixed an uncaught exception with Logout Alert 1001 [support ticket](https://wordpress.org/support/topic/uncaught-exception-2)
758
-
759
- = 1.2.6 (2014-08-20) =
760
- * **Improvements**
761
- * Several performance improvements and tweaks applied
762
- * Updated Italian translations
763
-
764
- * **Bug Fixes**
765
- * Fixed an issue with URLs of plugin pages [support ticket](http://wordpress.org/support/topic/admin-cannot-access-settings)
766
- * Fixed an uncaught exception with Logout Alert 1001 [support ticket](http://wordpress.org/support/topic/fatal-error-1311)
767
- * Fixed error on logout issue [support ticket](http://wordpress.org/support/topic/error-at-logou)
768
- * Fixed uncaught exception with specific Alert Codes [support ticket](http://wordpress.org/support/topic/uncaught-exception-2)
769
-
770
- = 1.2.5 (2014-08-12) =
771
- * **New Feature**
772
- * Monitoring of custom fields in WordPress posts, pages and custom post types.
773
-
774
- * **New WordPress Security Alerts**
775
- * Alert 2053: User created new custom field in blog post
776
- * Alert 2054: User modified the value of custom field in blog post
777
- * Alert 2055: User deleted a custom field in blog post
778
- * Alert 2062: User renamed custom field in blog post
779
- * Alert 2059: User created new custom field in page
780
- * Alert 2060: User modified the value of custom field in page
781
- * Alert 2061: User deleted custom field from page
782
- * Alert 2063: User renamed custom field in
783
- * Alert 2056: User created new custom field in custom post type
784
- * Alert 2057: User modified the value of custom field in custom post type
785
- * Alert 2058: User deleted a custom field from custom post type
786
- * Alert 2064: User renamed custom field in custom post type
787
-
788
- * **Improvements**
789
- * Improved the writing and reading of WordPress alerts from the WordPress database (plugin runs more efficiently on high traffic WordPress and WordPress multisite installations)
790
- * Improved the monitoring of WordPress login and logout actions
791
- * Applied various plugin performance tweaks
792
-
793
- * **Bug Fixes**
794
- * Fixed a specific issue where user and user role where not being reported ([ticket](http://wordpress.org/support/topic/showing-unknown-user-logged-out-but-never-logged-in?replies=11))
795
- * Fixed an error which was being reported during user logout in specific scenarios ([ticket](http://wordpress.org/support/topic/error-at-logou?replies=3))
796
- * Fixed a CSRF vulnerability reported by Kévin FALCOZ aka 0pc0deFR
797
-
798
- = 1.2.4 (2014-07-27) =
799
- * **Improvements**
800
- * Improved monitoring of failed logins, addressed issues reported [here](http://wordpress.org/support/topic/horrible-performance#post-), [here](http://wordpress.org/support/topic/much-too-much-sql-load#post-), [here](http://wordpress.org/support/topic/overload-due-to-this-plugin#post-) and [here](http://wordpress.org/support/topic/mysql-200-cpu-time-copying-to-tmp-table)
801
-
802
- = 1.2.3 (2014-07-23) =
803
- * **Improvements**
804
- * Improved database structure for better support of high-traffic WordPress and WordPress multisite installations
805
- * Developer options are reset during updates for improved performance
806
- * Added a warning / note to the developer options (such options should NEVER be enabled on live websites but only on testing, staging and development websites)
807
-
808
- * **Bug Fixes**
809
- * Fixed database issue with primary key constraint
810
-
811
- = 1.2.2 (2014-07-16) =
812
- * **New Features**
813
- * Italian translation available thanks to [Leonardo Musumeci](http://leonardomusumeci.net/)
814
-
815
- * **Improvements**
816
- * Added a warning for developer options
817
- * "Hidden" developer options from default settings; user has to click link to access developer settings
818
- * Backtrace logging now made optional from a developer setting
819
-
820
- * **Bug Fixes**
821
- * Solved several issues related to translations. Now everything in the plugin is translatable
822
- * Fixed several other issues reported by email
823
-
824
- = 1.2.1 (2014-07-2) =
825
- * **Bug Fix**
826
- * Fixed reported issue with upgrade (more info [here](http://wordpress.org/support/topic/errors-showing-since-120-upgrade-on-multisite-install?replies=4))
827
-
828
- = 1.2.0 (2014-07-2) =
829
- * **New Features**
830
- * Unlimited Alerts can be stored (removed the 5000 alerts limit)
831
- * Alert time now includes milliseconds for more precision (ideal for auditing and compliance)
832
- * Reported alert time is now relative to user's configured timezone
833
- * Alerts automatic pruning procedures can now be enabled / disabled
834
- * Option to hide WP Security Audit Log from Plugins page in WordPress
835
- * If there are more than 15 websites in a multisite installation, an auto complete site search box is shown instead of the drop down menu
836
-
837
- * **New WordPress Security Alerts**
838
- * Alert 5007: User has uninstalled / deleted a theme
839
- * Alert 5008: Super administrator network activated a theme on multisite
840
- * Alert 5009: Super administrator network deactivated a theme on multisite
841
-
842
- = 1.1.0 (2014-05-27) =
843
- * **New Features**
844
- * User avatar is shown in the alert to allow administrators to easily recognize users and their activity
845
- * Clickable username in alerts allow administrators to access user's profile instantly
846
- * User role is reported in alert so administrators can easily track any suspicious behaviour
847
- * PHP Version checker; upon installation the plugin will check what version of PHP is installed on the system
848
-
849
- * **New WordPress Security Alert for monitoring plugin files**
850
- * Alert 2051: User changed a plugin file using the plugin editor (note: filename and location will also be reported in the alert)
851
-
852
- * **Bug fixes**
853
- * Fixed wrapping problem in alerts dashboard widget
854
- * Fixed upgrade script to properly create the new tables in the WordPress database
855
-
856
- = 1.0 (2014-05-20) =
857
- * Complete plugin rewrite making the new version more stable and scalable
858
-
859
- * **New Features**
860
- * New Audit Log viewer
861
- * Auto refresh of security alerts - WordPress administrators do not need to refresh the Audit Log Viewer page to see new alerts
862
- * Data Inspector reports more insider information about each alert (can be enabled from settings)
863
- * Sandbox allows developers to execute PHP code for troubleshooting (can be enabled from settings)
864
- * Request Log that logs all HTTP GET and POST requests done on WordPress (can be enabled from settings)
865
- * Logging of PHP Errors; ideal for developers who want to monitor WordPress for any errors (can be enabled from settings)
866
- * New Support and About Us page that you should check out!
867
-
868
- * **New WordPress Security Alerts for monitoring themes, WordPress settings, files and much more**
869
- * Alert 2046: User modified a file using the editor
870
- * Alert 2047: User changed parent of page
871
- * Alert 2048: User changed template of page
872
- * Alert 2049: User set post as sticky
873
- * Alert 2050: User removed post from Sticky
874
- * Alert 5005: User installed a new theme
875
- * Alert 5006: User activated a theme
876
- * Alert 6004: User upgraded WordPress
877
- * Alert 6005: User changed the WordPress permalinks
878
-
879
- * **New WordPress Developer Alerts**
880
- * Alert 0000: Unknown error
881
- * Alert 0001: PHP Error
882
- * Alert 0002: PHP Warning
883
- * Alert 0003: PHP Notice
884
- * Alert 0004: PHP Exception
885
- * Alert 0005: PHP Shutdown Error
886
-
887
- = 0.6.3 (2014-02-18) =
888
- * **Bug Fix**
889
- * Disabled debugging by default (left enabled by mistake)
890
-
891
- = 0.6.2 (2014-02-03) =
892
- * **Bug Fix**
893
- * Fixed a number of database issues introduced with the WordPress Multisite Support
894
- * Fixed issue with supporting pre WordPress 3.0 multisite installations (support tickets [here](http://wordpress.org/support/topic/errors-on-06-fresh-installation?replies=9) and [here](http://wordpress.org/support/topic/upgrade-to-06-infinite-do-loop-in-refresh-alerts-list?replies=3))
895
-
896
- = 0.6.1 (2014-01-16) =
897
- * **Bug Fix**
898
- * Fixed errors in debug code (used for when debugging is enabled in plugin)
899
-
900
- = 0.6 (2014-01-15) =
901
- * **New Plugin Feature**
902
- * WordPress Multisite Support [Read More](http://www.wpsecurityauditlog.com/documentation/wordpress-multisite-plugin-features-support/)
903
-
904
- * **New WordPress Security Alerts for monitoring specific multisite activity on a WordPress multisite network installation**
905
- * Alert 4008: User is granted super admin privileges (network)
906
- * Alert 4009: Super admin privileges (network) are revoked from a user
907
- * Alert 4010: Added an existing user to a site and assigned a specific role
908
- * Alert 4011: Removed user with a specific role from a site
909
- * Alert 4012: New user created on the network
910
- * Alert 7000: Added a new site to network
911
- * Alert 7001: A site was archived
912
- * Alert 7002: A site was unarchived
913
- * Alert 7003: A site was activated
914
- * Alert 7004: A site was deactivated
915
- * Alert 7005: A site was deleted
916
-
917
- * **Plugin Improvements**
918
- * Plugin settings page to have the same look and feel of the new WordPress dashboard (3.8)
919
-
920
- = 0.5.1 (2013-12-11) =
921
- * **Bug Fix**
922
- * Fixed an issue with Edit Post function (in very specific cases) (http://wordpress.org/support/topic/was-working-great-no-post-edit-function-now)
923
-
924
- = 0.5 (2013-11-06) =
925
- * **New WordPress Security Alerts for monitoring of Widgets**
926
- * Alert 2042: New widget was added
927
- * Alert 2043: A widget was modified
928
- * Alert 2044: A widget was deleted
929
- * Alert 2045: A widget was moved
930
-
931
- * **New Plugin Features**
932
- * New setting to allow specific user(s) and role(s) to view the Audit Log Viewer (read only)
933
- * New setting to allow specific user(s) and role(s) to manage the WP Security Audit Log plugin (can change plugin settings, enable disable WordPress security alerts etc)
934
-
935
- * **Plugin Improvements**
936
- * Renamed "login/logout" tab in "Enable/Disable Alerts" section to plugins to "Other User Activity"
937
- * Added the files alerts (uploaded / delete files) to the "Enable/Disable Alerts" (previously unavailable)
938
-
939
- * **Bug Fixes**
940
- * Fixed issue where all users were able to see the Dashboard widgets with security alerts - now restricted only to users who have access to the plugin
941
- * Fixed user reported issue (http://wordpress.org/support/topic/errors-on-enabledisable-alerts-page)
942
-
943
- = 0.4 (2013-10-09) =
944
- * **New WordPress Security Alerts for Custom Post Types**
945
- * Alert 2029: New post with custom post type created and saved as draft
946
- * Alert 2030: Post with custom post type is publishes
947
- * Alert 2031: A published post with custom post type is modified
948
- * Alert 2032: A draft post with custom post type is modified
949
- * Alert 2033: A post with custom post type was permanently deleted
950
- * Alert 2034: A post with custom post type was moved to trash
951
- * Alert 2035: A post with custom post type was restored from trash
952
- * Alert 2036: The category of a post with custom post type was changed
953
- * Alert 2037: The URL of a post with custom post type was changed
954
- * Alert 2038: The author of a post with custom post type was changed
955
- * Alert 2039: The status of a post with custom post type was changed
956
- * Alert 2040: The visibility of a post with custom post type was changed
957
- * Alert 2041: The date of a post with custom post type was changed
958
-
959
- * **New Plugin Features**
960
- * Enable/Disable Alerts node that allows WordPress administrators to switch on or off specific WordPress security alerts
961
- * Dashboard widget that shows the latest 5 WordPress security alerts (widget can be switched on or off from the plugin settings)
962
- * Plugin is now language aware and we can accept translations
963
-
964
- * **Plugin Improvements**
965
- * Updated settings page to have the same look and feel of WordPress
966
- * Improved the upgrade procedure of the plugin
967
- * Updated the Audit Log Viewer display to support more resultions such as those of tables and smartphones
968
-
969
- = 0.3 (2019-09-19) =
970
-
971
- * **New WordPress Security Alerts**
972
- * Alert 6001: Anyone can Register option in WordPress settings was changed
973
- * Alert 6002: Default use role in WordPress settings was changed
974
- * Alert 6003: Administrator notification email in WordPress settings was changed
975
- * Alert 2025: Visibility of a blog post was changed
976
- * Alert 2026: Visibility of a page was changed
977
- * Alert 2027: Date of a blog post was changed
978
- * Alert 2028: Date of a page was changed
979
-
980
- * **Plugin Improvements**
981
- * Links to the Audit Log Viewer and Settings in the plugin summary page
982
- * Time of Failed Login alerts now reflects the time of last failed login attempt
983
-
984
- * **Bug Fixes**
985
- * Fixed: Incorrect alerts generated when author of page was changed from quick edit mode
986
- * Fixed: Conflict with WP Mandrill and other plugins using pluggable.php
987
- * Fixed: Incorrect alerts generated when plugin is installed via a zip file / upload method
988
-
989
- = 0.2 (2013-08-12) =
990
-
991
- * Restricted plugin options and WordPress Audit Log Event Viewer only to WordPress administrators
992
- * Improved failed logins events (events generated from the same IP, or same username will be grouped to avoid mass flooding of security events)
993
- * Security Events pruning now uses wp-cron functionality (improved stability and reliability of events pruning)
994
- * Applied several performance improvements (faster loading of events etc)
995
- * Added support for permalinks; now events will include page or blog post URL rather than ID
996
- * Added new alerts for when a page or blog post status is changed from draft, pending review or published
997
- * Added new alert for when a page or blog post URL or author is changed
998
- * Added new alert for when a blog post category is changed
999
- * Added new alerts for when a user creates or deletes a category
1000
- * Added new alert for when the author of a blog post or page is changed
1001
- * Added new plugin alerts for when a plugin is installed, uninstalled or upgraded
1002
- * Updated navigation menu to use standard WordPress dashboard icons etc
1003
-
1004
- = 0.1 (2013-05-24) =
1005
-
1006
- * Initial beta release of WP Security Audit Log.
6
  License URI: http://www.gnu.org/licenses/gpl.html
7
  Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report, wordpress audit trail
8
  Requires at least: 3.6
9
+ Tested up to: 4.8.2
10
+ Stable tag: 2.6.9
11
 
12
  Keep an audit trail of all changes and under the hood WordPress activity to ensure productivity and thwart possible WordPress hacker attacks.
13
 
119
  * [WPLift](http://wplift.com/audit-wordpress-security-logs) - Review by Ahmad Awais
120
  * [WP SmackDown](https://wpsmackdown.com/wp-plugins/wp-security-audit-log/)
121
  * [WPKube](http://www.wpkube.com/improve-wordpress-security-wp-security-audit-log/)
122
+ * [KevinMuldoon.com](https://www.kevinmuldoon.com/wp-security-audit-log-review/)
123
  * [Cloudways](https://www.cloudways.com/blog/monitor-wordpress-with-wp-security-audit-log-plugin/)
124
  * [ManageWP Plugins of the month](https://managewp.com/free-wordpress-plugins-june-2014)
125
  * [MyWPExpert](http://www.mywpexpert.com/wp-security-audit-log/)
143
  * Italian translation by [Leonardo Musumeci](http://leonardomusumeci.net/)
144
  * German translation by [Mourad Louha](http://excel-translator.de)
145
  * Spanish translation by the [WP Body team](https://wpbody.com/)
146
+ * French translations by Denis Moscato
147
 
148
  = Related Links and Documentation =
149
  For more information and to get started with WordPress Security, check out the following:
190
 
191
  == Changelog ==
192
 
193
+ = 2.6.9 (2017-10-24) =
194
 
195
+ * **New Audit Trail Alerts for logging of Tag changes**
196
+ * Alert 2119: User added tag to a post
197
+ * Alert 2120: User removed a tag from a post
198
+ * Alert 2121: User added new tag on WordPress
199
+ * Alert 2122: User deleted a tag from WordPress
200
+ * Alert 2123: User renamed a tag
201
+ * Alert 2124: User changed the slug of a tag
202
+ * Alert 2125: User changed the description of a tag
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
203
 
204
+ * **New Audit Trail Alerts for logging of User Profile Changes**
205
+ * Alert 4017: Changed the first name of a user
206
+ * Alert 4018: Changed the last name of a user
207
+ * Alert 4019: Changed the nickname of a user
208
+ * Alert 4020: Changed the display name of a user
209
 
210
+ * **New Functionality**
211
+ * New hover over option to modify alerts' behaviour. This applies to alerts that have configuration such as 1002, 1003, 6007 and 6023.
212
+ * Option to record referrer URL in log file when logging 404 errors to a log file.
213
+ * Option to specify how many failed logins the plugin should log.
214
+ * Option to capture the usernames used during failed login attempts with non WordPress users.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
215
 
 
 
 
 
 
 
 
216
  * **Improvements**
217
+ * Drop down menu to select number of alerts to display in Audit Log Viewer now has only fixed numbers.
218
+ * Renamed first column to Alert ID (standardising text in plugin)
219
+ * New French translation by Denis Moscato
 
 
 
 
 
220
 
221
+ Refer to the [WP Security Audit Log change log on the plugin page](https://www.wpsecurityauditlog.com/plugin-change-log/) for a complete changelog.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
wp-security-audit-log.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: WP Security Audit Log
4
  Plugin URI: http://www.wpsecurityauditlog.com/
5
  Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6
  Author: WP White Security
7
- Version: 2.6.8
8
  Text Domain: wp-security-audit-log
9
  Author URI: http://www.wpsecurityauditlog.com/
10
  License: GPL2
@@ -36,7 +36,7 @@ class WpSecurityAuditLog {
36
  *
37
  * @var string
38
  */
39
- public $version = '2.6.8';
40
 
41
  // Plugin constants.
42
  const PLG_CLS_PRFX = 'WSAL_';
4
  Plugin URI: http://www.wpsecurityauditlog.com/
5
  Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
6
  Author: WP White Security
7
+ Version: 2.6.9
8
  Text Domain: wp-security-audit-log
9
  Author URI: http://www.wpsecurityauditlog.com/
10
  License: GPL2
36
  *
37
  * @var string
38
  */
39
+ public $version = '2.6.9';
40
 
41
  // Plugin constants.
42
  const PLG_CLS_PRFX = 'WSAL_';