• WP Security Audit Log – a must for WordPress security oversight and resilience

    11 Apr 2019

    Not long ago I moved my information security consulting business website to WordPress – something I thought I’d never do. The burden of hosting it myself combined with the hassles of working with Dreamweaver forced the change. I wasn’t initially a big fan of WordPress…it’s almost too much to take on. This coming from a technical guy who hosted Apache on Windows and did most of my administration at the command prompt.

    While WordPress is rich in website development/management features, one thing I noticed was its lack of security controls. And that’s not something anyone running WordPress should take lightly! There are too many web security vulnerabilities and there’s just too much to lose, even for the smallest of businesses. Many of my WordPress security concerns have been addressed thanks to my long-time colleague and friend, Robert Abela, creating WP Security Audit Log. This WordPress plug-in fills in the blanks for what I was looking for (literally looking and looking) inside WordPress. WP Security Audit Log helps with security and compliance in terms of tracking, monitoring, and responding to potential and confirmed security incidents within WordPress. The tool also simplifies WordPress troubleshooting, like when you’re creating or moving a new website to the platform. It’s amazing how many link and coding errors happen that might otherwise be overlooked.

    Here are a couple of screenshots of some of WP Security Audit Log’s security features:

    WordPress logging and alerting options
    WordPress file integrity check options

    The logging/alerting options are a nice way to consolidate issues so you can be notified of security-related anomalies via email and, just recently, SMS. I particularly like the file integrity scanning features. This is good for being alerted to website files that might change without you being involved or ever noticing.

    Check out WP Security Audit Log. Having known Robert for the past decade, he’s a true professional and expert in web and WordPress security. Given its pricing and what’s at stake, if you use WordPress, there’s no reason to not have such a tool. Information security in business has evolved into what’s defensible and what’s not. Best to be on the proactive side of that equation!