• WP Security Audit Log – a must for WordPress security oversight and resilience

    11 Apr 2019

    Not long ago I moved my information security consulting business website to WordPress – something I thought I’d never do. The burden of hosting it myself combined with the hassles of working with Dreamweaver forced the change. I wasn’t initially a big fan of WordPress…it’s almost too much to take on. This coming from a technical guy who hosted Apache on Windows and did most of my administration at the command prompt.

    While WordPress is rich in website development/management features, one thing I noticed was its lack of security controls. And that’s not something anyone running WordPress should take lightly! There are too many web security vulnerabilities and there’s just too much to lose, even for the smallest of businesses. Many of my WordPress security concerns have been addressed thanks to my long-time colleague and friend, Robert Abela, creating WP Security Audit Log. This WordPress plug-in fills in the blanks for what I was looking for (literally looking and looking) inside WordPress. WP Security Audit Log helps with security and compliance in terms of tracking, monitoring, and responding to potential and confirmed security incidents within WordPress. The tool also simplifies WordPress troubleshooting, like when you’re creating or moving a new website to the platform. It’s amazing how many link and coding errors happen that might otherwise be overlooked.

    Here are a couple of screenshots of some of WP Security Audit Log’s security features:


    WordPress logging and alerting options
    WordPress file integrity check options

    The logging/alerting options are a nice way to consolidate issues so you can be notified of security-related anomalies via email and, just recently, SMS. I particularly like the file integrity scanning features. This is good for being alerted to website files that might change without you being involved or ever noticing.

    Check out WP Security Audit Log. Having known Robert for the past decade, he’s a true professional and expert in web and WordPress security. Given its pricing and what’s at stake, if you use WordPress, there’s no reason to not have such a tool. Information security in business has evolved into what’s defensible and what’s not. Best to be on the proactive side of that equation!

Resources

view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security appsec basics books careers censorship CISO CISSP cities compliance coronavirus covid-19 cybersecurity data breaches hacking Hacking For Dummies heads in sand health incident response information risk keynote speaker leadership macOS networked cameras passwords patching racing resilience Russian hacking SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok time management training vulnerability and penetration testing web security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

For your convenience I accept