The WordPress security and auditing plugin WP Security Audit Log generates a WordPress security alert for each activity it logs. WordPress security alerts can be viewed from the Audit Log Viewer, which is installed with the plugin itself. Refer to the below tables for more information about each WordPress security alert. Click on any of the index links below to access directly a specific category of WordPress Security Alerts.

WordPress Blog Posts Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress blog posts activity.

Alert Code
Type
Description
2000NOTICEUser created a new blog post and saved it as draft
2001NOTICEUser published a blog post
2002NOTICEUser modified a published blog post
2003NOTICEUser modified a draft blog post
2008NOTICEUser permanently deleted a blog post from the trash
2012WARNINGUser moved a blog post to the trash
2014CRITICALUser restored a blog post from trash
2016NOTICEUser changed blog post category
2017NOTICEUser changed blog post URL
2019NOTICEUser changed blog post author
2021NOTICEUser changed blog post status
2023NOTICEUser created new category
2024WARININGUser deleted category
2025WARNINGUser changed the visibility of a blog post
2027NOTICEUser changed the date of a blog post
2049NOTICEUser sets a post as sticky
2050NOTICEUser removes a post from sticky
2053NOTICEUser created a new custom field
2054NOTICEUser modified the value of a custom field
2055NOTICEUser deleted a custom field
2062NOTICEUser renamed a custom field
2065NOTICEUser modified the content

WordPress Pages Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress pages activity.

Alert Code
Type
Description
2004NOTICEUser created a new WordPress page and saved it as draft
2005NOTICEUser published a WorPress page
2006NOTICEUser modified a published WordPress page
2007NOTICEUser modified a draft WordPress page
2009NOTICEUser permanently deleted a page from the trash
2013WARNINGUser moved WordPress page to the trash
2015CRITICALUser restored a WordPress page from trash
2018NOTICEUser changed page URL
2020NOTICEUser changed page author
2022NOTICEUser changed page status
2026WARNINGUser changed the visibility of a page post
2028NOTICEUser changed the date of a page post
2047NOTICEUser changed the parent of a page
2048CRITICALUser changed the template of a page
2059NOTICEUser created new custom field
2060NOTICEUser modified the value of a custom field
2061NOTICEUser deleted a custom field
2063NOTICEUser renamed a custom field
2066NOTICEUser modified the content

WordPress Custom Posts Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin when monitoring WordPress custom posts activity.

Alert Code
Type
Description
2029NOTICEUser created a new post with custom post type and saved it as draft
2030NOTICEUser published a post with custom post type
2031NOTICEUser modified a post with custom post type
2032NOTICEUser modified a draft post with custom post type
2033WARNINGUser permanently deleted post with custom post type
2034WARNINGUser moved post with custom post type to trash
2035CRITICALUser restored post with custom post type from trash
2036NOTICEUser changed the category of a post with custom post type
2037NOTICEUser changed the URL of a post with custom post type
2038NOTICEUser changed the author or post with custom post type
2039NOTICEUser changed the status of post with custom post type
2040WARNINGUser changed the visibility of a post with custom post type
2041NOTICEUser changed the date of post with custom post type
2056NOTICEUser created a custom field
2057NOTICEUser modified the value of a custom field
2058NOTICEUser deleted a custom field
2064NOTICEUser renamed a custom field
2067NOTICEuser modified the content

WordPress Widgets Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress widgets activity.

Alert Code
Type
Description
2042CRITICALUser added a new widget
2043WARNINGUser modified a widget
2044CRITICALUser deleted widget
2045NOTICEUser moved widget

WordPress Users Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress user activity.

Alert Code
Type
Description
1000NOTICEUser logs in
1001NOTICEUser Logs out
1002WARNINGFailed login detected
2010NOTICEUser uploaded a file to the uploads directory
2011WARNINGUser deleted a file from the uploads directory
2046CRITICALUser changed a theme file using the theme editor
2051CRITICALUser changed a plugin file using the plugin editor

WordPress Users Profiles Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress user profiles changes.

Alert Code
Type
Description
4000CRITICALA new user was created on WordPress
4001CRITICALA user created another WordPress user
4002CRITICALThe role of a user was changed by another WordPress user
4003CRITICALUser has changed his or her password
4004CRITICALA user changed another user's password
4005NOTICEUser changed his or her email address
4006NOTICEA user changed another user's email address
4007CRITICALA user was deleted by another user

WordPress Plugins & Themes Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress plugins and themes activity.

Alert Code
Type
Description
5001CRITICALUser activated a WordPress plugin
5002CRITICALUser deactivated a WordPress plugin
5000CRITICALUser installed a plugin
5003CRITICALUser uninstalled a plugin
5004WARNINGUser upgraded a plugin
5005CRITICALUser installed a new theme
5006CRITICALUser activated a theme
5007CRITICALUser uninstalled (deleted) a theme

WordPress Settings & System Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress settings and system activity.

Alert Code
Type
Description
6000NOTICEEvents automatically pruned by system
6001CRITICALOption Anyone Can Register in WordPress settings changed
6002CRITICALNew User Default Role changed
6003CRITICALWordPress Administrator Notification email changed
6004CRITICALUser updated / upgraded WordPress
6005CRITICALUser changed the WordPress permalinks
0000CRITICALUnknown Error
0001CRITICALPHP Error
0002WARNINGPHP Warning
0003NOTICEPHP Notice
0004CRITICALPHP Exception
0005CRITICALPHP Shutdown error

WordPress Multisite Network Activity Security Alerts

The below table contains a list of WordPress security alerts that can be generated by WP Security Audit Log plugin while monitoring WordPress Multisite network installations.

Alert Code
Type
Description
4008CRITICALUser granted Super Admin privileges
4009CRITICALUser revoked from Super Admin privileges
4010CRITICALExisting user added to a site
4011CRITICALUser removed from site
4012CRITICALNew network user created
7000CRITICALNew site added on network
7001CRITICALExisting site archived
7002CRITICALArchived site has been unarchived
7003CRITICALDeactivated site has been activated
7004CRITICALSite has been deactivated
7005CRITICALExisting site deleted from network
5008CRITICALSuper administrator network activated a theme
5009CRITICALSuper administrator network deactivated a theme

Monitoring Activity on your WordPress Blog or Website

We are always working on improving WP Security Audit Log WordPress security plugin to generate more WordPress security alerts by logging and keeping an audit of much more WordPress and WordPress users activity. Get in touch with us and send us your feedback on plugins@wpwhitesecurity.com. If you would like to monitor a particular activity on your WordPress blog or website sent us an email on plugins@wpwhitesecurity.com.

Get Notified Instantly of Changes on Your WordPress

The WSAL Notifications Extension plugin enables WordPress administrators to setup monitoring rules so they are notified instantly via email when important changes happen on their WordPress.

Learn More