Start learning with our library of video tutorials taught by experts. Get started
Viewed by members. in countries. members currently watching.
This course explains how to secure self-hosted WordPress sites, including site configuration, code modification, and the use of free plug-ins. Beginning with the basics of site security, author Jeff Starr explains how to harden a WordPress site by configuring authentication keys, setting proper file permissions, and removing version numbers. The course shows how to implement a firewall, prevent automated spam, and control proxy access, and concludes with a series of advanced tips and site security best practices.
For sites with multiple users, it can be helpful to have a detailed record of what they're doing while working in the Admin area. Being able to look at a history log of user activity makes it easier to correct errors and resolve issues. In this screencast, we'll see how to keep an eye on user activity with the ThreeWP Activity Monitor plug-in, which does a great job of logging user actions with a simple, easy-to-use interface.
Let's look at the plug-in by going to Add New and typing in ThreeWP Activity Monitor and doing a search. Click on the Details link for the first result. We can see that it is compatible with the latest version of WordPress, it's been downloaded a fair number of times, and it was recently updated. It also enjoys stellar ratings based on seven votes. The description of the plug-in tells us that this plug-in records login attempts, anytime someone tries to reset or retrieve their password. It records creation of posts, pages, editing of comments, and much more.
Basically anything that someone is doing in the admin area this plug-in is going to keep a record of. And as we see here, installation is as usual, and since the plug-in is already installed on the site, let's go ahead and close out of this screen, scroll up, and click on the Dashboard menu, and then on Activity Monitor to go to the Activity Monitor overview page. Here is the ThreeWP Overview screen where user activity is displayed with a nice graphic user interface. No settings to configure here.
Next we have the Settings screen where the default settings are pre-filled and work great. If you have some reason for changing any of these values, go right ahead. You can limit the size of the database here and if you want other lesser roles to manage the activity of the logs that are created by this plug-n, you can fine-tune that information here. Click Apply to save any changes and then lastly, hop over to the Uninstall screen, where you'll find convenient options for uninstalling and removing the plug-in, if/when necessary.
And that's all there is to it. It's very straightforward. The plug-in should now be monitoring user activity in the Admin area. So with everything configured, let's see it in action. Here is what we want to do. We want to log out, log in, create a page, create a post, and then delete the page. So let's do that. Let's log out and then log in and then create a page and a post, and this is totally random, just to see the plug-in work. And finally, let's go back and delete the page.
After all of that activity, the plug-in should have recorded everything for us and display it here in the log screen. Returning to the Activity Monitor screen, we see the sheer awesomeness of this plug-in, with convenient links for each logged activity and a nice-looking icon for easy recognition of various actions. It's really a great way to keep an eye on what's going on in the Admin area. In this screencast, we've seen how to use the ThreeWP Activity Monitor plug-in to keep an eye on user activity in the Admin area.
This provides valuable information that will help if and when something goes wrong, making it easier to backtrack steps and return everything to normal.
There are currently no FAQs about WordPress 3: Developing Secure Sites.
Access exercise files from a button right under the course name.
Search within course videos and transcripts, and jump right to the results.
Remove icons showing you already watched videos if you want to start over.
Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.
Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.