Description
Simple History shows recent changes made within WordPress, directly on your dashboard or on a separate page.
The plugin works as a log/history/audit log/version history of the most important events that occur in WordPress.
It’s a plugin that is good to have on websites where several people are involved in editing the content.
Out of the box Simple History has support for:
-
Posts and pages – see who added, updated or deleted a post or page
-
Attachments – see who added, updated or deleted an attachment
-
Taxonomies (Custom taxonomies, categories, tags) – see who added, updated or deleted an taxonomy
-
Comments – see who edited, approved or removed a comment
-
Widgets – get info when someone adds, updates or removes a widget in a sidebar
-
Plugins – activation and deactivation
-
User profiles – info about added, updated or removed users
-
User logins – see when a user login & logout. Also see when a user fails to login (good way to catch brute-force login attempts).
-
Failed user logins – see when someone has tried to log in, but failed. The log will then include ip address of the possible hacker.
-
Menu edits
-
Option screens – view details about changes made in the different settings sections of WordPress. Things like changes to the site title and the permalink structure will be logged.
-
Privacy page – when a privacy page is created or set to a new page.
-
Data Export – see when a privacy data export request is added and when this request is approved by the user, downloaded by an admin, or emailed to the user.
-
User Data Erasure Requests – see when a user privacy data export request is added and when this request is approved by the user and when the user data is removed.
Support for third party plugins
By default Simple History comes with built in support for the following plugins:
-
Jetpack – The Jetpack plugin is a plugin from Automattic (the company behind the WordPress.com service) that lets you supercharge your website by adding a lot of extra functions.
In Simple History you will see what Jetpack modules that are activated and deactivated. -
Advanced Custom Fields (ACF) – ACF adds fields to your posts and pages.
Simple History will log changes made to the field groups and the fields inside field groups. Your will see when both field groups and fields are created and modified. -
User Switching – The User Switching plugin allows you to quickly swap between user accounts in WordPress at the click of a button.
Simple History will log each user switch being made. -
WP Crontrol – The WP Crontrol plugin enables you to view and control what’s happening in the WP-Cron system.
Simple History will log when cron events are added, edited, deleted, paused, resumed, and manually ran, and when cron schedules are added and deleted. -
Enable Media Replace – The Enable Media Replace plugin allows you to replace a file in your media library by uploading a new file in its place.
Simple history will log details about the file being replaced and details about the new file. -
Limit Login Attempts – The plugin Limit Login Attempts is old
and has not been updated for 4 years. However it still has +1 million installs, so many users will benefit from
Simple History logging login attempts, lockouts, and configuration changes made in the plugin Limit Login Attempts. -
Redirection – The redirection plugin manages url redirections, using a nice GUI.
Simple History will log redirects and groups that are created, changed, enabled or disabled and also when the global plugin settings have been modified. -
Duplicate Post – The plugin Duplicate Post allows users to
clone posts of any type.
Simple History will log when a clone of a post or page is done. -
Beaver Builder – The plugin Beaver Build is a page builder for WordPress that adds a flexible drag and drop page builder to the front end of your WordPress website.
Simple History will log when a Beaver Builder layout or template is saved or when the settings for the plugins are saved.
Plugin authors can add support for Simple History in their plugins using the logging API. Plugins that have support for Simple History includes:
- Simple History Beaver Builder Add-On
- WP-Optimize – Cache, Clean, Compress.
- Add Customer for WooCommerce
- Better WishList API
- AJAX Login and Registration modal popup + inline form
- Loginpetze
- Authorizer
What users say
300+ five-star reviews speak to the reliability of this plugin.
-
“So far the best and most comprehensive logging plugin” – @herrschuessler
-
“The best history plugin I’ve found” – Rich Mehta
-
“Custom Logs Are Crazy Awesome!” – Ahmad Awais
-
“Amazing activity logging plugin” – digidestination
-
“Fantastic plugin I use on all sites” – Duncan Michael-MacGregor
-
“Useful Quick View of Activity” – Dan O
-
“The best Activity Plugin” – Rahim
-
“The best free history plugin ever” – abazeed
-
“It is a standard plugin for all of our sites” – Mr Tibbs
RSS feed with changes
Using the optional password protected RSS feed you can keep track of the changes made on your website using your favorite RSS reader.
Comes with WP-CLI commands
For those of you who like to work with the command line there are also some WP-CLI commands available.
wp simple-history list
– List the latest logged events.
Example scenarios
Keep track of what other people are doing:
“Has someone done anything today? Ah, Sarah uploaded
the new press release and created an article for it. Great! Now I don’t have to do that.”
Or for debug purposes:
“The site feels slow since yesterday. Has anyone done anything special? … Ah, Steven activated ‘naughty-plugin-x’,
that must be it.”
API so you can add your own events to the audit log
If you are a theme or plugin developer and would like to add your own things/events to Simple History you can do that by using the function SimpleLogger()
like this:
<?php
if ( function_exists("SimpleLogger") ) {
// Most basic example: just add some information to the log
SimpleLogger()->info("This is a message sent to the log");
// A bit more advanced: log events with different severities
SimpleLogger()->info("User admin edited page 'About our company'");
SimpleLogger()->warning("User 'Jessie' deleted user 'Kim'");
SimpleLogger()->debug("Ok, cron job is running!");
}
?>
See the documentation for examples on how to log your own events and how to query the log, and more.
Translations/Languages
So far Simple History is translated to 17 languages: Chinese (China), Danish, Dutch, Dutch (Belgium), English (US), French (France), German, German (Switzerland), Korean, Polish, Portuguese (Brazil), Russian, Spanish (Colombia), Spanish (Mexico), Spanish (Spain), Spanish (Venezuela), and Swedish.
If you want to translate Simple History to your language then read about how this is done over at the Polyglots handbook.
Contribute at GitHub
Development of this plugin takes place at GitHub. Please join in with feature requests, bug reports, or even pull requests!
https://github.com/bonny/WordPress-Simple-History
Donation
If you like this plugin please consider donating to support the development.
You can donate using PayPal or you can become a GitHub sponsor.
Screenshots
The log view + it also shows the filter function in use - the log only shows event that are of type post and pages and media (i.e. images & other uploads), and only events initiated by a specific user.
The Post Quick Diff feature will make it quick and easy for a user of a site to see what updates other users have done to posts and pages.
When users are created or changed you can see details on what have changed.
Events have context with extra details - Each logged event can include useful rich formatted extra information. For example: a plugin install can contain author info and a the url to the plugin, and an uploaded image can contain a thumbnail of the image.
Click on the IP address of an entry to view the location of for example a failed login attempt.
See even more details about a logged event (by clicking on the date and time of the event).
A chart with some quick statistics is available, so you can see the number of events that has been logged each day. A simple way to see any uncommon activity, for example an increased number of logins or similar.
FAQ
-
Can I add my own events to the log?
-
Yes. See the Developer Documentation.
-
Is it possible to exclude users from the log?
-
Yes, you exclude users by role or email using the filter
simple_history/log/do_log
.See the hooks documentation for more info.
-
For how long are events stored?
-
Events in the log are stored for 60 days by default. Events older than this will be removed.
This can be modified using the filter
simple_history/db_purge_days_interval
or using the upcoming Simple History Plus add-on.
Reviews
Contributors & Developers
“Simple History – user activity log, audit tool” is open source software. The following people have contributed to this plugin.
Contributors“Simple History – user activity log, audit tool” has been translated into 16 locales. Thank you to the translators for their contributions.
Translate “Simple History – user activity log, audit tool” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
4.6.0 (September 2023)
This release contains some new filters and some other improvements.
See the release post for more info.
- Added: Filter
simple_history/get_log_row_plain_text_output/output
to be able to modify the output of the plain text output of a log row. Solves support thread Is it possible to log post ID. See documentation page for filter for details. - Added: Filter
simple_history/log_insert_data_and_context
to be able to modify the data and context that is inserted into the log. - Added: WP-CLI command now includes “via” in output.
- Added: Debug settings tab now shows if a logger is enabled or disabled.
- Changed: WP-CLI: ID field is not the first column and in uppercase, to follow the same format as the other wp cli commands use.
- Changed: GUI enhancements on settings page.
- Changed: Don’t log WooCommerce post type
shop_order_placehold
, that is used by WooCommerce new High-Performance Order Storage (HPOS). - Fixed: Allow direct access to protected class variable
$logger->slug
but mark access as deprectad and recommend usage of$logger->get_slug()
. Fixes support thread PHP fatal error Cannot access protected property $slug.
4.5.0 (August 2023)
This release contains some smaller new features and improvements.
See the release post for more info.
Added
- The debug page now detects if the required tables are missing and shows a warning. This can happen when the database of a website is moved between different servers using software that does not know about the tables used by Simple History. Fixes issue #344 and support thread Missing table support among others.
- Add filters
simple_history/feeds/enable_feeds_checkbox_text
andsimple_history/feeds/after_address
. - Add action
simple_history/settings_page/general_section_output
. - Add filter
simple_history/db/events_purged
that is fired after db has been purged from old events. - Add helper functions
required_tables_exist()
,get_class_short_name()
. - Add function
get_slug()
toDropin
class. - Add function
get_rss_secret()
toRSS_Dropin
class. - Show review hint at footer on settings page and log page.
- Add functions
get_instantiated_dropin_by_slug()
,get_external_loggers()
,set_instantiated_loggers()
,set_instantiated_dropins()
,get_instantiated_services()
toSimple_History
class. - Dropins and services are now listed on the debug page.
Changed
- Order of settings tab can now be set with key
order
in the array passed toadd_settings_tab()
. - Rename network admin menu item “Simple History” to “View History” to use to same name as the admin menu item.
- Purged events are logged using the simple history logger (instead of directly in the purge function).
- Refactor code and move core functionality to multiple service classes.
4.4.0 (August 2023)
This version of Simple history is tested on the just released WordPress 6.3. It also contains some new features and bug fixes.
Release post for Simple History 4.4.0.
Added
- Logger for logging changes to the Simple History settings page. 🙈 And yes, it was quite embarrassing that the plugin itself did not log its activities.
- RSS feed now accepts arguments to filter the events that are included in the feed. This makes it possible to subscribe to for example only WordPress core updates, or failed user logins, or any combination you want. See the documentation page for available arguments and some examples. #387
- Event ID of each entry is included in WP-CLI output when running command
wp simple-history list
. - Filter
simple_history/settings/log_cleared
that is fired after the log has been cleared using the “Clear log now” button on the settings page. - Add helper function
is_plugin_active()
that loads the needed WordPress files before using the WordPress function with the same name. Part of fix for #373.
Fixed
- Shop changes to post type
customize_changeset
. Fix issue #224 and support threads stop the “Updated changeset” and “Move changeset” notifications, Newbie question. - Scrollbar on dashboard on RTL websites. Fixes issue #212, support thread Horizontal Scroll.
- PHP error when showing a log entry when all core loggers are disabled. Fixes #373.
Changed
- Tested on WordPress 6.3.
- Use
uniqid()
as cache invalidator instead oftime()
. Querying the log multiple times during the same PHP request with the same arguments, adding entries to the log between each log query, the same results would be returned. - Function
get_event_ip_number_headers()
moved from Simple Logger class to Helpers class. - Misc internal code cleanup.
4.3.0 (July 2023)
Added
- Add action
simple_history/rss_feed/secret_updated
that is fired when the secret for the RSS feed is updated. - Add tests for RSS feed.
Fixed
- RSS feed: Use
esc_xml
to escape texts. Fixes support thread XML error with RSS feed, issue #364. - RSS feed: Some texts was double escaped.
- Plugin User Switching: store login and email context of user performing action, so information about a user exists even after user deletion. #376.
4.2.1 (July 2023)
Fixed
- Fix PHP error when running WP-Cron jobs on PHP 8 and something was to be logged. Fixes #370 and support threads wordpress.org/support/topic/fatal-error-4492/, wordpress.org/support/topic/fatal-error-4488/, wordpress.org/support/topic/php-error-in-lastest-version/.
4.2.0 (July 2023)
Added
- Filter
simple_history/day_of_week_to_purge_db
to set the day that the db should be cleared/purged on. 0 = monday, 7 = sunday. Default is 7. - Add class
SimpleHistory
so old code likeSimpleHistory->get_instance()
will work. - Add helper function
camel_case_to_snake_case()
. - Automatically convert camelCase function names to snake_case function names when calling functions on the
\Simple_History
class. This way more old code and old examples will work. Fixes for example support thread. - Add
Helpers::privacy_anonymize_ip()
. - Add filter
simple_history/privacy/add_char_to_anonymized_ip_address
to control if a char should be added to anonymized IPV4 addresses. - Add filter
simple_history/maps_api_key
to set a Google Maps API key to be used to show a Google Map of the location of a user login using the user IP address. - If a Google Maps API key is set then a map of a users location is shown when clicking on the IP address of a logged event. #249.
Fixed
- Fix
Undefined property
warning when loading more similar events. #357 - Include “Plugin URI” from plugin when logging single plugin installs. #323
- Check that installed theme has a
destination_name
. #324 - Log correct role for user when adding a user on a subsite on a network/multisite install. #325
- Check that required array keys exists in theme- and translation loggers. Fixes support thread, issue #339.
- Fix undefined index warning in logger when context was missing
_user_id
,_user_email
, or_user_login
. Fix #367. - Misc code cleanup and improvements.
- Fix spellings, as found by Typos.
Changed
- Move function
get_avatar()
to helpers class. - Change location of filter
gettext
andgettext_with_context
and unhook when filter is not needed any more, resulting in much fewer function calls. - IPV4 addresses that are anonymized get a “.x” added last instead of “.0” to make it more clear to the user that the IP address is anonymized.
Removed
- Remove unused schedule
simple_history/purge_db
. - Remove function
filter_gettext_store_latest_translations()
. - Remove support for automatically un-translating messages to the log, loggers are better and have better support for languages.
4.1.0 (July 2023)
Added
- Actions
simple_history/pause
andsimple_history/resume
to pause and resume logging. Useful for developers that for example write their own data importers because the log can be overwhelmed with data when importing a lot of data. #307 clear_log()
now returns the number of rows deleted.- Added
disable_taxonomy_log()
to simplify disabling logging of a taxonomy. - Function
get_db_table_stats()
that returns for example the number of rows in each table.
Fixed
- Check that array keys
attachment_parent_title
andattachment_parent_post_type
exists in Media Logger. #313 - Don’t log when terms are added to author taxonomy in Co-Authors Plus. Fixes support thread, issue #238.
- Don’t load the log or check for updates on dashboard if the widget is hidden.
- Don’t check for updates on dashboard if a request is already ongoing.
Changed
- Moved filter
simple_history/dashboard_pager_size
to methodget_pager_size_dashboard()
. - Move function
get_initiator_text_from_row()
toLog_Initiators
class. - If a filter is modifying the pager sizes then show a readonly text input with pager size instead of a dropdown select. #298
- Update Chart.js library from 2.0.2 to 4.3.0. Fixes support thread, issue #340.
4.0.1 (June 2023)
Fixed
- Replace multibyte functions with non-multibyte versions, since
mbstring
is not a required PHP extension (it is however a highly recommended one). Should fix https://wordpress.org/support/topic/wordpress-critical-error-9/. (#351)
4.0.0 (June 2023)
🚀 This update of Simple History contains some big changes – that you hopefully won’t even notice.
For regular users these are the regular additions and bug fixes:
Changed
- Minimum required PHP version is 7.4. Users with lower versions can use version 3.4.0 of the plugin.
- Minimum required WordPress version is 6.1.
- Categories logger does not log changes to taxonomy
nav_menu
any longer, since the Menu logger takes care of those, i.e. changes to the menus.
Added
- Log if “Send personal data export confirmation email” is checked when adding a Data Export Request.
- Log when a Data Export Request is marked as complete.
- Log when Personal Data is erased by an admin.
- Log when a group is modified in Redirection plugin.
- Added context key
export_content
to export logger. The key will contain the post type exported, or “all” if all content was exported.
Fixed
- Fix error on MariaDB databases when collation
utf8mb4_unicode_520_ci
is used for the Simple history tables. Reported at: https://wordpress.org/support/topic/database-error-after-upgrade-to-wordpress-6-1/. - Privacy logger is logging the creation and selection of privacy page again. It stopped worked because a WordPress core file was renamed.
- Log when a groups is enabled, disabled, or deleted in Redirection plugin.
👩💻 For developers there are some bigger changes, that is noticeable:
- The plugin now uses namespaces – and they are loaded using an autoloader.
- The code has been changed to follow WordPress coding standard. This means that for example all functions have been renamed from
myFunctionName()
tomy_function_name()
. - The update to PHP 7.4 as the minimum required PHP version makes code more modern in so many ways and makes development easier and more funny, since we don’t have to worry about backwards compatibility as much.
- Many more tests using wp-browser have has been added to minimize risk of bugs or fatal errors.
A more detailed changelog that probably most developers are interested in:
Added
- Add cached = true|false to AJAX JSON answer when fetching events or checking for new events. It’s a simple way to see if an object cache is in use and is working.
- Most of the code now uses namespaces.
- The main namespace is
Simple_History
. - The main class is
Simple_History\Simple_History
. - Dropins use namespace
Simple_History\Dropins
and dropins must now extend the base classDropin
. - Loggers use namespace
Simple_History\Loggers
and loggers must extend the base classLogger
.
- The main namespace is
- Add hooks that controls loggers and their instantiation:
simple_history/core_loggers
,simple_history/loggers/instantiated
. - Add hooks that controls dropins and their instantiation:
simple_history/dropins_to_instantiate
,simple_history/core_dropins
,simple_history/dropins_to_instantiate
,simple_history/dropin/instantiate_{$dropin_short_name}
,simple_history/dropin/instantiate_{$dropin_short_name}
,simple_history/dropins/instantiated
. - Add filter
simple_history/ip_number_header_names
. - Add methods
get_events_table_name()
andget_contexts_table_name()
. - Call method
loaded()
on dropins when they are loaded (use this instead of__construct
). - Make sure that a dropin class exists before trying to use it.
Changed
- Improved code organization with the introduction of namespaces. Code now uses namespaces and classes (including loggers and dropins) are now loaded using an autoloader.
- Functions are renamed to use
snake_case
(WordPress coding style) instead ofcamelCase
(PHP PSR coding style). Some examples:registerSettingsTab
is renamed toregister_settings_tab
.
- Remove usage of deprectead function
wp_get_user_request_data()
. - Rename message key from
data_erasure_request_sent
todata_erasure_request_added
. - Rename message key from
data_erasure_request_handled
todata_erasure_request_completed
. - Applied code fixes using Rector and PHPStan for better code quality.
- Add new class
Helpers
that contain helper functions. - Move functions
simple_history_get_current_screen()
,interpolate()
,text_diff
,validate_ip
,ends_with
,get_cache_incrementor
to new helper class. - Function
get_ip_number_header_keys
is moved to helper class and renamedget_ip_number_header_names
. - Class
SimpleHistoryLogQuery
renamed toLog_Query
. - Class
SimpleLoggerLogLevels
renamed toLog_Levels
. - Class
SimpleLoggerLogInitiators
renamed toLog_Initiators
. - Dropin files are renamed.
- Move init code in dropins from
__construct()
to newloaded()
method. - Rename
getLogLevelTranslated()
toget_log_level_translated()
and move to classlog_levels
. - Rename message key
user_application_password_deleted
touser_application_password_revoked
. - Context key
args
is renamed toexport_args
in export logger. This key contains some of the options that was passed to export function, like author, category, start date, end date, and status. - Ensure loggers has a name and a slug set to avoid development oversights.
_doing_it_wrong()
will be called if they have not. - Logger: Method
get_info_value_by_key()
is now public so it can be used outside of a logger. - Logger: Method
get_info()
is now abstract, since it must be added by loggers. - For backwards compatibility
SimpleHistoryLogQuery
,SimpleLoggerLogLevels
,SimpleLoggerLogInitiators
,SimpleLogger
will continue to exist for a couple of more versions.
Removed
- Function
simple_history_add
has been removed. See docs.simple-history.com/logging for other ways to add messages to the history log. - Unused function
sh_ucwords()
has been removed. - Removed filters
simple_history/loggers_files
,simple_history/logger/load_logger
,'simple_history/dropins_files'
. - Unused class
SimpleLoggerLogTypes
removed. - Removed logger for plugin Ultimate Members.
- Removed patches for plugin captcha-on-login.
- Remove dropin used to populate log with test data.
- Remove dropin used to show log stats.
- Examples in examples folder are removed and moved to the documentation site at docs.simple-history.com.
3.5.1 (May 2023)
- Fixed JavaScript error when Backbone.history is already started by other plugins. Fixes https://github.com/bonny/WordPress-Simple-History/issues/319.
3.5.0 (March 2023)
- Added: Log an entry when a cron event hook is paused or resumed with the WP Crontrol plugin #328.
- Fixed: DB error on MariaDB database when collation
utf8mb4_unicode_520_ci
is used for the Simple history tables. Reported at: https://wordpress.org/support/topic/database-error-after-upgrade-to-wordpress-6-1/. - Tested up to WordPress 6.2.
Note: Next major version of the plugin will require PHP 7. If you are running a PHP version older than that please read https://wordpress.org/support/update-php/.
3.4.0 (February 2023)
- Changed: When exporting a CSV file of the history, each cell is escaped to reduce the risk of “CSV injection” in spreadsheet applications when importing the exported CSV. Reported at: https://patchstack.com/database/vulnerability/simple-history/wordpress-simple-history-plugin-3-3-1-csv-injection-vulnerability.