Home Blog WordPress Security Get Alerted via Email When a New User Is Created or Logs in To Your WordPress

Get Alerted via Email When a New User Is Created or Logs in To Your WordPress

Get Alerted via Email When a New User Is Created or Logs in To Your WordPress

One of the most common techniques malicious hackers use to retain access to a hacked WordPress website is to create an obscure WordPress user with administrator privileges. They create it to retain access, so they can log back in to the hacked WordPress anytime they want.

Unfortunately many WordPress administrators and users will not notice such user because most use WordPress to write content, and maybe to change the looks of the website (here are some tips how to find out if your WordPress was hacked). It is even more difficult to identify the user the attackers created when the WordPress website is a large one, or a multisite network that has tens or hundreds of users.

In this article we will explain how you can use the WP Activity Log plugin and the Email Notifications Add-On to get instantly alerted via email when a new WordPress user is created, or logs in for the first time. By doing so you can catch hackers red handed and stop them from doing any further damage on your WordPress websites and blogs.

Get Alerted via Email When A New User is Created on WordPress

When a new user is created on a single or WordPress multisite installation, WP Activity Log plugin logs a security alert in the WordPress audit trail. The security alert with ID 4001 includes all the details, such as the user who did the change, the user created, the role and several other details as shown in the screenshot below.

Therefore if you configure a trigger in the Email Notifications Add-On for alert 4001, when a new user is created on your WordPress you will get alerted via email.

Get Alerted via Email When the Password of a WordPress User Changes

If instead of creating a new user the attackers change the password of an existing user, an activity log monitor ensures you’re alerted via email. The WP Activity Log plugin logs a security alert with ID 4004 when a user changes the password of another user, or alert with ID 4003 when a user changes its own password.

In this case, as shown in the screenshot below you can configure a trigger in the Email Notifications Add-On so when one or the other happens, you are alerted via email.

Getting an Email Alert When a User Logs in the First Time on WordPress

The above examples only apply if the attackers use the normal means to create a WordPress user or change its password. Though in most cases things are not so straight forward. As seen in this interesting WordPress hack attackers are exploiting another vulnerability that allows them to upload a PHP file in the WordPress website. Then they execute the PHP file which creates a new WordPress user directly in the WordPress database. In such case the plugin won’t log a security alert in the WordPress audit trail, but WP Activity Log plugin still has a solution for such cases.

Built-in WordPress Email Alerts

The Emails Notifications add-on has a built-in WordPress email alert that alerts you the first time a WordPress user logs in to your WordPress. So even if as explained in the case above the attackers create the user manually in the database, the first time they login with such username you will be alerted via email, thus allowing you to take action as soon as possible to thwart their attack.

Email Alerts for WordPress Audit Trail

The above examples highlight the importance of keeping an audit log of everything that is happening on your WordPress. This also shows that logs are not there just to record what happened, but can also be used to instantly notify us of changes that we need to take action on. There are also several other benefits you can take advantage of when keeping a WordPress audit trail.

Extend the Functionally and Scope of your WordPress Audit Log

The WP Activity Log plugin has several other add-ons that allow you to extend the functionality and scope of the WordPress audit log. For example you can use the Search add-on to do free-text based searches in the audit log or the Reports add-on which allows you to generate user and regulatory compliance reports.


Leave a Reply

Your email address will not be published. Required fields are marked *

Stay in the loop

Subscribe to the Melapress newsletter and receive curated WordPress management and security tips and content.

Newsletter icon

It’s free and you can unsubscribe whenever you want. Check our blog for a taste.

Envelope icon
Uploading WP 2FA as a zip file in WordPress
WP 2FA in the WordPress plugin repository
Close

Installing WP 2FA Free

Congratulations on taking the first step towards enhancing your WordPress site's security with WP 2FA Free! You're now on your way to protecting your valuable data and ensuring peace of mind. No coding or technical knowledge is required.

 

Below are two ways to install WP 2FA on your website:

Go to your plugin dashboard on your site, then go to "Add New", and then search for WP 2FA.

Download the WP 2FA plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading CAPTCHA 4WP as a zip file in WordPress
CAPTCHA 4WP in the WordPress plugin repository
Close

Installing CAPTCHA 4WP Free

Well done you. You're one step closer to safeguarding your WordPress website from spam and automated attacks with CAPTCHA 4WP. You'll be able to effortlessly integrate CAPTCHA into your forms and enjoy a website with enhanced security.

 

Below are two ways to install CAPTCHA 4WP on your website:

Go to your plugin dashboard on your site, then go to "Add New", and then search for CAPTCHA 4WP.

Download the CAPTCHA 4WP plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading WP Activity Log as a zip file in WordPress
WP Activity Log in the WordPress plugin repository
Close

Installing WP Activity Log Free on your website

You deserve a pat on the back for choosing to record user actions and changes on your website. That is the first step towards better user accountability, easier troubleshooting of website security, and many other benefits of issues.

 

Below are the two ways to install WP Activity Log on your website:

Go to your plugin dashboard on your site, then go to "Add New" and then search for WP Activity Log.

Download the WP Activity Log plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading Melapress Login Security as a zip file in WordPress
Melapress Login Security in the WordPress plugin repository
Close

Installing Melapress Login Security Free

Congratulations on taking control of your WordPress website's security by implementing robust login and password policies with Melapress Login Security. You can change your login page URL, limit failed login attempts, and reset passwords.

 

Below are two ways to install Melapress Login Security on your website:

Go to your plugin dashboard on your site, then go to "Add New" and then search for Melapress Login Security.

Download the Melapress Login Security plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2