Search for answers or browse our knowledge base.
Managing the WordPress activity log plugin privileges
The WP Activity Log plugin has two types of privileges:
View activity log
Users who have View activity log privilege can only view the WordPress activity log and search in it. However, they cannot change any of the plugin settings. This is a read only privilege.
Manage the plugin
Users who have the manage the WP Activity Log plugin privileges can view the WordPress activity log and also configure the plugin’s settings. In the premium edition of the plugin these users can also configure the premium features such as the WordPress reports tool and configure WordPress email & SMS notifications.
By default all the users with an administrator role can manage the plugin. However, this can also be changed.
Default WP Activity Log plugin privileges
Single site WordPress installation
On a single site WordPress installation, only users with administrator role can view the WordPress activity log and manage the plugin settings.
WordPress multisite network installation
In a WordPress multisite network, users with Super Admins role can view the activity log and manage the plugin settings. Child site administrators can view the activity log of the site they have admin access to. Refer to the WordPress multisite activity log plugin for more details on multisite network setup.
Configuring the activity log and plugin privileges settings
Single site WordPress installation
In a single site WordPress website installation you can configure the privileges from the plugin’s settings page.
On a single site you can:
- restrict the plugin settings (manage plugin privilege) to just your user, so other users with administrator role cannot change the plugin settings or view the activity log,
- allow other users of any role to view the activity log.
WordPress multisite network installation
In a multisite network WordPress setup, you can configure the privileges from the plugin’s settings page, which are only available from the network dashboard.
On a multisite network you can:
- restrict the plugin settings (manage plugin privilege) to just your user, so other super administrators on the network role cannot change the plugin settings or view the activity log,
- specify if only the super administrators, or also the super administrators and child site administrators can view the activity log,
- allow other users of any role to view the activity log.
Hiding WP Activity Log from the “installed plugins” list.
As an additional level of security, our plugin allows you to hide it from the list of installed plugins (found under Plugins in your WordPress dashboard).
To hide our plugin from the list of installed plugins, head to the Hide Plugin in Plugins Page option found in the General tab of our plugins settings and select Yes from the provided choice. Once done, any one visiting this admin area will no longer see WP Activity Log listed as an installed plugin, avoiding the possibility of an unwanted deactivation/deletion by another site administrator.
Note: when there is an update available and the plugin is hidden, only the users who have access to the plugin can see the available update.
Using the plugin & activity log privileges for better security
Activity logs are a must have for any business. However, the data stored in them is of sensitive nature. Be very careful when configuring these privileges and only allow access on need to know bases. The same applies to the plugin settings. Changes in the plugin’s settings can tamper the activity log. So it is imperative that you only allow trusted site administrators to manage the plugin and its settings.
