Simple History Blog

Log when a user enters a password on a password protected page

Posted on August 20, 2017October 20, 2017

Over at the forums on wordpress.org there was a user who asked if it was possible to log whenever a user entered the password on a password protected page.

To add this kind of log to Simple History is easy, we just need to hook onto an admin filter and do some checks. The final answer, that I also posted to the user in the forums, was this:

// Log when a user enters something into the post password form.
// Both correct and incorrect usage is logged.
add_action( 'login_form_postpass', function() {
    $postPass = isset($_POST['post_password']) ? $_POST['post_password'] : null;

    if (!$postPass) {
        return;
    }

    $urlPath = parse_url(wp_get_referer(), PHP_URL_PATH);
    $pageByPath = get_page_by_path($urlPath);

    if (!$pageByPath) {
        return;
    }

    $correctPasswordEntered = ($pageByPath->post_password === $postPass);

    if ($correctPasswordEntered) {
        apply_filters(
            'simple_history_log',
            'A user correctly entered the password for page "{page_name}"',
            array('page_name' => $pageByPath->post_title)
        );
    } else {
        apply_filters(
            'simple_history_log',
            'A user entered the wrong password for page "{page_name}"',
            array('page_name' => $pageByPath->post_title)
        );
    }
});

WP CLI command added and file edits now logged

Posted on May 27, 2017May 27, 2017

WP CLI command to view user activity is now added to Simple History. The current support is pretty basic, but it’s a nice addition anyway I must say.

A simple wp simple-history list command will give you a listing of the latest events. You can also pass arguments count=20 to show 20 events instead of the default 10. And pass argument format=json to output the list in JSON format instead of the ASCII table.

Also in this version: theme file edits are logged, with a “quick diff” showing what’s been changed.

Support for Duplicate Post added

Posted on April 29, 2017May 20, 2017

Simple History now comes with support for the Duplicate Post plugin.

When a user clones a post or a page you will se this in the history log, with links to both the original post and the new copy. It works for both build in pages and post, and with custom post types.

Support for Redirection plugin added

Posted on September 18, 2016October 19, 2017

With over 600.000 active installs the Redirection plugin is a pretty popular WordPress plugin. So when there was a request for supporting it I agreed it would be a good idea to add support for it.

So in the latest version of Simple History there is now support for the plugin Redirection. The following things are logged:

Redirects created, changed, enabled or disabled
Groups that are created, changed, enabled or disabled
Global plugin settings

Here’s a screenshot of how it looks in action:

Available updates to WordPress, plugins and themes now logged

Posted on September 10, 2016September 18, 2016

With the latest update of Simple History the log will show the available updates to plugins, themes and WordPress core that are found.

This is a great feature to have if you for example subscribe to the history RSS feed. You no longer need to manually check the updates-page to see if there are any updates.

Here you can see how it looks when an update to WordPress is found and then the update is installed. It’s all there in the history log:

And here’s how it can look in your RSS-reader when you get notified that WordPress has auto-updated:

Creating and editing users: now you can see what changes have been made

Posted on May 29, 2016July 29, 2016

Before this version (2.7) of Simple History you could see in the log that a user had been created or changed. But you could not see any details.

With this update however, you can now see a lot of details when a user is created or edited: their username, name, email, webpage, and so on. And when a user is edited you can see from what old value to what new value.

Developer Loggers plugin adds new features to Simple History

Posted on February 14, 2016May 21, 2016

There is now a new plugin that extends Simple History with new features and loggers.
It’s called Developer Loggers for Simple History.

At the moment the developer plugin adds:

» Read full blog post

Lots of good reviews at WordPress.org

Posted on February 10, 2016February 10, 2016

Now this plugin has 100 5-star reviews.

Simple History for WordPress:
now with 100 reviews with rating ⭐️⭐️⭐️⭐️⭐️!https://t.co/mlDfe0WhMy pic.twitter.com/wXF5scQ5lr

— Pär Thernström (@eskapism) February 9, 2016

Brute force attacks can make the log big – here’s why and how to stop it

Posted on December 15, 2015May 21, 2016

In the support forum for Simple History some people have raised issues about the Simple History database tables are growing large. (For example this thread and this thread.

The reason for this is that Simple History is really good at logging things. So if your WordPress blog is getting a really big amount of brute force attacks, all those failed login attempts will be logged in Simple History. Nothing wrong with that, that’s the purpose of the plugin. But the number of rows can be huge – like over a million for some sites. And that can be an issue for some low cost hosts where you have a limited amount of storage/disk space.

Here’s what Simple History is doing to keep the database small – and a solution to keep the number of login attempts down to a minimum:

» Read full blog post

Changes to taxonomies now logged

Posted on December 15, 2015October 20, 2017

With version 2.5 or Simple History the creation, modification, and deletion of taxonomies are now logged. This includes terms, categories and post tags.

View full post to see screenshot