{"id":158784,"date":"2016-09-06T13:00:47","date_gmt":"2016-09-06T13:00:47","guid":{"rendered":"https:\/\/premium.wpmudev.org\/blog\/?p=158784"},"modified":"2016-09-23T01:21:08","modified_gmt":"2016-09-23T01:21:08","slug":"defender-audit-logging","status":"publish","type":"post","link":"https:\/\/wpmudev.com\/blog\/defender-audit-logging\/","title":{"rendered":"Track Hackers in Real-Time with Defender\u2019s All New Audit Logs"},"content":{"rendered":"

Is anyone else freaking out about how many ridiculous new features the WPMU DEV super devs keep dropping on us? And the madness doesn\u2019t stop. Our security plugin\u00a0Defender<\/a> just got a mega<\/strong>\u00a0upgrade: Audit Logs!<\/p>\nSince Defender was launched we\u2019ve added sooo much new stuff. Head over to the project page to check out all the new features! <\/span>Check out Defender<\/span><\/a>\n

Now with Defender, not only can you harden your security and block attackers, but audit logs now hold everyone on your site or network to account by tracking and logging Every. Single. Thing.<\/p>\n

Every login attempt, every upload, every activation, every system change… You\u2019ll know exactly who did what<\/em> and when<\/em>.<\/p>\n

\u201cThis feature\u00a0is so good, it really could be its own paid service.\u201d
\n– Aaron Edwards, CTO<\/p><\/blockquote>\n

<\/p>\n

<\/span><\/div>\n

That All Sounds Pretty Cool, but What Does It Mean?<\/h3>\n

If you get hacked, just restore from a backup and everything will be a-okay, right?<\/p>\n

Well, that\u2019s not the whole story.<\/p>\n

When did it happen? How did it happen? What restore point should you use? Will it happen again?<\/p>\n

These are questions all of us are asking when trying to recover from a hack.<\/p>\n

And with Defender’s new audit logging features it\u2019s all right there, like your own personal surveillance camera, letting you review all the footage from the night before. See who logged in and what backdoor they used so you can beef up security and prevent another attack.<\/p>\n

\n
\"Audit
Audit Logging is like adding security cameras to the backend of your site.<\/figcaption><\/figure>\n<\/div>\n

Now you might be asking, \u201cCan\u2019t hackers just erase or change the logs?\u201d This is where Defender\u2019s audit logs step into a league of their own. Every change is instantly stored on our secure cloud storage. No giant tables in your database. And most importantly your logs are permanent \u2013 they can’t be modified or deleted by an attacker.<\/p>\n

It Must Be Really Hard to Use, Right?<\/h3>\n

Not one bit.<\/p>\n

If you can click your mouse or trackpad, you can activate the new audit logging feature.<\/p>\n

Here’s how to do it:<\/p>\n

Once Defender is installed on your site, go to Audit Logs and click Enable Audit Logging<\/strong>. That\u2019s it. If you blinked you might have missed it!<\/p>\n

\n
\"One-click
One-click activation for easy installation.<\/figcaption><\/figure>\n<\/div>\n

As an added bonus, you can activate email reports and get activity summaries sent to you daily, weekly or monthly direct to your inbox. Save time and keep track of your site.<\/p>\n

#winning<\/p>\n

A Big Something Special for Multisite<\/h3>\n

What about Multisite? We run some pretty huge networks around here so we decided to test audit logging on some of our most active networks.<\/p>\n

Let\u2019s just say this is where Defender really flexes his muscles.<\/p>\n

So How Has WPMU Used Audit Logs?<\/h4>\n