WooCommerce is a powerful, extendable and fully configurable e-commerce plugin for WordPress that allows you to create any kind of online store. It is also a multi user solution, so you can easily allow other users on your site help you manage your e-commerce store.
Having a team to help you manage your WooCommerce store, products, customers and orders is a good thing. Though WooCommerce does not tell who did what on the store – who changed a product, approved an order or changed a store setting. This is where WP Security Audit Log, a comprehensive WordPress and WooCommerce activity log plugin can help.
Before we dive in and see how you can install and setup the plugin, let’s first take a quick look at which WordPress users roles WooCommerce uses and what are the benefits of keeping an activity log of your WooCommerce store.
WooCommerce Users Roles and Privileges
When you install WooCommerce it creates two custom user roles on your WordPress site: Shop Manager and Customers.
Users with customers role can only make purchases and view their purchasing records, so mainly they have read only access. On the other hand Shop Managers can do any change on the WooCommerce store, such as products, coupon codes, orders and store changes. Users with the WordPress Administrator role also have full access on the WooCommerce store – they have access to change everything on your WordPress site.
The Need for an Activity Log on your WooCommerce Store
As a business owner you need to keep tabs on everything that is happening on your WordPress site and WooCommerce online store. What happens if someone from your team changes the price, stock quantity, measurements or weight of a product? Or even worse, what impact such change can have on your business, if someone, even if by mistake, changes the weighing or measuring units? Such changes can be devastating to your businesses.
Users with Shop Owner role, or all other users with administrator role on your WordPress site can change every setting on your online store and products. So you need an activity log to keep a record of who and when someone changes store settings such as:
- Business address or tax information and rates
- Measuring and weighing units
- Creates, modifies or deletes a product or its description
- Changes the prices, sale price, shipping cost of the product
- Changes the stock quantity of the product
- Approves or changes the status of an order
- Creates, modifies or delete coupon codes
You should not necessarily keep an activity log (also known as audit trail or audit log) to blame someone, or to catch a hacker red handed, although this could also be the case. Though it could also be that someone, including yourself did a change on your WooCommerce store or product by mistake, or a plugin is changing the stock quantity of a product automatically and you are not aware. So an activity log for a WooCommerce store is vital.
You can refer to the list of WooCommerce activity log events for a list of store, product, admin and order changes WP Security Audit Log can keep a log of.
Benefits of Keeping an Activity Log on WordPress & WooCommerce Store
Apart from keeping a log of changes on your WooCommerce stores and products, there are several other benefits to keeping an activity log on your WordPress site, such as:
Know what happens on your WordPress site: WP Activity Log does not only keep a log of what happens on WooCommerce and the products, but also of everything that happens on your WordPress site. This is very important because WooCommerce depends on WordPress.
Ease troubleshooting: If something is not working right on your WooCommerce online store or WordPress site you do not have to waste hours doing guess work. Just refer to the activity logs where you can find a record of everything that happened to easily find the source of the problem.
Ensure everything is running smoothly on your e-commerce store: Are your orders processing team managing all the orders in a timely manner? Are the shop managers importing all the products and making the coupon codes available on time? Are the stock quantities being kept up to date? Reports generated from the activity logs allow you to see all of this and more, thus ensuring everything is running smoothly on your WooCommerce store.
Meet mandatory regulatory compliance requirements: PCI DSS, GDPR and several other compliance regulations require online store owners to keep an audit log of everything that happens on their stores and websites. Hence by having an activity log of your WooCommerce store you check another box from the regulatory compliance requirements.
Spot suspicious behaviour before it becomes a security issue: WordPress hack attacks do not just happen from the outside. It could be an internal user which creates problem, or a hacked WooCommerce store admin. An activity log allows you to spot any possible suspicious behaviour early. And the earlier you spot an attack the easier it is to evade it and limit the damage.
Get instantly alerted of important store and product changes: You can’t just keep your eyes peeled on the activity log because you have work to do. When you use the WP Security Audit Log plugin you can configure email notifications so you are instantly alerted when an important change is logged in the activity log.
How to Keep an Activity Log for WooCommerce
To keep an activity log of all the changes that happen on your WooCommerce store and WordPress site install the free edition of the WP Security Audit Log plugin, which has a dedicated logging and monitoring sensor just for WooCommerce.
Once you install the activity log plugin you are greeted with a wizard to configure the basics, such as log detail level, retention and exclusions. When you are finished the plugin starts keeping a log of what happens in the activity log automatically. You do not need to do anything else. Below is a screenshot of what you can typically see in the activity log, highlighting users making changes both in WordPress and also WooCommerce.
Notice how much detail the activity log plugin reports. For every change, apart from the change detail it also reports the date and time of the change, the user and its rule, and the IP address from where the user is making the change. For more information about WP Security Audit Log and activity logs for WooCommerce visit the plugin website.
Bio: Robert Abela, founder of WP White Security, the developers of the most comprehensive activity log plugin for WordPress.