Recently there was a 0-day vulnerability posted for WordPress which allows users with edit post capabilities to issue SQL injection attacks against the WordPress site. Depending on the type of site that you run this isn’t a huge deal unless you allow any users that sign up to edit and publish articles on the WordPress site. One of the things that could help assist in this type of scenario is knowing who logins in and when as well as knowing if there are failed logins which could help indicate malicious activity. Below is information on a plugin that can accomplish both of these goals.
Install WordPress Plugin Login Logger To Track Users Last Login Date/Time:
The Login Logger is a WordPress plugin that will track every users last login date and time as well as a list of failed logins which will all be available in your WordPress administration site. Installing Login Logger is as simple as installing most WordPress Plugins by simply downloading Login Logger, unpacking the contents of the plugins zip file, uploading the contents to the plugins folder, and then activating the plugin via the WordPress administration console.
- Download Login Logger: Visit the Login Logger plugin page on the WordPress site by clicking here. The file downloaded will be named login-logger.zip.
- Unpack Login Logger Zip File: Now extract the contents of login-logger.zip to reveal a folder called login-logger with three files inside of it including loginlog.php, manage.php, and readme.txt.
- Upload Login Logger Plugin: Now upload the login-logger folder and all of its contents to your WordPress site in the “wp-content/plugins/” folder. The wp-content folder should be available from the root directory of your WordPress installation.
- Activate Login Logger: Visit your WordPress sites administration console typically located at yourdomain.com/wp-admin. Click on Plugins in the left navigation menu to get to the list of Inactive Plugins as shown in the below example image. Click Activate underneath Login Logger to activate the Login Logger plugin.
- Verify Login Logger: After activating the Login Logger plugin expand the Users section in the left navigation to reveal the new section under Users called Login logs. Click on Login Logs to reveal a list of all users, the last time they logged in, and a list of failed login attempts as shown in the below example image.
As you can see above the Login Logger output includes username, date & time, IP address the login attempt came from, how long ago the login was, and the time since the user was active.
This WordPress plugin not only provides information on how often the users of the WordPress site are logging in but also how many failed login attempts occur which is very important so you can figure out how to strengthen the security on your WordPress site.