內容簡介
Activity Guard 是一款強大的 WordPress 活動日誌、WooCommerce 事件及安全外掛,旨在追蹤網站上的每一項活動。它即時監控用戶行為、管理變更、WooCommerce 事件及系統級變更,並在關鍵變更發生時發送通知。
【主要功能】
• 即時監控用戶行為與管理變更
• 詳細的活動日誌記錄變更來源與時間
• 追蹤與封鎖可疑的 IP 位址
• 支援多種通知方式如 Slack、Telegram、Email
• 內建用戶會話管理功能
外掛標籤
開發者團隊
② 後台搜尋「Activity Guard – Security Scanner, Activity Log with IP blocking」→ 直接安裝(推薦)
📦 歷史版本下載
原文外掛簡介
Activity Guard is a free WordPress plugin that covers four things most plugins charge separately for: a complete activity log, an IP-based security firewall, a plugin vulnerability scanner, and WooCommerce abandoned cart analytics. Alerts go out in real time to Slack, Telegram, or email.
Most activity log plugins stop at logging. Most security plugins don’t touch WooCommerce. Activity Guard does all of it in one dashboard, so you’re not juggling four separate plugins or paying for features that should come standard.
Activity Guard Website | Documentation | Pro Support
What Makes Activity Guard Different
Other free activity log plugins make you upgrade for Slack alerts, security scanning, or WooCommerce tracking. Activity Guard ships all of it for free, including Telegram notifications, IP firewall with emergency session shutdown, plugin CVE scanning, and WooCommerce incomplete-order analytics.
No other free plugin on WordPress.org combines these four in one place:
Complete activity log with charts and visual summaries
IP firewall with manual blocking, CIDR ranges, and conditional rules
Plugin vulnerability scanner cross-referencing NVD, WPVulnerability.net, and the WPAzleen private API
WooCommerce analytics including abandoned cart recovery rate tracking
WordPress Activity Log
Activity Guard records every meaningful change on your site, including the IP address, username, timestamp, and the exact change made. The log covers:
User logins, logouts, and failed login attempts
User registrations, role changes, and profile edits
Pages, posts, and custom post types: create, edit, delete, status changes
Plugin and theme activations, deactivations, updates, and deletions
WordPress core settings and configuration changes
Menu, widget, and sidebar modifications
Email delivery tracking (email log)
Form submissions from Contact Form 7, SimpleForm, and others
Admin settings changes and debug log events
Cron job scheduling and background process tracking
Script modification and file change detection
Visitor traffic monitoring with an on/off toggle
Visual charts summarize your audit log at a glance. No need to scroll through raw log tables to understand what’s happening on your site.
Security Firewall and IP Blocking
Activity Guard actively blocks threats rather than just recording them after the fact.
IP blocking by manual entry, CIDR range, or conditional rule
Emergency shutdown: force-logout every active session on your site with one click
Cloudflare Turnstile login protection against bots and brute force attacks
Login rate limiting to stop credential-stuffing
Bot detection and automatic IP blocking
Restrict or fully disable XML-RPC access
Core file integrity scanner to detect unauthorized file changes
File integrity monitoring across plugins and themes
Block TOR network access
Block vulnerability scanner user agents
HTTP security headers: custom, logged, and enforced
WordPress version hiding
404 error tracking and suspicious HTTP request alerts
Admin dashboard visitor tracking
Cron job failure and site downtime monitoring
The Emergency Shutdown feature is specific to Activity Guard: one click and every logged-in session on your site ends immediately. Useful when you detect a breach in progress and need everyone out now.
Plugin Vulnerability Scanner
Activity Guard scans every installed plugin and theme against multiple vulnerability databases before problems develop:
Detect plugins with known CVEs across NVD, WPVulnerability.net, and the WPAzleen private API
Flag outdated plugins not compatible with your WordPress version
Identify abandoned plugins (not updated in over a year)
Warn about plugins with low install counts or poor ratings
No other free activity log plugin on WordPress.org includes a built-in multi-database vulnerability scanner.
WooCommerce Activity Log and Analytics
Activity Guard logs every WooCommerce event and adds analytics built specifically for store owners.
Order tracking covers status changes, payments, refunds, and cancellations. You also get stock level changes and low-stock events, coupon creation and usage, product pricing edits, billing and shipping address updates, customer registration changes, and real-time shipping status updates.
The abandoned cart and incomplete-order analytics go further than basic logging. The dashboard shows checkout drop-off rates, recovery potential, recovery rate, and how customers interact with their carts before leaving. This helps you understand where revenue is being lost, not just that it was lost.
WooCommerce abandoned cart analytics with recovery rate tracking is included free. No competing free activity log plugin on WordPress.org provides this.
Slack and Telegram Notifications
Activity Guard sends alerts the moment a critical event occurs, across four channels:
Slack: route alerts to any channel, tag specific users or groups with @mentions
Telegram: real-time activity and security alerts direct to your Telegram chat
Email: configurable per event type
Admin dashboard: in-panel notification view
Events that trigger alerts include core file changes, plugin and theme updates (with the username that triggered the update), WooCommerce orders, payments, coupon usage, incomplete order follow-ups, product edits, stock changes, login and registration events, page and post changes, form submissions, and admin settings changes. A daily digest and weekly plugin download summary are also available.
You can schedule notifications for specific times and control exactly which events send alerts.
Admin and Developer Tools
Maintenance mode toggle from the dashboard
Menu and widget change tracking
Plugin and theme activation and deactivation logs
Script modification detection
HTTP security header change logging
Debug log and fatal error detection
Email log: full delivery history for all outgoing WordPress emails
Contact Form 7 and SimpleForm integration alerts
Who Uses Activity Guard
WooCommerce store owners use it to track every order, coupon, product change, and shipping event, and to recover revenue with abandoned cart analytics. Site administrators use it to know exactly who changed what, instantly log out suspicious users, and maintain a clean audit trail. Agencies and developers use it to monitor plugin updates, configuration changes, fatal errors, and debug logs across client sites. Security-focused admins use it to block IPs, scan for CVEs, monitor file integrity, and trigger emergency shutdowns. Multi-author sites use it to hold contributors accountable with full user activity logging and role-change tracking.
Join us: Facebook | YouTube | X / Twitter
External Services
Slack Webhook Integration
Activity Guard sends notifications to your Slack workspace using a Slack incoming webhook URL that you provide. To set one up:
Create a Slack app or use an existing one
Enable Incoming Webhooks in the app settings
Add a webhook to your workspace
Paste the webhook URL into Activity Guard settings
Cloudflare Turnstile
Activity Guard uses Cloudflare Turnstile for login bot protection. See Cloudflare’s privacy policy for details.
Plugin Vulnerability Scanner – Data Sources
WordPress.org Plugin API: retrieves plugin metadata including latest version, last updated date, rating, and active install count. Privacy Policy
WPAzleen API: private endpoint for known vulnerabilities by plugin and version. No sensitive data is transmitted. Privacy Policy
WPVulnerability.net: public API for CVE-based vulnerability data. Privacy Policy
National Vulnerability Database (NVD): official CVE data from NIST. Privacy Policy
All scans run locally using public metadata and vulnerability feeds. Activity Guard does not collect, store, or transmit any personal information during scans.
Freemius
Activity Guard uses the Freemius SDK for optional telemetry. No data is collected by default. Data collection only starts after you explicitly confirm in the admin notice. See the Freemius FAQ for details.
WPAzleen Settings API
Loads display settings for the Pro upgrade modal in the plugin admin area.
WPAzleen Privacy Policy
Source Code
The source files for all compiled/minified JavaScript and CSS in this plugin are publicly available at:
https://github.com/wpazleen/activity-guard
Build instructions:
Clone the repository or direct visit the src directory.
Run npm install in the root to install dependencies.
Run npm run build to compile the JavaScript and CSS assets.
The compiled files are output to build/.
