One of the hardest issues to solve with broken WordPress sites is finding out what broke the website. To find the answer to this, we need to find out what was changed that broke the site. Being able to find out what changed easily and can quickly shorten a difficult investigative process – which is hard even for seasoned site administrators and developers – to minutes rather than hours.
In the past, there’s been few ways to do this and developers have been restricted to searching a website for recently changed files; which sometimes provides clues but more often doesn’t. Sometimes it’s been possible to use the WordFence security plugin to find where files may have been changed or corrupted from the originals, but more often that fails as the problem can come from an official update (thus Wordfence assumes nothing changed).
We’ve recently found a new plugin called WP Security Audit Log. This plugin allows you to check a list of what changes have been made on the site, including WordPress updates and plugin updates, and is a very useful tool in tracking down problems and solving site problems (or even just eliminating site changes as a cause of a breakage). It’s particularly important to have something like this on your site as a medium-sized WordPress site can easily have over 7,000 files in it spread through core, themes and the various plugins you might have installed.
Obviously, this plugin is a life saver, but it’s rather like a life insurance policy – you have to have it there and running already for it to be able to help you. We’re in the process of installing it on many of our sites and it hasn’t caused any problems so far; it also has a good number of reviews, has been updated recently, and has 4.7 stars on wordpress.org (See https://wordpress.org/plugins/wp-security-audit-log/ for more information).
If you have a large site, this plugin is particularly important as more than one developer or admin may be working and it’s very easy for one person to make a change and not remember what they changed.
So, we rather suggest you take 2 or 3 minutes and install this plugin on any sites that are important to you as soon as you can so it’s there when you need it. (The plugin does have some commercial options available, but they’re not essential). We look forward to you saving hours on support issues!
Here’s a short video from the plugin documentation that explains what it does: