preloader

User Login Log WordPress Plugin – Features & Review | WPWizzy

User Login Log records WordPress user login activity including username, IP address, browser, date, and time. It provides a log of who has logged into your WordPress site and when.

User Login Log WordPress Plugin – Features & Review | WPWizzy
Get Help With This Plugin

What is User Login Log plugin?

User Login Log is a WordPress plugin that maintains a record of every user login to the WordPress admin. For each login, it records the username, login timestamp, IP address, browser user agent, and logout time if captured. The log is visible in the WordPress admin under a dedicated screen.

Login logs are useful for security monitoring — identifying unexpected logins from unfamiliar IP addresses, tracking when specific users are accessing the admin, and building evidence in the event of a security incident. For multi-user sites with multiple administrators or editors, login logs provide accountability and visibility into who is accessing the system.

For more comprehensive security logging beyond just logins, WP Activity Log is a more capable tool that records not just logins but all admin actions including post edits, plugin changes, and settings modifications.

Need Help With User Login Log Setup, Troubleshooting, or Customization?

Need help with User Login Log? Whether you are dealing with errors, broken functionality, styling problems, plugin conflicts, or advanced customization, we can help you fix the issue and get the plugin working properly on your WordPress site.

Get User Login Log Expert Help

Key Features

  • Records all WordPress user logins with timestamp and IP address
  • Browser and device information per login
  • Logout time recording
  • Sortable and searchable log in admin dashboard
  • CSV export of login records

Pros & Cons

Pros

  • Simple single-purpose tool that does exactly what the name says
  • IP address logging helps identify suspicious login patterns
  • Free with no premium version needed

Cons

  • Only logs logins -- does not track what users do after logging in
  • Log can grow large over time without automatic cleanup

Free vs Premium

User Login Log is completely free with no premium version.

Common Problems & Fixes

User Login Log is not recording some user logins.

User Login Log hooks into the WordPress wp_login action to capture logins. Some plugins that implement custom login flows or single sign-on bypass the standard WordPress login process and may not trigger this hook. If logins through WooCommerce customer login, social login plugins, or SSO are not being recorded, the login is happening outside the standard flow. Check whether the missing logins use a custom authentication method and contact the plugin developer about compatibility with the wp_login hook.

The login log is showing an IP address of 127.0.0.1 for all users.

An IP address of 127.0.0.1 means the site is reading the server’s own IP rather than the visitor’s IP. This happens when the site is behind a load balancer or reverse proxy (including Cloudflare) that does not forward the original client IP. The real IP is usually in the X-Forwarded-For or CF-Connecting-IP HTTP header. Some versions of the plugin have a setting to read from these headers. If not, this is a server configuration issue that may require adjusting how your hosting passes client IP information.

The login log table is very large and slowing down the database.

Login logs accumulate indefinitely without automatic cleanup. If the log table has grown very large, clear old entries from the admin log screen or directly in the database using phpMyAdmin. Consider exporting the log to CSV before deleting entries if you need to retain the records. After clearing, check whether the plugin has a setting to limit log retention to a certain number of days or entries.

Customization & Developer Notes

How do I export the login log for compliance reporting?

Most versions of User Login Log include a CSV export option in the log admin screen. Click the export button to download all current log entries as a CSV file. The CSV includes username, IP address, browser, login time, and logout time for each recorded session. For compliance purposes such as GDPR data subject requests or security incident documentation, this export provides the necessary login history data.

Can I get email alerts when a specific user logs in?

Basic versions of User Login Log do not include email alerting. For login alerts, WP Activity Log Pro includes notification rules that send emails when specific users log in, or when logins occur from new IP addresses. Alternatively, security plugins like Wordfence include login alerts as part of their broader security monitoring feature set.

Frequently Asked Questions

How does User Login Log compare to WP Activity Log?

User Login Log records only login and logout events. WP Activity Log records all admin actions — post edits, user profile changes, plugin activations, settings modifications, file changes, and login events. WP Activity Log is more comprehensive and useful for full admin accountability tracking. User Login Log is a lighter option if you only need login monitoring without the overhead of logging every admin action.

Can I see which users are currently logged into WordPress?

Some versions of User Login Log show active sessions in the log. For explicit current session management, the WordPress core includes a Sessions section in each user profile that shows active login sessions. You can terminate specific sessions from there. The Terminate All Sessions function in WordPress core is also useful for forcing all users to log out simultaneously after a security concern.

Does User Login Log record failed login attempts?

User Login Log records successful logins by hooking into wp_login which only fires on success. Failed login attempts fire a different hook (wp_login_failed). Basic versions of User Login Log do not record failed attempts. For failed login monitoring, security plugins like Wordfence or Limit Login Attempts Reloaded record failed attempts and can block IP addresses after too many failures.

How long should I keep login logs?

Retention period depends on your use case. For security incident response, having at least 90 days of login history is useful. For compliance in regulated industries, specific retention periods may be legally required — check your relevant regulations. For general admin visibility, 30 days is often sufficient. Set a consistent retention policy and clear older records on schedule to prevent the log table from growing without bound.

Need Help With WordPress Security Monitoring?

Find a vetted WordPress developer on Codeable. From login monitoring and activity logging to full security audits and hardening.
Get a Free Estimate

Alternative Plugins

  • WP Activity Log
  • Simple History
  • Stream
  • Wordfence login monitoring
  • Jetpack security

Ready to hire your WordPress developer?

WPWizzy connects you with vetted freelance WordPress developers from the Codeable network — the top 2% of WordPress experts worldwide, , you can get a free no-obligation project estimate before hiring. Every developer is carefully screened, backed by Codeable’s satisfaction guarantee, and rated by real clients based on completed WordPress projects.

Pick one option and we’ll take you to the right next step.

After submitting your request, up to three WordPress developers may review your project and ask a few questions to better understand the issue.
This step helps us define the scope of work and provide an accurate estimate. Most projects receive a response within 24 hours.
Providing a few key details about your website or the problem will help us respond faster. There is no obligation to proceed with the project.