ITX UserOps — User Management, Login Activity, Sessions & Audit Log
·
One admin console for your WordPress users: online status, login activity, sessions, disable accounts, audit log and bulk actions.
WordPress has no unified user administration console. To see who is online, keep a login audit trail, force-logout a compromised account, or disable a departed contractor without deleting their content, you normally need four or five single-purpose plugins.
ITX UserOps replaces that whole stack with one fast, cohesive console — the kind of user administration Microsoft 365 or Google Workspace admins get out of the box.
Learn more at itxuserops.com.
Unified user dashboard
- Every user in one table: online-now indicator, last login, last activity, active sessions, role, status, registered date, post count
- Server-side search, sorting and pagination — stays fast at 100,000+ users
- Quick filters that combine: role, status, online now, last login (today / 7 / 30 / 90 days / never), registered date range, inactive 30/60/90 days
- Toggleable columns, per-admin
Disable users without deleting them
- One click disables an account: the user can no longer log in on any channel — wp-login, XML-RPC, REST, application passwords — and every active session is destroyed instantly
- Content, comments and history stay intact
- Customizable \ »account disabled\ » message
- Safety rails: you can never disable yourself or the last administrator
Session management
- See every active session per user: browser, OS, device, IP, signed-in time, last activity
- Terminate any single session, log a user out everywhere, or log all users out (your own session survives)
Login & user audit log
- Dedicated Login Log: every sign-in attempt — success, failed or blocked — with user, IP, device and user agent
- Records logins, failed logins (with attempted username), logouts, blocked logins, registrations, deletions, role changes, password changes/resets, email and profile changes, application passwords, and bulk actions
- Site visibility: content published/updated/trashed/deleted (with author and actor), plugin activations/deactivations, theme switches and WordPress core updates
- Filter by event, user, actor, IP, severity and date; full-text search; CSV export
- Configurable retention (30 days up to keep-forever) with daily auto-purge
- GDPR mode: anonymize stored IP addresses
- Brute-force flood protection: failed-login noise is aggregated, never table-flooding
Per-user profile drawer
- Click any user for an Entra-ID-style panel: overview with 30-day login sparkline, live session list, and that user\’s complete activity trail — without leaving the page
Bulk actions
- Multi-select users → change role, disable, enable, log out, send password reset, delete with content reassignment, export to CSV
- Runs in batches with a progress bar — no timeouts on large sites
Extras
- Live \ »online users\ » count in the admin bar and a user-overview dashboard widget
- Online status and a UserOps details link right in the native Users screen
Performance
Built to a strict budget: front-end requests incur at most one throttled database write per user per minute — no admin-ajax polling, no autoloaded bloat.
