Recently, we’ve been contacted by a few of our clients concerned about logging admin actions in the Magento backend, i.e. recording exactly who made changes to site configurations. It’s easy to understand their concerns.
What if you come in on a Monday only to find that your best-selling line has sold out having had its price halved by a site admin on the Friday. Such an unfortunate turn of events may indicate an innocent error that identifies a training need, or something else. Either way, this scenario does highlight why site owners legitimately want to log the actions of admins in the backend of Magento and be able to correctly attribute changes to those responsible.
The above is just one extreme example. Simple, innocent errors of configuration made by users can trigger numerous undesirable consequences and it is legitimate to want to be able to revert to previous configurations should this occur. The fact is that Magento’s flexibility as a platform means it has hundreds of configurable options creating complexity for admins. Unlike code changes, which goes under version control, admin configuration changes can be difficult to track and therefore difficult to revert.
We at magic42 understand the importance of admin logging. Our team of extensively qualified Magento specialists are always happy to assist if you find that something has changed on your site and you are unable to figure out why. We can also help you set up admin action logging going forward. The solution for doing so boils down to ensuring the options are enabled or possibly using some Magento extensions if you are on an Open Source version of the platform. Let’s take a look at that in more detail.
Firstly, some scenarios can be avoided by ensuring your Magento admins have only the relevant level of access required to do their jobs. This is handled by the setting of user roles. Think carefully about the tasks each user will undertake and set their user role to the appropriately. This is good housekeeping as with other platforms.
Beyond that, Magento Commerce (formerly Enterprise) has a built-in feature, which you need to activate, that logs admin activities.
Magento Open Source (formerly Community) does not have this feature as standard but site owners will be pleased to learn that this can be achieved with the simple addition and configuration of an extension module. In fact, there are a number of extensions available. We can help you decide on the best one for your needs depending on the exact functionality you require. Why not contact us if you'd like to discuss more about Magento Security?