WordPress

Audit Export is provided via a WordPress plugin that gives administrators and developers a clear, structured view into how their site is put together. It inspects plugins, themes, content types, taxonomies, menus, widgets, users, roles, and general site configuration, then turns all of that into exportable, script-friendly reports. Think of it as a regular health report for your WordPress installation, only with fewer lecture slides and more CSVs.

At the time of writing, the plugin is pending review for inclusion in the official WordPress.org plugin directory. Once it is approved, you will be able to install it like any other plugin. Until then, you can follow it on the Audit Export plugin page.

Who is Audit Export for?

Agencies managing lots of client sites
If you maintain a portfolio of WordPress installations, you need consistent answers to simple questions:

• What plugins are installed and which need updates?
• How many posts, pages, or products are we dealing with?
• How are user roles configured on each site?

Audit Export gives you standardized reports you can automate across environments and pipe into whatever dashboard or inventory system you are already using.

DevOps and engineering teams
You live in terminals, not in wp-admin. Audit Export integrates with WP-CLI, so you can run audits, export data, manage cron, and test remote connections using commands like wp audit-export run --all or wp audit-export export plugins --format=json. (WP-CLI)

Site administrators and content managers
If you are responsible for “keeping the site clean,” the plugin helps answer:

• Which post types are actually in use, and how full are they?
• Do we have menus that are no longer assigned anywhere?
• Which widget areas are full of mystery legacy widgets?

Security and compliance teams
The Users and Roles audit and the Plugins audit give you a structured snapshot of who can do what and which plugins may need attention, which is exactly the sort of thing security and compliance checklists like to nag you about.

Freelancers and consultants
Starting a new engagement with a “mature” WordPress site can be… exciting. Running Audit Export once gives you a quick, trustworthy inventory of the install so you can talk about scope and risk from a position of knowledge instead of vibes.

What the plugin actually audits

Out of the box, Audit Export ships with eight audit types grouped into general, system, content, and user categories:

• Site Report: PHP version, WordPress version, URL, active theme, multisite status, debug mode, timezone, and SSL usage.
• Plugins: Installed plugins with version, author, status (active, inactive, network), whether they are network-activated, and whether updates are available.
• Themes: Installed themes with status, parent/child relationships, and update availability.
• Content Types: All meaningful post types with published/draft/private/trash counts, plus flags for public and hierarchical. System-only types like revision and oembed_cache are excluded to keep the signal high.
• Taxonomies: Taxonomy labels, term counts, whether they are public/hierarchical, and which post types they attach to.
• Menus: Menu names, IDs, item counts, assigned locations, and last modified dates.
• Widgets: Widget areas (sidebars), their IDs, and which widgets are currently active.
• Users and Roles: Role names, display labels, user counts, capability counts, and a “key capabilities” summary for each role.

All of these audits share a consistent internal structure (headers + data rows) so they are easy to export and automate against.

How do you use it day to day

Via the WordPress admin

After activation, you get an Audit Export section in the admin menu. From there, you can:

• Run individual audits from the UI
• View stored report data from the database
• Configure file export (where CSVs are stored)
• Turn cron processing on or off and tune its frequency
• Configure remote posting (URL, auth, timeouts, SSL verification, debug mode)

Exports can be saved to the filesystem (uploads directory or wp-content) under a configurable subdirectory like audit-export/, making it easy to pick them up with other tools.

Via WP-CLI

If you prefer the command line, the plugin registers a full command namespace: wp audit-export. You get subcommands for:

• wp audit-export list – list all audits and when they last ran
• wp audit-export run – run one, several, or all audits, with output as table, CSV, JSON, or YAML
• wp audit-export export – export a specific audit to a file or stdout
• wp audit-export cron – check status, enable/disable, run cron jobs manually
• wp audit-export test-connection – test the remote endpoint
• wp audit-export force-post – push a specific audit to the remote API
• wp audit-export info – show plugin version and configuration at a glance

Because it is all WP-CLI, you can slot these commands directly into deployment scripts, CI pipelines, or scheduled tasks on your host. If you are new to WP-CLI, the WP-CLI docs and command list are helpful references. (WP-CLI)

Scheduled audits with WP-Cron

For ongoing visibility, Audit Export hooks into WP-Cron so audits can run automatically on a schedule. You can: (WordPress Developer Resources)

• Enable cron processing
• Run audits on every cron invocation (for high-traffic, high-change sites)
• Set a custom interval in minutes (for example, every 60, 1440, or 10,080 minutes)
• Set a maximum processing time per audit to avoid long-running jobs

This lets you keep a fresh set of reports without anyone having to remember to click “Run audit.”

Optional remote posting

If you operate a central dashboard or monitoring system, the plugin can POST audit results to a remote endpoint, using no auth, Basic auth, or a Bearer token. It sends structured JSON with site metadata (name, host, versions) and the report data (headers, rows, counts), so your external system can store or visualize it.

Hooks let you customize the target URL, the payload, the site info fields, or even the request arguments (headers, timeouts) before the request goes out.

Example use cases

Here are some concrete patterns where Audit Export fits nicely into real workflows.

1. Site documentation and handoffs

When finishing a build or inheriting an existing project, you can generate a complete structural snapshot for your records and for the client:

• wp audit-export run --all
• wp audit-export export site_report --file=docs/site-report.csv
• wp audit-export export plugins --file=docs/plugins.csv
• wp audit-export export content_types --file=docs/content-types.csv
• wp audit-export export users_roles --file=docs/users-roles.csv

Drop those into your project docs or attach to your ticket system so “what does this site look like” is always answered with data, not guesswork.

2. Migration planning

Before migrating to a new host or refactoring the architecture, you can:

• Export plugins and themes as JSON for programmatic analysis
• Inspect content volume by post type to plan migrations and backfills
• Identify custom post types and taxonomies that need special handling
• Spot inactive or duplicate plugins that should not make the trip

All of that comes from the existing audits; no custom scripts are required.

3. Change tracking during development

As part of deployment or release pipelines, you can generate snapshots into timestamped directories:

SNAPSHOT_DIR="snapshots/$(date +%Y%m%d-%H%M%S)"
mkdir -p "$SNAPSHOT_DIR"

wp audit-export run --all
for audit in site_report plugins themes content_types taxonomies menus widgets users_roles; do
 wp audit-export export "$audit" --file="$SNAPSHOT_DIR/$audit.csv"
done
 

Now you have a simple, file-based audit trail of structural changes over time, and you can diff snapshots when debugging “it worked last week” incidents.

4. Client reporting and account management

Combine cron scheduling with exports or remote posting to generate weekly or monthly reports for clients:

• A system section summarizing PHP and WordPress versions, debug status, SSL, and timezone (Site Report)
• A plugin inventory with update flags (Plugins)
• A content overview by post type (Content Types)
• A roles overview that highlights who has elevated capabilities (Users and Roles)

You can wrap this in a script that outputs HTML or Markdown, then email or post it into a reporting dashboard.

5. Security and compliance checks

For teams that need regular reviews:

• Use the Plugins audit to identify extensions with updates available.
• Use Users and Roles to monitor admin counts and high-privilege roles.
• Use Site Report to confirm debug mode is off in production and SSL is active.

You can even hook into the post-processing actions to send alerts when certain conditions are met, such as “any plugin has Update Available = Yes” or “administrator count > 2”.

6. Multi-site or multi-environment inventory

Because Audit Export can post to a remote API, you can install it on dev, staging, and production (or across many client sites), then centralize the reports.

Your central service receives JSON payloads that include site information, audit name, headers, and data rows, which you can then aggregate into one view.

Similar tools in the WordPress ecosystem

Audit Export focuses on structured configuration and usage reporting, especially around plugins, themes, content types, and roles. It complements, rather than replaces, some existing tools you might already use:

• WP Activity Log (formerly WP Security Audit Log)
  Provides a detailed activity log of user actions and site changes, with real-time monitoring and reporting. It is excellent for “who did what and when” style security and accountability. (WordPress.org)
• Stream
  Tracks user and system actions in a real-time activity stream, with filtering by user, role, context, and IP, plus integrations for alerts and webhooks. Helpful for debugging and real-time oversight. (WordPress.org)
• Query Monitor
  A developer tools panel that focuses on performance and debugging: database queries, hooks, HTTP calls, and more. It gives you deep insight into how your code behaves on a request-by-request basis. (WordPress.org)
• Core Site Health
  Built into WordPress itself, Site Health runs a series of checks on configuration and performance and reports issues directly in wp-admin. Audit Export is complementary here: Site Health focuses on diagnostics, while Audit Export focuses on structured reporting and external consumption. (WordPress.org)

Put simply: activity log plugins tell you what happened, Query Monitor tells you how it happened, Site Health tells you how WordPress feels about it, and Audit Export gives you the structured configuration snapshot you can ship off to spreadsheets, dashboards, and other systems.

Recap

Audit Export, provided as a WordPress plugin, gives you repeatable, scriptable insight into how a site is structured and configured:

• Eight core audits covering plugins, themes, content types, taxonomies, menus, widgets, users, roles, and general system info
• Tight WP-CLI integration for automation and CI
• Scheduled runs via WP-Cron
• CSV and JSON exports, with optional filesystem storage
• Remote posting for centralized dashboards and multi-site reporting
• An extensible architecture for adding custom audits and customizing the payloads

If you manage more than one WordPress site, collaborate in a team, or just like your configuration data neat and exportable, this plugin is designed to slide into your workflow without much fuss.

Here is the revised version with the correct documentation URL:

Simple VPS Provisioner

Simple VPS Provisioner is a command-line tool that turns a fresh Debian or Ubuntu VPS into a production-ready LAMP environment for Drupal or WordPress with a single command. It’s designed for clean installations and provides a consistent, automated way to deploy sites, manage domains, configure PHP versions, and handle optional SSL via Let’s Encrypt.

What It Does

The tool provides a complete stack including Nginx, PHP-FPM, MariaDB, and optional HTTPS, then configures each site with isolated PHP pools, secure credentials, and a production-grade firewall. It supports both Drupal and WordPress, multiple domains on a single server, Git-based deployments, database imports, and basic authentication to restrict access when needed. Since it is idempotent, you can safely run it multiple times to apply updates or verify the configuration.

Getting Started

To install the tool on a new VPS, run:

curl -fsSL https://raw.githubusercontent.com/willjackson/simple-vps-provisioner/main/install-from-github.sh | sudo bash

After installation, provisioning a site takes only one command. For Drupal (with HTTPS):

sudo svp setup example.com --le-email admin@example.com

or for WordPress (with HTTPS):

sudo svp setup example.com --cms wordpress --le-email admin@example.com

If you prefer to start without SSL, omit the email flag and access your site over HTTP. Once provisioning completes, your site is ready at the domain you specified.

Additional Capabilities

Simple VPS Provisioner includes commands for updating PHP versions, managing SSL certificates, deploying from Git repositories, enabling or disabling HTTP basic auth, verifying server configuration, and setting up multiple domains or environments. You can also import databases during setup or adjust settings through command-line flags, making repeatable deployments easy to script or automate.

Learn More

Full documentation, examples, and troubleshooting guides are available at https://simple-vps-provisioner.will.gg/. The source code and installation scripts can be found on GitHub at https://github.com/willjackson/simple-vps-provisioner.

Simple VPS Provisioner aims to make server setup predictable and fast, providing a straightforward way to deploy Drupal or WordPress sites without manually configuring each service.

SiteDash is a new platform designed to give developers, agencies, and site owners a unified view of their entire web presence. It’s currently in development, and you can join the interest list at SiteDash.ai.

What is SiteDash?

SiteDash provides a central dashboard that connects with the core tools used across modern web development. Instead of chasing data across hosting dashboards, code repositories, and third-party services, SiteDash aggregates insights and tracks changes across your Drupal and WordPress sites in one place.

The platform retrieves up-to-date information using the Audit Export Module for Drupal and the Audit Export plugin for WordPress, giving you immediate visibility into site status, configurations, updates, and more.

Who is SiteDash For?

SiteDash is designed to support:

• Freelancers managing multiple client sites
• Agencies balancing large portfolios of Drupal and WordPress projects
• Product and engineering teams that need better visibility and governance
• Site owners who want a single, clear view of their digital assets

If you maintain more than one website, SiteDash is built to give you clarity and confidence.

Key Use Cases

A Unified Dashboard for All Your Sites

Connect your projects and instantly view metadata, configuration details, update status, and integrations from a single, organized interface. No more guessing which spreadsheet, ticket, or wiki page has the “real” information.

LLM-Powered Insights via MCP Integration

SiteDash integrates with modern large language models using an MCP server, allowing AI chatbots and services to run inference across all indexed site data through a single connection. Instead of wiring each service independently, your AI tools access everything through one channel.

This enables powerful scenarios like asking, “Which of our sites need module updates?” and getting an immediate, consolidated answer.

Streamlined Onboarding for Agencies and Development Teams

Many agencies juggle dozens or even hundreds of client sites, often tracked in spreadsheets or internal tools. Every time a new project comes in, someone has to run a detailed audit of the existing site: installed modules or plugins, themes, hosting details, integrations, and potential risks.

SiteDash simplifies that onboarding workflow. Using the Audit Export Module for Drupal and the Audit Export plugin for WordPress, it pulls a rich snapshot of each site and keeps that data up to date automatically.

Paired with the MCP server, an LLM can automate large parts of the onboarding process. Instead of manually hunting through admin screens, you can hand the job to an AI assistant that queries the indexed data and walks you through what matters.

Query Infrastructure with Natural Language

With MCP-backed AI connections, you can query all your sites with a single prompt to an LLM, making it easier than ever to audit configurations, track changes, or identify issues across your entire portfolio.

Connected Tools & Services

SiteDash connects to a growing ecosystem of third-party services used in real-world web operations. You can link code hosts such as GitHub and Bitbucket, Drupal and WordPress hosting platforms like Acquia and Pantheon, CI and preview tools like CircleCI and Tugboat, and project management systems including Jira, ClickUp, Monday.com, and Teamwork.

It also integrates with AI providers like Anthropic and OpenAI, plus everyday tools such as Gmail, Google Calendar, Zoom, Google Drive, analytics and marketing platforms like Google Analytics and HubSpot, and operations tools like Qwilr and UptimeRobot, with many more connections planned as the platform evolves.

How SiteDash Levels Up Operations

Centralized Visibility

All essential information about your sites lives in one interface, reducing context switching and making it easier to spot issues early.

Better Collaboration

Developers, PMs, and stakeholders share a unified source of truth, improving communication and reducing handoff friction.

Smarter Decision Making

With AI-assisted querying and standardized data gathering, teams can diagnose, audit, and plan improvements faster.

Faster Onboarding

New team members gain immediate situational awareness without digging through scattered documentation or multiple logins.

Early Access

SiteDash is actively evolving, and early access is not yet open. Right now, you can join the interest list at SiteDash.ai to be notified as things progress.

The goal is to begin an open alpha testing phase in January 2026, with updates shared along the way as features solidify and integrations expand.