Activity Log

The Activity Log (Admin → Activity) gives you a record of everything that has happened on your site — content edits, logins, password changes, and security events. It's admin-only.

Content activity

The main activity list shows recent content saves across the whole site:

  • Which page and region was edited
  • Which user made the change
  • When it happened (date and time)

This is useful for keeping track of what your editors are doing and spotting unexpected changes.

Security log

Below the content activity is the security log. It records security-relevant events including:

  • Successful and failed login attempts
  • Password changes
  • Two-factor authentication setup and use
  • Recovery code use
  • Password reset requests

Each entry includes the event type, the user involved (if known), their IP address, and the time.

Review the security log regularly — repeated failed login attempts from the same IP can indicate a brute-force attack. RuntCMS locks out accounts automatically after repeated failures, but the log lets you see it happening.

Downloading the security log

The security log can be downloaded as a CSV file for offline review or to hand to a security auditor. Click Download CSV at the top of the security log section.

RuntCMS 0.9 Documentation