Keeping track of who logs into your WordPress site is important for maintaining security. If you’re running a website, you want to be immediately alerted to any admin login activity, whether it’s you or someone else. One of the most effective ways to accomplish this is to enable Slack notifications for WordPress admin logins. This way, you’ll receive instant alerts directly in your Slack channel whenever someone logs into your WordPress admin dashboard. In this article, we’ll discuss the steps to implement this Slack notification to keep our site secure and informed in real time.

In this guide, we won’t be using any external WordPress plugins. Instead, we’ll be implementing a simple code snippet directly in your functions.php file. Please note that always back up your file before making any changes to avoid any issues with your site.  This guide is beneficial because it eliminates the need to set up and configure additional plugins in your WordPress. By avoiding plugins, we can reduce the risk of compatibility issues and minimize the impact on your site’s performance.

Step 1: Let’s begin by going to your WordPress Dashboard

Step 2:  Once you’re in the dashboard, navigate to Appearance > Theme File Editor and select the functions.php file. This file controls various functionalities of your WordPress theme, so it’s important to be careful when making any changes.

Step 3: Add the following code snippet to the end of the functions.php file: 

function slack_notification_on_wplogin($user_id, $user){  
     $user = get_user_by('id', $user_id); 
     if (in_array('administrator', $user->roles)) {
         $user_ip = $_SERVER['REMOTE_ADDR'] ?? 'IP not available';
         $adminLog = "*:closed_lock_with_key: WORDPRESS LOGIN DETECTED* \n Administrator Email: " . $user->user_email . " | IP Address: " . $user_ip . ";
         $message = array('payload' =>json_encode(array('text' =>$adminLog)));
         $slackURL = "YOUR_SLACK_HOOK";
         slackAlert($slackURL, $message );
}

function slackAlert($slackUrl, $message){
    $ch = curl_init($slackUrl);

    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
    curl_setopt($ch, CURLOPT_POSTFIELDS, $message);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    $result = curl_exec($ch);
    if (curl_errno($ch)) {
        $error_msg = curl_error($ch);
        error_log('Slack notification error: $error_msg');
    } else{
        error_log('Slack notification sent successfully');
    }
    curl_close($ch);
}

Step 4: In the provided code, replace “YOUR_SLACK_HOOK” with your actual Slack webhook URL. This URL ensures that the notifications are sent to the specific channel and receive messages directly in the intended Slack channel this will keep you updated with the information you need.
Step 5: Once you’ve added the code snippet, you should double-check for any errors or typos. Take a moment to review each line to make sure everything is correct. If you spot any mistakes, fix them before saving the file. After you’ve verified that everything looks good, you can save your changes. This will ensure that the added code will work as expected and help prevent any issues from cropping up later.
Understanding the code 
The slack_notification_on_wplogin function helps keep track of admin logins by sending notifications to Slack. This works by first getting the user’s details when logging in and checking if they’re an administrator or a regular user. If they are, it gets their IP address and puts together a message with the email and IP, which gets sent to your specified Slack channel. When notified, you can get instant updates about who’s accessing your admin dashboard, this is beneficial for you to stay on top of any unusual activity.
The second function is slackAlert; this function will send that notification to Slack. This uses cURL to make a POST request to your Slack webhook URL with the message you’ve set up. This function is primarily designed to be flexible, and the advantage of this function is you can reuse it for different types of Slack notifications such as notifications of user reviews, scheduled jobs, and other automation that are related to WordPress. To reuse it, you simply need to use the function name slack. It also manages errors or mistakes by logging any issues that will occur, resulting in easier troubleshooting if something goes wrong. This approach lets you automate further notifications for various events on your site, improving its functionality.
Verification
It’s important to verify  your Slack notifications for WordPress admin logins are working correctly, follow these steps:
Step 1: Log in to your website using admin credentials 
Step 2: Check your specified Slack channel for a notification. You should see a message indicating that a WordPress login was detected, including the admin email and IP address.


Final Remarks
Implementing this kind of real-time logging system using Slack provides an advantage for the site you maintain. You can track who logged in to your site, identify the administrators of your site, and record the exact times together with the IP addresses of their logins. The guide has steps you can easily follow and implement. I have also discussed the different functions of the code snippet so you can modify it to meet your specific needs. As a result, you gain better oversight and security for your site with minimal effort.