We’ve just raised the bar for WordPress security plugins with our WordPress Core File Scanner.
When someone hacks your WordPress site, at least one of your core files will be compromised.
Compromised? Yes, with access to your web hosting file system the hacker can change the contents of one or more files. Once they get this far, they’ll have full access to your site and can do whatever they want with it.
But, what if we can automatically remove file hacks without lifting a finger? Without clicking a button, or getting an email notification from our so-called security plugin?
This unparalleled protection is now possible. 😀 Introducing…
The WordPress Core File Scanner
With the version 4.16.0 of our Shield Security plugin you’ll have a new feature that scans your WordPress core files. It looks for any deviation, no matter how slight, from the official WordPress distribution.
But even better… you can have it automagically repair any files it finds to be tainted or missing.
You now have peace of mind knowing that your WordPress files are automatically secured!
How does the file scanner work?
Unless you have a funky file system setup, this should work perfectly well. It uses the WordPress.org API to get a list of MD5 hashes for core files and then compares your existing files against this.
If any hashes don’t match up, we are certain that a core WordPress file has been altered.
This scan runs once per day via the built-in WordPress cron.
Note – What the file scanner doesn’t do…
We have excluded several elements from the scanning. This is because these particular elements may be modified independently with newer releases. These include:
- The Hello Dolly plugin
- The nefarious Akismet plugin
- All the Twenty-something themes
How to turn on the Core File Scanner
The core file scanner comes with version 4.16.0 of the Shield Security plugin. It turns on by default as soon as you install and activate the plugin.
The option to automatically repair files is disabled, so you have to turn that on yourself. After all, you could be one of those crazy fools that likes to modify WordPress core files. ;-o
To toggle the feature, look for the ‘Hack Guard‘ module in the Shield Security menu. In there you’ll see the Core File Scanner options.
Questions / Comments?
Feel free to leave comments and questions about this feature below. We listen 🙂
Two-Factor Authentication for the Win!
There are a lot of security plugins out there but for what I want this one is the best of the bunch. It’s easy to set up and use, plus two-factor authentication is a HUGE bonus! Don’t waste time sifting through the other security plugins, choose this one and be…
Excellent performance. No database bloat. Two-factor authentication keeps your website hack proof. Does what it says. Honest and fair marketing. No gimmicks. Really liked its overall features. Update 25-12-2016 After 3 months of use, I can’t image running a WordPress blog without this plugin. Update 02-02-2018 After using it for…
Who wants to spend hours on security? Shield is easy to setup and gives me more time to do what I really want to – develop the site. Thanks so much for this awesomely useful plugin!
Best plugin * ever * – no more attack!!
I hade several DoS-attacks on my website, which slowed down performance significantly. This plugin finally helped me to end these attacks. It’s easy to handle and very reliable. Thank you very much, developers!!