• Team I have now received 3 emails from WordPress stating “File Change Warning” . I have not done any changes to these files from my hosting panel, so not sure what is this regarding.

    Here is the warning for your reference (Unable to attach a screenshot here)-

    `File Change Warning
    A file (or files) on your site have been changed. Please review the report below to verify changes are not the result of a compromise.
    Scan Summary
    Added
    7

    Removed
    158

    Modified
    205

    Scan Details
    Added Files
    File Modified File Hash

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • If the changes made are from an update there is no cause for concern. Each file that changes at all is logged. For my own sites, I scan the list and look for anything out of place; I expect changes in backups, caching, updated plugins, etc. If I see a change for something that I personally didn’t update or have set to run automatically, that’s when I look at the file and start tracking down issues.

    If your Site Scan is coming up clear, that is another good indication that the changes you are seeing are part of the routine backgrounds in a WordPress site

    You can exclude files and directories in the File Change Detection settings on the Settings page. The general rule is it’s okay to exclude ones that you know are going to be regularly updating. Backup and cache files are a perfect example of this. Doing so will calm a lot of the extra noise.

    The plugin will only inform you of changes made (if modules are enabled) but it does not have the capability to inform you of any issues in regards to those changes.

    @beardedginger,

    Does the “File Change Detection” (FCD) module automatically trigger a malware scan when a file change has been detected? If not, why not? Essential!

    Also, the FCD module may have some value, but when we receive an email displaying thousands of file changes, we simply consider it a “data dumper.” Not too helpful. The module is long overdue for a refresh and needs to address better suspicious files.

    For example, it would be great if the FCD module could identify and highlight potentially malicious files such as unrecognized .php or .ini files, non-WordPress files (say, labeled with a bogus “WP-” prefix), and Base64 coded files which are typically injected by hackers into WordPress.

    There are many “online” malware scanners that can detect them. It’s time for iThemes Security (free and pro) to do the same. Example: https://www.siteguarding.com/ (not promoting this website)

    Cheers!

    • This reply was modified 3 years, 10 months ago by jetxpert.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘File Change Warning’ is closed to new replies.