File Change Warning

If the changes made are from an update there is no cause for concern. Each file that changes at all is logged. For my own sites, I scan the list and look for anything out of place; I expect changes in backups, caching, updated plugins, etc. If I see a change for something that I personally didn’t update or have set to run automatically, that’s when I look at the file and start tracking down issues.

If your Site Scan is coming up clear, that is another good indication that the changes you are seeing are part of the routine backgrounds in a WordPress site

You can exclude files and directories in the File Change Detection settings on the Settings page. The general rule is it’s okay to exclude ones that you know are going to be regularly updating. Backup and cache files are a perfect example of this. Doing so will calm a lot of the extra noise.

The plugin will only inform you of changes made (if modules are enabled) but it does not have the capability to inform you of any issues in regards to those changes.

@beardedginger,

Does the “File Change Detection” (FCD) module automatically trigger a malware scan when a file change has been detected? If not, why not? Essential!

Also, the FCD module may have some value, but when we receive an email displaying thousands of file changes, we simply consider it a “data dumper.” Not too helpful. The module is long overdue for a refresh and needs to address better suspicious files.

For example, it would be great if the FCD module could identify and highlight potentially malicious files such as unrecognized .php or .ini files, non-WordPress files (say, labeled with a bogus “WP-” prefix), and Base64 coded files which are typically injected by hackers into WordPress.

There are many “online” malware scanners that can detect them. It’s time for iThemes Security (free and pro) to do the same. Example: https://www.siteguarding.com/ (not promoting this website)

Cheers!

• This reply was modified 3 years, 10 months ago by jetxpert.