Description

Look-see Security Scanner is set of security tools built with efficiency and simplicity in mind. It will help you locate file irregularities so you can recover from a hack, but also identify any configuration issues that made you vulnerable in the first place.

Verify the integrity of all core WordPress files;
Search wp-admin/ and wp-includes/ for unexpected files;
Search wp-content/uploads/ for hidden scripts;
Identify file changes since previous scan;
Locate files left over from older versions of WordPress;
Analyze configurations for oversights and vulnerabilities;
Check uploaded themes and plugins against the WPScan Vulnerabilities Database;

Requirements

Due to the advanced nature of some of the plugin features, there are a few additional server requirements beyond what WordPress itself requires:

WordPress 4.4 or later.
PHP 5.4 or later.
PHP extensions: date, filter, json, pcre, spl
CREATE and DROP MySQL grants.

Please note: it is not safe to run WordPress atop a version of PHP that has reached its End of Life. As of right now, that means your server should only be running PHP 5.6 or newer.

Future releases of this plugin might, out of necessity, drop support for old, unmaintained versions of PHP. To ensure you continue to receive plugin updates, bug fixes, and new features, just make sure PHP is kept up-to-date. 🙂

Screenshots

The results of a file scan, categorized for easy digestion. Warnings can be expanded for complete details and explanations.
Public vulnerability information for plugins and themes. Again, warnings can be expanded for details.
Analysis of common configuration issues that increase hackability.

Installation

Nothing fancy! You can use the built-in installer on the Plugins page or extract and upload the look-see-security-scanner folder to your plugins directory via FTP.

FAQ

Installation Instructions: Nothing fancy! You can use the built-in installer on the Plugins page or extract and upload the look-see-security-scanner folder to your plugins directory via FTP.
Is this plugin compatible with WPMU?: The plugin is only meant to be used with single-site WordPress installations.
Does Look-See correct any problems it finds?: Look-See is an informational tool. It will identify and explain file irregularities or vulnerabilities on your system so that you can decide whether or not any action is needed.
If there are no warnings, does that mean I am A-OK?: Not necessarily. There could still be backdoors elsewhere on the server. As always, we recommend you maintain best security practices and keep regular back-ups.
Can scans be automated?: Not yet, sorry. Automated scans will probably be integrated into a future release, so stay tuned!

Reviews

Works perfectly!

zabbaka

All issues fixed. Great plugin

This Plugin is A Sanity Saver

rhys

I have been plagued for over six weeks by a hacker, and this plugin has found every implanted/altered file so far!

Read all 7 reviews

Contributors & Developers

“Look-See Security Scanner” is open source software. The following people have contributed to this plugin.

Blobfolio

Translate “Look-See Security Scanner” into your language.

Interested in development?

Browse the code or subscribe to the development log by RSS.

Changelog

20.1.5

[Fix] Additional workaround.

20.1.4

[Fix] Workaround for unreadable files.

20.1.3

[New] Plugins page links.
[New] Additional backup file checks.

20.1.2

[Fix] Checksum locale issue.

20.1.1

[Fix] CSS tweaks to make plugin vulnerability history more readable.
[Fix] Better version/locale detection.
[Fix] Pre-scan fail error not always displayed.
[New] Color-code fixed vulnerabilities.

20.1

[Misc] The plugin has been completely rewritten from the ground up to provide a cleaner interface, faster performance, and more detailed and accurate results.

15.09-4

[Misc] Lower memory usage.

15.09-3

[Misc] Much faster building of obsolete files database.
[Fix] Minor Windows server issue.

15.09-2

[Fix] Better recovery from bad server response.

15.09

[New] Compare file permissions.
[New] Show plugin/theme installed version numbers.
[Misc] Code clean-up.

15.08

[New] Search files for common malware functions.

15.03-2

[Fix] Improve compatibility with InnoDB installations.

15.03

[Fix] Check for existence of MySQL table before prompting to install checksums.

15.02-2

[Change] Small db change.

15.02

[Misc] UX improvements.
[Misc] Code clean-up.

14.12-2

[Misc] Look-See now gets its checksums directly from WordPress, so version support is more or less automatic and includes locale support.

14.12

[New] Check plugins and themes against WPScan Vulnerability Database.

14.11

[New] Checksums for WP 4.0.1.

14.09

[New] Checksums for WP 4.0.
[Drop] Removed support for 3.7.* and 3.8.*.

14.08

[New] Checksums for WP 3.9.2.

14.05.2

[New] Checksums for WP 3.7.2 and 3.7.3.

14.05

[New] Checksums for WP 3.9.1.

14.04.4

[New] Checksums for WP 3.9.

14.04.3

[New] Checksums for WP 3.8.3.

14.04

[New] Checksums for WP 3.8.2.

14.01

[New] Checksums for WP 3.8.1.

13.12

[New] Checksums for WP 3.8.

13.11

[Misc] Faster database I/O during scans (~2x faster).
[New] Option to ignore WP cache files.
[Misc] Updated SSL session analysis.

13.10.3

[New] Checksums for WP 3.7.1.
[Drop] Dropped compatibility with WordPress 3.5.*.

13.10.2

[New] Checksums for WP 3.7.

13.10

[New] Option to scan only core files.

13.09.3

[Misc] Minor branding update.

13.09.2

[Misc] Updated list of old core files, so scan results categorize them as such rather than “suspicious”.

13.09

[New] Checksums for WP 3.6.1.

13.08.3

[Fix] Undefined variable PHP Notice.
[Fix] Hang in Firefox upon scan completion.

13.08.2

[Fix] Replace deprecated $wpdb->escape() with esc_sql().

13.08

[New] Checksums for WP 3.6.

13.07

[New] Checksums for WP 3.5.2.
[Drop] Removed compatibility with WordPress 3.4.2.

13.05

[Fix] Replace a couple functions that are deprecated as of PHP 5.5.0.

13.04

[New] Added support for InnoDB database engine.
[Misc] Minor speed improvements.

13.01

[New] Checksums for WP 3.5.1.
[Misc] Changed version naming scheme to YY.MM.

3.5-6

[Fix] Uninstallation now removes all plugin data/settings.
[New] Prevent installation on WPMU blogs.
[Fix] Use $_SERVER instead of getenv() as it is more compatible across environments.
[New] Configuration Analysis checks for inactive themes and plugins.

3.5-5

[Fix] Missing files incorrectly shown as being skipped.
[New] Configuration Analysis checks for phpinfo.php, SSL, WP plugin/theme editor.
[Misc] Code clean-up.

3.5-4

[Misc] Files left over from old WP installations are better explained in results.
[New] Configuration Analysis looks for oversights and vulnerabilities in configuration.
[Fix] Renamed duplicate form field IDs.

3.5-3

[New] Setting to ignore files above a certain size.
[New] Ability to abort scan in progress.
[New] Ability to re-install WordPress core definitions.
[Misc] Various performance improvements.
[Fix] Better error handling.

3.5-2

[Fix] Potential file name bug.
[Misc] Code clean-up.

3.5

[New] Checksums for WP 3.5.

3.4.2-7

[Fix] Case-insensitive indexes could prevent scanning all files.
[Misc] File system scanning now roughly 27% faster.
[Misc] Added set_time_limit() to help prevent execution timeouts.

3.4.2-6

[Misc] Dramatically simplified scan process and reporting.
[Misc] Queue-based scanning to improve support with slow servers.
[Change] MD5 checksums are once again used for validating custom content.

3.4.2-5

[Change] Switched from MD5 to CRC32 checksums for the custom file database as the former was simply too slow for many users.

3.4.2-4

[Fix] Disable automatic building of custom file database when missing; operation can take a long time on slow servers.

3.4.2-3

[New] Automatically build custom file database when missing.

3.4.2-2

[Fix] Bug affecting wp-content/uploads scan when uploads are split into multiple folders.
[New] Custom content scan.
[New] Scans now report duration spent in execution.
[Fix] Improved support for Windows servers.
[New] Last-run timestamp for each scan.

3.4.2

[New] Look-See is born!

WordPress.org