Website File Changes Monitor


Get alerted via email of file changes on your WordPress sites

Identify leftover files that can lead to sensitive business & technical data exposure. Pinpoint malware injections early to avoid irreparable site damage with this hassle-free plugin.

Everyone who owns a WordPress website knows how difficult it is to manage the site’s files. Leftover backup and source code files are very common, and they are the number one source of sensitive data breaches. Also, in case of a successful hack attack it is almost impossible to detect the infiltration and identify all the source code changes!

Use the Website File Changes Monitor plugin to easily get alerted via email and spot leftover files, injected malware and code changes! Remove files that could leave you expose and clean malware infections at the earliest possible.

Why Do You Need a Website File Changes Monitor?

No WordPress security solution is bullet proof. They all have their pros and cons. So the more tools you have at your disposal the easier it is to block and identify hack attacks at the earliest possible.

The Website File Changes Monitor plugin provides you with the much needed visibility about modifications of files on your site. File changes on your WordPress website can be an early sign of a malicious hack attack or a technical problem. Hence why many security professionals recommend a website files monitor plugin.

The Website File Changes Monitor plugin helps you:

  • Identify a possible hack attack during the early stages, allowing you to limit the damage
  • Find where exactly backdoors, trojans and other malware is injected on your site
  • Identify the infections and code changes during the post-hack forensics & cleanup
  • Catch red-handed the exploitation of 0-day vulnerabilities on your site
  • Ease the process of cleaning & recovering an infected hacked website

A Role Beyond WordPress Security

The scope of monitoring for site file changes goes beyond detecting malicious attacks and malware infections. It is a WordPress website security and management best practice that can also help you:

  • Check the integrity of your WordPress core, plugins and theme files
  • Find leftover files developers leave by mistake that could lead to sensitive information disclosure, such as backup files, database files etc
  • Keep track of where developers are doing code changes on your WordPress site
  • Troubleshoot and avoid unnecessary technical WordPress site problems

Website File Changes Monitor Plugin Features

Website File Changes Monitor is a very easy to use and zero admin plugin. Once installed it automatically starts scanning all the files on your WordPress site without requiring any manual intervention.

However don’t let the simplicity and automation fool you. Under the hood the Website File Changes Monitor plugin is a fully blown and configurable tool that every WordPress site administrator should install on their WordPress sites and multisite network.

Instant Email Notifications

The Website File Changes Monitor plugin sends you an email when it detects file changes on your WordPress sites and multisite networks.

The email includes all the details about the file changes; how many files were added, modified or deleted. The email will also include site admin changes such as plugins or themes installs, uninstalls and updates.

No False Alarms – Just Genuine Alerts!

The Website File Changes Monitor plugin uses an exclusive smart technology that detects WordPress core updates, plugins and themes installs, uninstalls and updates.

So when you update the WordPress core, install a new plugin, update a theme, or delete a plugin it won’t flood you with hundreds of alerts prompting a false alarm!

You only get alerted of genuine file changes that can have an effect on the functionality and security of your WordPress site!

Scans ALL Your Files, Including Custom Code

The Website File Changes Monitor plugin scans all the files on your WordPress site. It scans the WordPress core files, plugin files, theme files and also any other custom code files that you might have on your WordPress site.

It does not compare your files to a remote installation or list of files. It compares files to the last scan, so it takes into account any modifications you might have on your site, plugins and themes. In fact it scans any type of file and is not limited to just PHP and JavaScripts.

WordPress Multisite Networks Support

The Website File Changes Monitor plugin can also detect file changes on WordPress multisite networks. When installed on a network, the plugin configuration and alerts are only available to the super administrators, preventing possible disclosure of sensitive information that could jeopardize the security of the sites on the network.

Other Notable Plugin Features

  • Optimized scanning technology that does not affect the performance of your site
  • Website scan is split in stages, allowing for easy scanning of bigger sites
  • Fully configurable file scan frequency (daily, weekly, monthly, time of the day)
  • Instant file integrity scans with just a click of a button
  • Ability to exclude directories, files and file types from the scan
  • Configurable maximum file size to scan setting
  • File changes data only available to administrators for security reasons

FREE Plugin Support

Support for the WordPress Files Monitor plugin is available for free via:

For any other queries, feedback, or if you simply want to get in touch with us please use our contact form.

Further Reading & Information

The Website File Changes Monitor plugin is developed by WP White Security, developers of niche WordPress security and admin plugins, including WP Security Audit Log, the most comprehensive WordPress activity log plugin.

From within WordPress

  1. Visit ‘Plugins > Add New’
  2. Search for ‘Website File Changes Monitor’
  3. Install & activate the Website File Changes Monitor from your Plugins page.


  1. Download the plugin from the WordPress plugins repository
  2. Unzip the zip file and upload the website-file-changes-monitor folder to the /wp-content/plugins/ directory
  3. Activate the Website File Changes Monitor plugin through the ‘Plugins’ menu in WordPress


Can I install the Website File Changes Monitor plugin on WordPress version 4.6 or earlier?

Yes you can, but before installing it please install and activate the REST API plugin.


June 5, 2019
I was looking for this feature for years in wordpress, to know which files edited or deleted. Now here it is finally in a lightweight plugin. Every site needs this : )
May 13, 2019
This is a great plugin for keeping an eye on changes made to files on the server. It is very easy to use with a smooth UI, plus it seems very accurate based on my current usage and tests. Even better the reports are well-organized and easily managed. Hopefully email alerts will be added soon! 🙂
Read all 2 reviews

Contributors & Developers

“Website File Changes Monitor” is open source software. The following people have contributed to this plugin.



1.1 (2019-06-18)

Release notes: Email notifications of file changes on WordPress sites

  • New features

    • Email notifications to site admin when file changes are detected.
    • First time install notification to guide the user.
    • New “Items per page” drop down menu in all file changes views.
    • New setting to delete all data from WordPress database upon plugin uninstall.
  • Improvements

    • Improved UX: file changes scan results are split in 3 tabs.
    • Better handling and detection of symbolic links.
    • Reviewed and improved text in the plugin’s settings.
    • Added links to the file changes viewer in the plugin’s listing on the plugins page.
    • Widtch of pop up window with list of files is now dynamic.
    • Added plugin logo to WordPress menu entry.
  • Bug fix

    • File extensions exclusion list no longer reset when scanning is switched off.


Release Date: April, 2019

  • First release – everything is new!