Website File Changes Monitor

Description

Get alerted via email of file changes on your WordPress sites to boost reliability & security

There are many benefits you can take advantage of when you install this hassle-free file integrity monitor plugin on your website, such as:
* Keep track of the last code changes on your website for easier troubleshooting
* Identify leftover & backup files that can lead to sensitive business & technical data exposure
* Pinpoint malware injections early to avoid irreparable site damage
* Do the neccesary forensic work during a past-hack job

Keeping track and knowing of file changes on your WordPress website is a maintanence and security best practise every site owner should follow. This can only be done by installing a plugin. Use the Website File Changes Monitor plugin to automatically scan your website for file changes.

The plugin alerts you of file changes via email. It helps you easily spot leftover files, and identify injected malware and code changes, so you can remove the files that could leave your website exposed and clean malware infections at the earliest possible.

Maintained & Supported by WP White Security

WP White Security builds high-quality WordPress security & site management plugins like WP Activity Log, the #1 WordPress activity log plugin. Browse our list of WordPress plugins that help you better manage and improve the security of your WordPress website.

Why Do You Need a website file integrity monitoring plugin?

No single WordPress security solution is bullet proof. Every solution has its shortcomings. A complete security solution is made up of a suite of tools and plugins that work together, allowing you to address all of your website’s security requirements. The more tools and security layers you build, the harder it will be for attackers to succeed. It also makes it easier for you to block malicious attacks, and monitor the site’s security and health.

The Website File Changes Monitor plugin provides you with the much needed visibility of modifications that happen on your website’s file system. File changes on your WordPress website can be an early sign of a malicious hack attack or a technical problem. Hence why security professionals recommend a website files monitor plugin.

The Website File Changes Monitor plugin helps you:

  • Identify a possible hack attack during the early stages, allowing you to limit the damage
  • Find where exactly backdoors, trojans and other malware are injected on your site
  • Identify the infections and code changes during the post-hack forensics & cleanup
  • Catch red-handed the exploitation of 0-day vulnerabilities on your site
  • Ease the process of cleaning & recovering an infected hacked website

A Role Beyond WordPress Security

The scope of monitoring your website for file changes goes beyond detecting malicious attacks and malware infections. It is a WordPress website security and management best practice that can also help you:

  • Check the integrity of your WordPress core, plugins and theme files
  • Find leftover files developers leave by mistake that could lead to sensitive information disclosure, such as backup files, database files etc
  • Keep track of where developers are doing code changes on your WordPress site
  • Troubleshoot and avoid unnecessary technical WordPress site problems

Website File Changes Monitor Plugin Features

Website File Changes Monitor is a very easy to use and zero admin plugin. Once installed it automatically starts scanning all the files on your WordPress site without requiring any manual intervention.

However don’t let the simplicity and automation fool you. Under the hood the Website File Changes Monitor plugin is a fully blown and configurable tool that every WordPress site administrator should install on their WordPress sites and multisite network.

Instant Email Notifications

After a scan, the Website File Changes Monitor plugin sends an email with the list of file changes it identifies on your WordPress sites and multisite networks.

The email includes all the details you require to keep tabs of the file changes on your website, such as:
* The filename and the path of the file
* A count of how many files were added, modified or deleted
* A highlight of the site admin changes that caused the file changes, such as the plugins or themes installs, uninstalls and updates.

No False Alarms – Just Genuine Alerts!

The Website File Changes Monitor plugin uses an exclusive smart technology that detects WordPress core updates, plugins and themes installs, uninstalls and updates.

When you update the WordPress core, install a new plugin, update a theme, or delete a plugin it won’t flood you with hundreds of alerts prompting a false alarm! You only get alerted of genuine file changes that can have an effect on the functionality and security of your WordPress site!

Scans ALL Your Files, Including Custom Code

The Website File Changes Monitor plugin can scan any type of file and it is not limited to WordPress and PHP files. Apart from the WordPress core files, plugins and themes files, it will also scan any other custom code files that you might have on your WordPress site.

It also compares the WordPress core files of your website to the list of files on the official WordPress repository, so it will also alert you if a WordPress core file has been tampered with, or changed.

To learn more on both the file integrity monitoring technologies the plugin uses refer to how the plugin detects file changes on WordPress

WordPress Multisite Networks Support

The Website File Changes Monitor plugin can also detect file changes on WordPress multisite networks. When installed on a network, the plugin configuration and alerts are only available to the super administrators, preventing possible disclosure of sensitive information that could jeopardize the security of the sites on the network.

Other Notable Plugin Features

  • Optimized scanning technology that does not affect the performance of your site
  • Fully configurable file scan frequency (hourly, daily, weekly, time of the day)
  • Instant file integrity scans with just a click of a button
  • Ability to exclude directories, files and file types from the scan
  • Configurable maximum file size to scan
  • File changes data only available to administrators for better security

FREE Plugin Support

Support for the WordPress Files Monitor plugin is available for free via:

For any other queries, feedback, or if you simply want to get in touch with us please use our contact form.

As Featured On:

Further Reading & Information

The Website File Changes Monitor plugin is developed by WP White Security, developers of niche WordPress security and admin plugins, including WP Activity Log, the most comprehensive WordPress activity log plugin.

Translate the plugin in your own language

If you want to help us translate this plugin in your own language please contact us. We will credit all translators.

From within WordPress

  1. Visit ‘Plugins > Add New’
  2. Search for ‘Website File Changes Monitor’
  3. Install & activate the Website File Changes Monitor from your Plugins page.

Manually

  1. Download the plugin from the WordPress plugins repository
  2. Unzip the zip file and upload the website-file-changes-monitor folder to the /wp-content/plugins/ directory
  3. Activate the Website File Changes Monitor plugin through the ‘Plugins’ menu in WordPress

Screenshots

  • The main inteface where the identified added, modified and deleted files are reported.
  • The plugin's exclusive smart technology alerts you when the file changes are due because of a WordPress core, plugin or theme install, update or uninstallation.
  • The plugin has an easy to follow wizard so you can configure the essentials and start using the plugin within just seconds.
  • Configure all the essential settings in the wizard, such as the scan schedule.
  • In the wizard you also get an explanation of how you can use the plugin and how to manage the reported file changes.
  • The email will alert you of any file changes in the email notification, that is automatically sent once the scan is finished.

FAQ

Can I install the Website File Changes Monitor plugin on WordPress version 4.6 or earlier?

Yes you can, but before installing it please install and activate the REST API plugin.

Reviews

September 25, 2022
Merci de permettre de faire le ménage efficacement. Thank you for helping to clean house efficiently.
February 4, 2022
Great plugin with good support. Gives great insight on file changes if you need the ability to audit what is changing on your site.
January 17, 2022
This plugin by being able to detect plugin updates and also WP updates and therefore only reporting file changes outside that scope is much better than the option plugins available to detect file modifications. And last but not least, the support just prove to be fantastic.
February 7, 2021
When we mark files discovered on a scan as read. Then in the next immediate scan it is showing same files as newly changed even actually there is no change in files. My email is flooded with false file change warning emails. I think people who are developing this plugin doesn't even test its main functionality before issue updates. Which means this plugin might have more undiscovered security and functionality issues in it. Recommending not to install this plugin and uninstall if its installed. Don't make your precious website a test subject of someones junk. It's their job to test the plugin properly before issue any updates, not ours.
Read all 18 reviews

Contributors & Developers

“Website File Changes Monitor” is open source software. The following people have contributed to this plugin.

Contributors

“Website File Changes Monitor” has been translated into 2 locales. Thank you to the translators for their contributions.

Translate “Website File Changes Monitor” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.8.3 (2022-07-13)

  • Improvements

    • Remove obsolete upgrade classes for older versions of the plugin.
    • Revised and ensurce all SQL statements are prepared statements.
    • “Allowed files” setting now accepts a full path to an individual file and not just the filename (in case you have multiple files with the same name in different directories).
    • Improved help text positioning and content.
  • Security fix

    • SQL injection can be executed by users who have the Administrator user role. Reported by Nicolas VIDAL from TEHTRIS.
  • Bug fixes

    • File modifications will now adhere to any exclude files / directories.
    • Fixed: WP Activity Log was not reporting file scanning events.

1.8.2 (2022-05-06)

  • Improvements

    • Added the page navigation buttons at the bottom of the file list.
    • Ensured the correct text_domain is used allover the plugin’s code.
  • Bug fixes

    • Fixed an incompatibility issue with the WP Activity Log plugin.
    • Added conditional checks to ensure version specific WSAL functions can run.
    • Fixed potential PHP error caused by expected array commas.
    • Fixed issue which caused items to not be “Marked as read” when adding a directory to the excluded list.
    • Fixed console error caused my email validation with settings.

1.8.1 (2021-06-17)

  • Bug Fix
    • Adding missing update to class to prepare new file events table.

1.8.0 (2021-06-17)

Release Notes: Website File Changes Monitor 1.8: major performance, reliability & performance improvements

  • Improvements
    • Plugin now stores file changes in own database tables and format instead of CPTs.
    • Moved file scanning as a background task to reduce load and improve scan speed.
    • File information is now stored in the wp_options table accross multiple options (each max 1000 entries) to ensure we dont create a single large entry which can cause issues on some hosts.
    • Timezones are now handled nativity using wp_timezone_string rather than a DateTime object.
    • wordpress.org checksum checks runs on initial scan, alerting users of core file changes at the earliest opportunity.

Earlier versions

Please refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous versions of the Website File Changes Monitor plugin for WordPress.