{"id":309010,"date":"2026-05-08T19:50:06","date_gmt":"2026-05-08T19:50:06","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/uptrue-monitor\/"},"modified":"2026-05-08T19:49:46","modified_gmt":"2026-05-08T19:49:46","slug":"uptrue-monitor","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/uptrue-monitor\/","author":15317918,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.2.4","stable_tag":"1.2.4","tested":"6.9.4","requires":"5.0","requires_php":"7.0","requires_plugins":null,"header_name":"Uptrue Monitor","header_author":"Uptrue","header_description":"Monitor your site from the inside \u2014 file injections, rogue admin users, foreign-language content, brute force attacks, security misconfigurations, and more. Works standalone with a free monthly email report. No inbound ports. Works behind Cloudflare.","assets_banners_color":"4eafd8","last_updated":"2026-05-08 19:49:46","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/uptrue.io\/monitoring\/wordpress-site-monitor","header_author_uri":"https:\/\/uptrue.io","rating":5,"author_block_rating":0,"active_installs":0,"downloads":31,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.2.4":{"tag":"1.2.4","author":"sachindiwaker","date":"2026-05-08 19:49:46"}},"upgrade_notice":{"1.2.4":"

Addresses WP.org review feedback: contributor username corrected, admin menu repositioned to coexist with WordPress core navigation.<\/p>","1.2.3":"

Defensive sanitisation on the settings form to satisfy WordPress.org Plugin Check. No functional change.<\/p>","1.2.2":"

Eliminates false-positive "PHP file in \/uploads\/" findings caused by WordPress's own directory-protection stubs. Recommended upgrade.<\/p>","1.2.1":"

Compliance and security hardening release. No outbound connections happen until you explicitly connect by saving an API token. Plugin renamed to "Uptrue Monitor" \u2014 slug and settings unchanged.<\/p>","1.2.0":"

Major update \u2014 adds 10-language content injection detection, security configuration checks, brute force detection, and a free standalone monthly health report. No configuration changes required.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":1},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3526825,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3526825,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3526825,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3526825,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.2.4"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Plugin settings page \u2014 paste your API token and configure check frequency.","2":"Plugin dashboard \u2014 connection status, last push time, and API reachability at a glance.","3":"Cron status page \u2014 see all scheduled jobs and reschedule any that have dropped.","4":"Uptrue dashboard \u2014 live security findings, health score, and AI-powered fix suggestions."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[262369,1184,5603,600,29148],"plugin_category":[54],"plugin_contributors":[262370],"plugin_business_model":[],"class_list":["post-309010","plugin","type-plugin","status-publish","hentry","plugin_tags-file-scan","plugin_tags-malware","plugin_tags-monitoring","plugin_tags-security","plugin_tags-uptime","plugin_category-security-and-spam-protection","plugin_contributors-sachindiwaker","plugin_committers-sachindiwaker"],"banners":{"banner":"https:\/\/ps.w.org\/uptrue-monitor\/assets\/banner-772x250.png?rev=3526825","banner_2x":"https:\/\/ps.w.org\/uptrue-monitor\/assets\/banner-1544x500.png?rev=3526825","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/uptrue-monitor\/assets\/icon-128x128.png?rev=3526825","icon_2x":"https:\/\/ps.w.org\/uptrue-monitor\/assets\/icon-256x256.png?rev=3526825","generated":false},"screenshots":[],"raw_content":"\n

Uptrue Monitor<\/strong> keeps an eye on your WordPress site from the inside, detecting threats and misconfigurations that external uptime monitors will never catch.<\/p>\n\n

It works by running scheduled checks on your server and either sending findings to your Uptrue dashboard or emailing you a free monthly health report \u2014 no Uptrue account required to get started.<\/p>\n\n

No inbound ports. No firewall changes. Works behind Cloudflare.<\/strong><\/p>\n\n

What it monitors<\/h4>\n\n

File Security<\/strong>\n* PHP files injected into your \/uploads\/ directory\n* JavaScript files injected into \/uploads\/\n* Executable files (.sh, .exe, .py, .bat) in \/uploads\/\n* WordPress core file modifications (wp-login.php, wp-settings.php, wp-admin\/admin.php)\n* Active theme file changes (functions.php)\n* .htaccess and wp-config.php modification detection\n* World-writable directory permissions<\/p>\n\n

User & Access Security<\/strong>\n* New administrator and editor accounts\n* Login failure tracking (brute force detection)\n* REST API user enumeration exposure\n* Application passwords in use\n* XML-RPC enabled status\n* Two-factor authentication plugin detection<\/p>\n\n

Content Integrity<\/strong>\n* Foreign-language content injection \u2014 detects Chinese, Russian, Arabic, Hindi, Thai, Japanese, Korean, Hebrew, Bengali, and Georgian characters in page titles, slugs, and content (SEO spam detection)\n* New pages and posts published since last check<\/p>\n\n

Configuration & Health<\/strong>\n* Plugin updates available\n* Theme updates available\n* WordPress core auto-update status\n* Backup plugin presence\n* Debug mode (WP_DEBUG) status\n* Spam comment volume\n* Database size\n* Disk usage<\/p>\n\n

Two ways to use it<\/h4>\n\n

Standalone (free, no account needed)<\/strong>\nInstall the plugin and get a free monthly health report delivered to your WordPress admin email. No signup required.<\/p>\n\n

Connected to Uptrue (real-time alerts)<\/strong>\nAdd your Uptrue API token to get real-time alerts, a live security dashboard, AI-powered fix suggestions, and full historical reports. Create a free account at uptrue.io<\/a>.<\/p>\n\n

How it works<\/h4>\n\n

The plugin runs on a schedule using WordPress cron (every 60\u2013240 minutes, configurable). On each run it collects site health data and either pushes it to Uptrue or stores it locally for the monthly report. There are no inbound connections \u2014 your server always initiates the outbound request.<\/p>\n\n

Privacy<\/h4>\n\n

This plugin does not contact any external service until you explicitly opt in by saving an Uptrue API token in Uptrue \u2192 Settings<\/strong>. With no token saved, the plugin runs only local checks on your server and (optionally) emails the monthly health report to your WordPress admin email. No data leaves your server in standalone mode. Saving a token is treated as your explicit consent for the plugin to begin transmitting site health data to Uptrue. Clearing the token field stops all transmission immediately. See the Third Party Services section below for the full list of fields sent.<\/p>\n\n

Third Party Services<\/h3>\n\n

This plugin transmits data to Uptrue<\/strong> (https:\/\/uptrue.io), a website monitoring service operated by Vision Software Solutions Limited, Brentford, United Kingdom.<\/p>\n\n

When data is transmitted:<\/strong><\/p>\n\n

    \n
  1. When you save an API token \u2014 a one-time connectivity self-test is performed to verify the connection. This only runs after you have entered a token and clicked Save.<\/li>\n
  2. On each scheduled cron run (every 60\u2013240 minutes) \u2014 site health data is pushed to Uptrue.<\/li>\n<\/ol>\n\n

    No data is transmitted if no API token is saved. The plugin makes no outbound connections on activation or deactivation.<\/p>\n\n

    Data transmitted includes:<\/strong><\/p>\n\n