[Plugin: WordPress File Monitor Plus] Normal changes vs ones to watch out for

  • Resolved hollykny

    (@hollykny)


    12 years ago

    Thanks for providing us with this plug-in! I’m installing it on all of my customer’s sites, and have a question. For someone whose site is pretty active (i.e., a customer who blogs a lot, gets a lot of comments, possibly has ecommerce, or a membership site where people are registering for classes, etc.), how can I determine which folders or files may be changing on a daily basis that aren’t something to worry about, vs the red flags we should watch for? I am concerned my customers are going to email me these log files daily and ask me to review them, which of course is impossible. And I’m not even certain what files get changed during the normal use of a site. I hesitate to have it ignore certain folders, too. Any tips are welcome.

    http://wordpress.org/extend/plugins/wordpress-file-monitor-plus/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Scott Cariss

    (@l3rady)

    12 years ago

    I cannot answer this completely as its down to your own opinion.

    I personally think its ok to ignore certain file extensions such as images. If you ignore these then this will cut down on a lot of the noise in the reports when users are constantly upload images for posts.

    You may also want to ignore files like pdfs xls doc etc.

    As for folders to ignore I would ignore any cache directories as these will be changing all the time. If you ignored a cache directory just make sure there is no way web accessed files can be run from those directories. You don’t want a hacker uploading a shell to those directories and then be able to run it un-detected.

    Files you dont want to be ignoring is core files, themes and plugins.

    Hope this helps you decide what things to ignore

    Thread Starter hollykny

    (@hollykny)

    12 years ago

    Hi Scott! That was a fast reply and is very helpful.

    If I may ask another question – when someone creates a blog post, does that content go right into the MySQL DB and therefore no files in wp-admin, wp-content, or wp-includes should show as being touched, aside from any graphics they may add to the post which would be in wp-content/uploads?

    Thanks…

    Plugin Author Scott Cariss

    (@l3rady)

    12 years ago

    Yes that is correct. The only files made on the file system are those from user uploads. For example a user may attach some images/files to accompany the post, these files are usually stored in /wp-content/uploads/... (I wouldn’t ignore this directory).

    Certain plugins may do things to the file system on post creation but I don’t know of any.

    Thread Starter hollykny

    (@hollykny)

    12 years ago

    Great. Thanks again. I appreciate your input.

    Holly

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[Plugin: WordPress File Monitor Plus] Normal changes vs ones to watch out for’ is closed to new replies.