Me, Her, the Boy and a Dog

businessbullpen:

I’ve released a new WordPress plugin called WordPress File Monitor.  Essentially, it keeps track of what files are installed in your WordPress install (or site) and watches for files being added/deleted/changed.  One catch is that it does rely on WordPress being able to load in order to do its work.  So if the malicious individual totally brings your site down, or removes WordPress from loading somehow, it won’t work.  However, a lot of the hackers out there have gotten to where they like inserting code into your WordPress pages, sometimes code that you can’t even see because they make it only show up to search engines.  This plugin will help protect you against that by alerting you when the changes are made or a file of theirs is added to your system.

Currently for tracking changes to files, it is just comparing the modified date of the file.  Eventually I hope to make this more robust.  Another note is that there is an option to exclude paths from what is being monitored by the plugin.  If you use a plugin like WP Super Cache, it is highly recommended that you exclude its cache directory from being scanned.  Otherwise you will constantly be notified of changes made to the cache files.  In a future release I hope to make it auto detect WP Super Cache and not monitor those files.  I also would not set it to scan more then every 15 minutes or so.  Otherwise you run the risk of the plugin scanning your entire site every time someone visits your site, and that’s unnecessary load on the server.

Additionally, keep in mind, this is currently a pre-release beta.  So if you find bugs, please let me know on the plugin page.

One final note … you should always be aware of what is on your site.  This plugin will not replace you doing periodic scans of your site to make sure files haven’t been added or changed.  I make no promises whatsoever of its ability to catch all changes to your site.  But hopefully this plugin will help with that job :)