Getting started with the Website File Changes Monitor plugin
The Website File Changes Monitor plugin monitors your WordPress websites and multisite networks for file changes. When it detects file changes it instantly notifies you of the file changes via email.
All our WordPress plugins are very easy to use. However, we have prepared this getting started guide in case you need it to help you setup the basics of your plugin install.
Installing & activating the plugin
Once you buy the plugin install and activate the plugin by following this WordPress plugin installation guide.
How file scanning works on your WordPress website
The Website File Changes Monitor plugin does not compare your website files to a central repository. It identifies file changes by comparing the file scan results of two scans. We use this method instead of the former so:
- The plugin can identify changes in any file on your website, including non WordPress files with custom code
- You do not get false alarms when you customize WordPress core, plugins and themes code
- The source code and files of your website are not sent over the internet to third parties
- The plugin uses less bandwidth and processing power than conventional plugins to scan for file changes.
Since the plugin needs two scans to identify file changes it is important to launch the first file scan as soon as you install the plugin. To learn more about detecting file changes refer to our detailed write-up on File Integrity Monitoring & Scanning.
Starting the first WordPress file changes scan
By default the Website File Changes Monitor plugin scans your WordPress website every day at 02:00 (2:00AM). However, you can launch an instant scan by clicking the Scan Now button in the plugin’s settings.
The duration of the file integrity scan varies from site to site. It depends on the size of your WordPress site. Note that by default the plugin only scans executable files so it should take less than a minute. If you would like to change the time of the scan, refer to changing the WordPress file changes scan time and frequency.
What happens during the first WordPress website file scan?
During the first file scan the plugin stores the fingerprint of the executable files on your WordPress website in the database. It then compares these fingerprints to those collected during the second scan to identify file changes.
By default the plugin only scans executable files. It does not scan media files such as images (jpg, png) or music (mp3, wav). However, you can configure the plugin to scan these files. Refer to the including and excluding files in the WordPress file changes scan for more information.
If you want to learn more about this file changes scanning technology read our technical post on file integrity monitoring for WordPress.
Alerting you of file changes on your WordPress website
When the plugin identifies file changes it alerts you via email.
You can see all the file changes by logging in to your WordPress dashboard and navigating to File Monitoring, as seen in the below screenshot.
What should you do?
After you review the file changes you can click Mark as read to remove the notification. Click Exclude to exclude that particular file from future scans. When you exclude a file from scanning the plugin doesn’t alert you of any changes it detects on that file. You can include the excluded file in the scans from the plugin’s settings.