Melapress File Monitor Plugin Changelog

Updated22 February, 2024

This plugin was previously called Website File Changes Monitor.

2.0.0 (2024-02-22)

Important: This is not an update on the previous version of the plugin. For this release we started with a clean slate and redesigned and developed the plugin from scratch.

Updates

Plugin renamed to Melapress File Monitor. It was previously called Website File Changes Monitor.

1.8.5 (2023-08-18)

Improvements

Updated the plugin so it is compatable with the upcoming release of WP Activity Log 4.6.
Updated branding (rebranded to Melapress)
Moved database creation code as part of the install.
Added a new option to “unclog” a dorment scan.

Bug fixes

Fixed a fatal error “Call to undefined function wp_timezone_string” triggered in some edge cases.
Fixed: WP Activity Log was not reporting file scanning events.

1.8.3 (2022-07-13)

Improvements

Remove obsolete upgrade classes for older versions of the plugin.
Revised and ensurce all SQL statements are prepared statements.
“Allowed files” setting now accepts a full path to an individual file and not just the filename (in case you have multiple files with the same name in different directories).
Improved help text positioning and content.

Security fix

SQL injection can be executed by users who have the Administrator user role. Reported by Nicolas VIDAL from TEHTRIS.

Bug fixes

File modifications will now adhere to any exclude files / directories.
Fixed: WP Activity Log was not reporting file scanning events.

1.8.2 (2022-05-11)

Improvements

Added the page navigation buttons at the bottom of the file list.
Ensured the correct text_domain is used allover the plugin’s code.

Bug fixes

Fixed an incompatibility issue with the WP Activity Log plugin.
Added conditional checks to ensure version specific WSAL functions can run.
Fixed potential PHP error caused by expected array commas.
Fixed issue which caused items to not be “Marked as read” when adding a directory to the excluded list.
Fixed console error caused my email validation with settings.

1.8.1 (2021-06-17)

Release Notes: Website File Changes Monitor 1.8: major performance, reliability & performance improvements

Improvements

Plugin now stores file changes in own database tables and format instead of CPTs.
Moved file scanning as a background task to reduce load and improve scan speed.
File information is now stored in the wp_options table accross multiple options (each max 1000 entries) to ensure we dont create a single large entry which can cause issues on some hosts.
Timezones are now handled nativity using wp_timezone_string rather than a DateTime object.
WordPress.org checksum checks runs on initial scan, alerting users of core file changes at the earliest opportunity.

1.7.2 (2021-05-19)

Improvements

Replace depreciated meta filter (removed from WP Activity Log 4.3).
Added further entries to the default list of allowed files in core directories.
Improve plugin help text.
Replaced custom logic for handling timezones with WordPress’ own wp_timezone_string function.
Improve logic for handling plugin activation on a sub-site within a multisite network.

1.7.1 (2021-01-14)

Release notes: Website File Changes Monitor 1.7.1: Improved UX & other minor updates

New features

Setting to enable / disable the sending of email after each scan, even when there are no changes to report. By default this is disabled.

Improvements

Mark as read now also add non-WordPress core files to list of allowed files in a website\’s WordPress core.
All reported file changes from a directory are automatically deleted when the directory is excluded from the scan or added to the list of allowed directories.
Removed “Add file to allowed list” – it is superseded by the improved Mark as read option.

Bug fixes

File changes in nested directories of excluded directories were still being reported.
Typo in Text-Domain

1.7.0 (2020-12-22)

Release notes: WFCM Update 1.7.0 – Detailed email notifications & WordPress core cross-checks

New features

Detailed file changes reported in the email notifications.
Website’s WordPress core files are now cross-checked against the official WordPress repository – more info in how the plugin detects file changes.
Added Setting to specify how many files are listed in the email notifications.
New Send test email buttons.

Improvements

Improved detection of WordPress core updates (better detection mechanism / less false positives).
Improved detection of plugins & themes install / update / uninstall.
Improved the first time install wizard.
Removed monthly scan schedule.
Standardized the order of entries in the days drop down menu.

Bug fixes

Scan schedule was not saved properly when only the scan time was changed.
WordPress core upgrade was not reported correctly – plugin reported number of deleted files instead.
Cron scheduling was not properly scheduling the scans (problem with local time setting).

1.6.2 (2020-10-27)

Improvements

Running / hung scans are better managed so failed scans do not lock further scan attempts.
Scheduler now uses the local timezone configured in WordPress.

Bug fixes

Scan schedule changes were not being saved properly when only the time was changed.
Setting “Scan common development directories” couldn’t be disabled in the settings.
Duplicate entries were allowed in lsit of excluded directories.
JS issue caused by third party plugin was breaking the plugin’s UI.

1.6.1 (2020-06-25)

Bug fix

Admin notification to upgrade WP Activity Log incorrectly implemented.

1.6 (2020-06-24)

Release notes: WFCM Update 1.6 – Integration with WP Activity Log

New feature

Plugin is now fully integrated in WP Activity Log: all file changes and scan progress will be reported in the WordPress activity log.

Improvement

Reduced the maximum number of files per scan to 200,000, resulting in much faster scans.

Bug fix

File size exceeded notification does not reflect the configured max file size.

1.5 (2020-04-08)

Release notes: Hourly file integrity scans & other improvements

New features

Plugin now uses SHA 256 for hashing instead of MD5, a more secure hashing algorithm.
Hourly file changes scans (refer to changing file integrity scan frequency).
Users can now mark all changes as read and not just those in the current view.

Improvements

Simplified plugin’s schedule and scan logic. New logic lightweight and more efficient.
Faster scheduled scans (sub scans run sequentially instead of being triggered with cron).
Scans that do not finish within the max scan time (3 minutes) are halted gracefully and user is alerted via email.
Rewritten the “Mark all as read” feature and now it is much faster.
First time install scan runs in the background, allowing the user to proceed with the wizard.
Improved plugin help text in wizard and settings.
Added *.json extension to default list of excluded files.

1.4.1 (2020-01-22)

New feature

New setting to scan development folders such as .svn and .git. This is disabled by default and can be enabled from the plugin’s settings.

Improvements

Scanning engine can now read any character in filenames, so it can scan any file in the website file system.
Added an email functionality test in the wizard. Since file changes are reported over email, it is important to confirm email functionality.

Bug fixes

An error caused during the uninstall of the plugin.
Not all plugin data was deleted on uninstall.

1.4 (2019-11-14)

Release notes: Improved WordPress file integrity monitor & better coverage

New features

New setting to specify notifications email address (multiple email addresses supported).
Plugin is now translatable.

Improvements

Plugin can now scan any file with any filename (improved scanning engine supporting special characters in filenames).
Added file changes count to each individual tab.

1.3 (2019-09-04)

Release notes: Plugin user experience (UX) improvements

New features

Added the timestamp of when the file change was detected. The date and time format used are those configured in WordPress.
Option to exclude all the directory from file integrity monitoring when a file change is detected in that directory.
New notification to alert user of no file changes during last scan (serves as a confirmation that the scan ran).
Setting to enable debug logs which can be used to troubleshoot technical problems.
Setting to delete all plugin data upon uninstall.

Improvements

Added a user notification for when the permalinks are not configured. Plugin requires permalinks to display the file changes.
Updated / improved some of the settings text.
Excluding the upgrade directory from file integrity monitoring by default.
Plugin now reports actual error when the scan fails (previously there were no notifications).
Upon install, plugin automatically disables file integrity monitoring on WP Activity Log plugin if installed.

Bug fix

Select all checkbox not reset after used for bulk selection.

1.2 (2019-07-22)

New features

Scan Now button added to main plugin interface.
Setting to enable scan debug logs (to help troubleshooting support issues).

Improvements

Improved the detection of plugins installed via zip file (not from repo).
Improved alert for when WSAL is also installed on the same website.

1.1 (2019-06-18)

Release notes: Email notifications of file changes on WordPress sites

New features

* Email notifications to site admin when file changes are detected.
* First time install notification to guide the user.
* New “Items per page” drop down menu in all file changes views.
* New setting to delete all data from WordPress database upon plugin uninstall.

Improvements

* Improved UX: file changes scan results are split in 3 tabs.
* Better handling and detection of symbolic links.
* Reviewed and improved text in the plugin’s settings.
* Added links to the file changes viewer in the plugin’s listing on the plugins page.
* Widtch of pop up window with list of files is now dynamic.
* Added plugin logo to WordPress menu entry.

Bug fix

* File extensions exclusion list no longer reset when scanning is switched off.

1.0.0 (2019-04)

First release – everything is new!