Search Knowledge Base by Keyword
Website File Changes Monitor Plugin Changelog
- Remove obsolete upgrade classes for older versions of the plugin.
- Revised and ensurce all SQL statements are prepared statements.
- “Allowed files” setting now accepts a full path to an individual file and not just the filename (in case you have multiple files with the same name in different directories).
- Improved help text positioning and content.
- SQL injection can be executed by users who have the Administrator user role. Reported by Nicolas VIDAL from TEHTRIS.
- File modifications will now adhere to any exclude files / directories.
- Fixed: WP Activity Log was not reporting file scanning events.
- Added the page navigation buttons at the bottom of the file list.
- Ensured the correct text_domain is used allover the plugin’s code.
- Fixed an incompatibility issue with the WP Activity Log plugin.
- Added conditional checks to ensure version specific WSAL functions can run.
- Fixed potential PHP error caused by expected array commas.
- Fixed issue which caused items to not be “Marked as read” when adding a directory to the excluded list.
- Fixed console error caused my email validation with settings.
Release Notes: Website File Changes Monitor 1.8: major performance, reliability & performance improvements
- Plugin now stores file changes in own database tables and format instead of CPTs.
- Moved file scanning as a background task to reduce load and improve scan speed.
- File information is now stored in the wp_options table accross multiple options (each max 1000 entries) to ensure we dont create a single large entry which can cause issues on some hosts.
- Timezones are now handled nativity using wp_timezone_string rather than a DateTime object.
- WordPress.org checksum checks runs on initial scan, alerting users of core file changes at the earliest opportunity.
- Replace depreciated meta filter (removed from WP Activity Log 4.3).
- Added further entries to the default list of allowed files in core directories.
- Improve plugin help text.
- Replaced custom logic for handling timezones with WordPress’ own wp_timezone_string function.
- Improve logic for handling plugin activation on a sub-site within a multisite network.
Release notes: Website File Changes Monitor 1.7.1: Improved UX & other minor updates
- Setting to enable / disable the sending of email after each scan, even when there are no changes to report. By default this is disabled.
- Mark as read now also add non-WordPress core files to list of allowed files in a website’s WordPress core.
- All reported file changes from a directory are automatically deleted when the directory is excluded from the scan or added to the list of allowed directories.
- Removed “Add file to allowed list” – it is superseded by the improved Mark as read option.
- File changes in nested directories of excluded directories were still being reported.
- Typo in Text-Domain
Release notes: WFCM Update 1.7.0 – Detailed email notifications & WordPress core cross-checks
- Detailed file changes reported in the email notifications.
- Website’s WordPress core files are now cross-checked against the official WordPress repository – more info in how the plugin detects file changes.
- Added Setting to specify how many files are listed in the email notifications.
- New Send test email buttons.
- Improved detection of WordPress core updates (better detection mechanism / less false positives).
- Improved detection of plugins & themes install / update / uninstall.
- Improved the first time install wizard.
- Removed monthly scan schedule.
- Standardized the order of entries in the days drop down menu.
- Scan schedule was not saved properly when only the scan time was changed.
- WordPress core upgrade was not reported correctly – plugin reported number of deleted files instead.
- Cron scheduling was not properly scheduling the scans (problem with local time setting).
- Running / hung scans are better managed so failed scans do not lock further scan attempts.
- Scheduler now uses the local timezone configured in WordPress.
- Scan schedule changes were not being saved properly when only the time was changed.
- Setting “Scan common development directories” couldn’t be disabled in the settings.
- Duplicate entries were allowed in lsit of excluded directories.
- JS issue caused by third party plugin was breaking the plugin’s UI.
- Admin notification to upgrade WP Activity Log incorrectly implemented.
Release notes: WFCM Update 1.6 – Integration with WP Activity Log
- Plugin is now fully integrated in WP Activity Log: all file changes and scan progress will be reported in the WordPress activity log.
- Reduced the maximum number of files per scan to 200,000, resulting in much faster scans.
- File size exceeded notification does not reflect the configured max file size.
Release notes: Hourly file integrity scans & other improvements
- Plugin now uses SHA 256 for hashing instead of MD5, a more secure hashing algorithm.
- Hourly file changes scans (refer to changing file integrity scan frequency).
- Users can now mark all changes as read and not just those in the current view.
- Simplified plugin’s schedule and scan logic. New logic lightweight and more efficient.
- Faster scheduled scans (sub scans run sequentially instead of being triggered with cron).
- Scans that do not finish within the max scan time (3 minutes) are halted gracefully and user is alerted via email.
- Rewritten the “Mark all as read” feature and now it is much faster.
- First time install scan runs in the background, allowing the user to proceed with the wizard.
- Improved plugin help text in wizard and settings.
- Added *.json extension to default list of excluded files.
- New setting to scan development folders such as .svn and .git. This is disabled by default and can be enabled from the plugin’s settings.
- Scanning engine can now read any character in filenames, so it can scan any file in the website file system.
- Added an email functionality test in the wizard. Since file changes are reported over email, it is important to confirm email functionality.
- An error caused during the uninstall of the plugin.
- Not all plugin data was deleted on uninstall.
Release notes: Improved WordPress file integrity monitor & better coverage
- New setting to specify notifications email address (multiple email addresses supported).
- Plugin is now translatable.
- Plugin can now scan any file with any filename (improved scanning engine supporting special characters in filenames).
- Added file changes count to each individual tab.
Release notes: Plugin user experience (UX) improvements
- Added the timestamp of when the file change was detected. The date and time format used are those configured in WordPress.
- Option to exclude all the directory from file integrity monitoring when a file change is detected in that directory.
- New notification to alert user of no file changes during last scan (serves as a confirmation that the scan ran).
- Setting to enable debug logs which can be used to troubleshoot technical problems.
- Setting to delete all plugin data upon uninstall.
- Added a user notification for when the permalinks are not configured. Plugin requires permalinks to display the file changes.
- Updated / improved some of the settings text.
- Excluding the upgrade directory from file integrity monitoring by default.
- Plugin now reports actual error when the scan fails (previously there were no notifications).
- Upon install, plugin automatically disables file integrity monitoring on WP Activity Log plugin if installed.
- Select all checkbox not reset after used for bulk selection.
- Scan Now button added to main plugin interface.
- Setting to enable scan debug logs (to help troubleshooting support issues).
- Improved the detection of plugins installed via zip file (not from repo).
- Improved alert for when WSAL is also installed on the same website.
Release notes: Email notifications of file changes on WordPress sites
* Email notifications to site admin when file changes are detected.
* First time install notification to guide the user.
* New “Items per page” drop down menu in all file changes views.
* New setting to delete all data from WordPress database upon plugin uninstall.
* Improved UX: file changes scan results are split in 3 tabs.
* Better handling and detection of symbolic links.
* Reviewed and improved text in the plugin’s settings.
* Added links to the file changes viewer in the plugin’s listing on the plugins page.
* Widtch of pop up window with list of files is now dynamic.
* Added plugin logo to WordPress menu entry.
* File extensions exclusion list no longer reset when scanning is switched off.
- First release – everything is new!