The WordPress File Monitor Plus plugin monitors all the files in your WordPress site. If any files change, are added or removed you will receive an email detailing the changes.
What You Need To Do
Install and enable the plugin.
Why The WordPress File Monitor Plus Is Important
This plugin will monitor all the files in your WordPress site. If someone breaks into your site they will most likely add files to your site. These extra files can act as backdoors, which can potentially allow hackers to execute files from their own servers. These files can hijack your traffic, place unwanted ads or links on your pages and place malware on your visitors computers.
With the File Monitor you will be notified by email if anything in the file system changes. This will allow you to quickly clean up a hacking attempt, because you know exactly which files have been modified and when the hack occurred. Best option is to restore a recent backup from before the hacking attempt took place to wipe out any changes the hackers might have made to the database as well. See the chapter Rescue Plan in The WordPress Security Checklist for more information on how to recover from a hack.
How You Complete This Security Checkpoint
Follow these steps:
Add and Activate the plugin.
Your caching plugins working directory.
For W3 Total Cache this would be the wp-content\w3tc folder.
For WP Super Cache this would be the wp-content\cache folder.
Your caching plugins configuration files if they are updated often by the plugin.
Your sitemap files.
The error_log file.
If you are using Datafeedr you should be storing your product image files locally (for performance reasons).
You can choose to exclude the store folder from the file scan. This will stop the file monitor from sending emails every time a product image is added to the local folder.
Once your products images have been fully downloaded we recommend that you include the store folder in your file scan again.
We recommend that you leave the File Extensions Scan disabled. Using this option you can exclude certain file types, image files for example, from the scan.
Often malicious code is disguised as graphics files, so you should monitor all files.
Tip! When you update a plugin you will receive an alert. Sometimes quite a few files have been updated. The list of file changes is ordered by directory, so you can quickly check that only the plugin files have been updated by verifying the first and last files in the list.
All updated files are in the plugin directory in this example.
Tip! Run a manual scan before you update plugins. This will ensure no files have been added before you do the update. Once the update has completed run another manual scan and accept the changes. This way you are certain that all the changes you accept are directly related to your upgrade.
If you use the built in WordPress Cron the File Monitor scan will only run if there are visitors to your site. And you cannot control the time the job runs.
If you setup a cron job on your hosting account or dedicated server to run the File Monitor scan you know that it will run every day and at what time it will run. This could be important in determining which backup to use in case you ever need to restore your site. This is discussed further in the chapter Rescue Plan in The WordPress Security Checklist.
The command you need to run in the cron job is given below the Cron Method setting. Ask your hosting company how to set up the cron job.
Please leave them below. Thanks!