One of the goals for VaultPress is take as much of the guesswork out of securing your WordPress site as possible. In that spirit, we’ve just enabled a brand new security feature for all of our premium customers, a WordPress core file scanner.
How it works
VaultPress knows which version of WordPress your site is running. For each particular version of WordPress, we know what the MD5 checksum for each of the core files should be (an MD5 checksum is a kind of digital fingerprint for a file, that can be used to validate the integrity of that file).
Our new core file scanner scans your site and does the following:
- Checks that each of the expected core files exists
- Checks the MD5 checksum of each file
- Stores information about each file from PHP’s stat() function
On our initial scan of your site, we perform all three of these steps for each of the 750+ WordPress core files. This scan creates a baseline that we can compare against in future scans. If the MD5 checksum of a core file doesn’t match, we notify you through an alert in the security tab of your VaultPress dashboard. A variation in the checksum means that the file has been modified from the original version that came with your WordPress install.
If you weren’t the one who modified a file, it’s possible that your site has been hacked and malicious code injected. In that case, you can contact the VaultPress Safekeeper team from your dashboard and we’ll help you diagnose and correct the problem.
For the next version of the scanner, we plan to store a unified diff of core file changes — that will enable us to show you exactly what was modified in any given core file. We also plan to add malicious code detection to further enhance your site’s security with VaultPress.