Two different types of File Integrity Monitoring methods
Posted: Sat Feb 22, 2025 6:19 am
Any other changes to your WordPress site's executable files could be a sign of intrusion, malware injection , or a developer error. Running a File Integrity Monitoring plugin on your WordPress site can help you easily detect these issues before they become a real threat to your website's security or functionality.
As a quick recap: File integrity monitoring can help you identify test files that should have been deleted, most malware injections (hint: our in-depth guide on SQL injections ) – including backdoors, redirects and trojans – and any other harmful changes to files.
When used in combination with an activity log , File Integrity Monitoring gives you a complete view of what is happening on your site at all times. You can carry out post-hack forensics to determine which files were attacked and by whom, and also improve the security around them to prevent future attacks.
The basis of file integrity monitoring is always the same: comparing belize phone number data fingerprints of a single file taken at different times. There are several ways to achieve this.
1. Comparing files to a central repository
A commonly used method is to compare a fingerprint to a central repository by using a WordPress plugin (more on plugins below). In this case, the plugin compares the fingerprint of your site's index.php file to the fingerprint of the last index.php file published by WordPress.
The advantage of using this method is that you can easily confirm whether your files are identical to the originals. However, since you are comparing data to a central repository, there are some shortcomings:
The solution cannot identify changes to distributed configuration files such as .htaccess and wp-config.php.
You will be flagged with false positives if you customize your website code.
The plugin can only compare files from known applications (WordPress core) and sometimes from popular plugins.
These solutions cannot detect changes in custom applications or plugins because there is nothing to compare them against.
The security of your website depends on how quickly the provider updates the original fingerprints or the availability of the central repository.
As a quick recap: File integrity monitoring can help you identify test files that should have been deleted, most malware injections (hint: our in-depth guide on SQL injections ) – including backdoors, redirects and trojans – and any other harmful changes to files.
When used in combination with an activity log , File Integrity Monitoring gives you a complete view of what is happening on your site at all times. You can carry out post-hack forensics to determine which files were attacked and by whom, and also improve the security around them to prevent future attacks.
The basis of file integrity monitoring is always the same: comparing belize phone number data fingerprints of a single file taken at different times. There are several ways to achieve this.
1. Comparing files to a central repository
A commonly used method is to compare a fingerprint to a central repository by using a WordPress plugin (more on plugins below). In this case, the plugin compares the fingerprint of your site's index.php file to the fingerprint of the last index.php file published by WordPress.
The advantage of using this method is that you can easily confirm whether your files are identical to the originals. However, since you are comparing data to a central repository, there are some shortcomings:
The solution cannot identify changes to distributed configuration files such as .htaccess and wp-config.php.
You will be flagged with false positives if you customize your website code.
The plugin can only compare files from known applications (WordPress core) and sometimes from popular plugins.
These solutions cannot detect changes in custom applications or plugins because there is nothing to compare them against.
The security of your website depends on how quickly the provider updates the original fingerprints or the availability of the central repository.