Integrity Checker
Scan results showing issues found in WordPress core. Some issues are marked as "SOFT" meaning that they're most likely a false positive. Other issues are marked "HARD" and needs to be examined.
Integrity-checker uses a mix of traditional and new techniques to scan your website for potential issues. First and foremost, it verifies that all installed code is identical to it’s original version. By comparing WordPress core, plugins and themes in your installation with the original versions available at wordpress.org, Integrity-checker can quickly determine if there are any changes you need to be aware of. Integrity-checker also lets you compare your local version to the original to help you determine if you’ve been hacked.
Additionally, Integrity-checker scans all installed files for permission issues. Ensuring correct permissions is vital for WordPress security, as with any PHP based web application.
Lastly, Integrity-checker will look through some of the basic WordPress configuration to look for common security problems like user enumeration, directory index weak credentials etc.
Features
- Helps you track down hacked WordPress files in core, plugins and themes
- Makes it easy to find issues with file permissions
- Detects common configuration problems
3rd party software
cron-expression copyright Michael Dowling, see license. Cron-expression is slightly adopted to use the Integrity Checker namespace to avoid potential conflicts.
php-diff copyright Chris Boulton under the BSD license. php-diff is slightly adopted to use the Integrity Checker namespace to avoid potential conflicts.
silexphp/Pimple copyright Fabien Potencier, see license. Pimple is slightly adopted to use the Integrity Checker namespace to avoid potential conflicts.
DataTables 1.10.13 copyright 2008-2016 SpryMedia Ltd. Licensed under the MIT license, see datatables.net/license