How to Be Notified If Somebody Hacks Your WordPress Site

Monitor site for hacking

Last week, we covered two tools to help you scan your website for malware. Another method to determine if your site has been hacked is to look at changes in your server files themselves. That, though, can be time consuming if you do it manually. If you use WordPress (the self-hosted variety), and you want to use an automated tool that detects changes to files, take File Monitor Plus for a spin.

File Monitor Plus is a WordPress plugin that scans the files on your server on a schedule set by you, and notifies you of any modifications, additions, or deletions to those files. That should give you prompt warning of any trouble. The check can be as simple as comparing file size or date modified, or as involved as looking at the file hash. The latter will consume more server resources. You can tell the plugin to notify you in your WordPress dashboard, by email, or both. You can set the scan to occur hourly, twice daily, daily, or manually. You can also whitelist files and directories, such as those that receive frequent changes, to exempt them from the scan.

Changing files isn’t the only way a hacker can attack your site, but File Monitor Plus is simple enough to set up that you should give serious consideration to it if you’re worried about security.

What tools do you use to protect your site?

File Monitor Plus

Evan Kline

Hello, I'm Evan. I write about tech from my perspective – that of the average 40-something tech geek. You can also find me on Twitter and at my real-life job as a lawyer.    MORE ABOUT ME.


  1. This was all meant to be. Recently I had two new clients where security was a concern. I’ve spent the last week or so trying to tighten things up. This will be another tool.

    Your article is obviously my higher power giving me a little kick in the head.


  2. Very topical. A friend of mine recently had some of his sites hacked. I’ll definitely use this.

  3. Great tools. I hate hackers but those tools will be a real help.

  4. I don’t use tools, yet I never been hacked. I never share my passwords with nobody, NEVER!
    I also have very complicated passwords, with upper and lower cases and also numbers, random stuff, nobody could figure them out.

  5. Does the plugin also track files outside of the WP structure? I’ve been running a standalone script to do exactly this for a few years now. Works great though the only down side is if there are changes detected I have to manually reset it. Not a big deal really.

Leave a Reply