Last week, we covered two tools to help you scan your website for malware. Another method to determine if your site has been hacked is to look at changes in your server files themselves. That, though, can be time consuming if you do it manually. If you use WordPress (the self-hosted variety), and you want to use an automated tool that detects changes to files, take File Monitor Plus for a spin.
File Monitor Plus is a WordPress plugin that scans the files on your server on a schedule set by you, and notifies you of any modifications, additions, or deletions to those files. That should give you prompt warning of any trouble. The check can be as simple as comparing file size or date modified, or as involved as looking at the file hash. The latter will consume more server resources. You can tell the plugin to notify you in your WordPress dashboard, by email, or both. You can set the scan to occur hourly, twice daily, daily, or manually. You can also whitelist files and directories, such as those that receive frequent changes, to exempt them from the scan.
Changing files isn’t the only way a hacker can attack your site, but File Monitor Plus is simple enough to set up that you should give serious consideration to it if you’re worried about security.
What tools do you use to protect your site?