WordPress site security requires constant vigilance, but manually monitoring file changes across installations is time-consuming and error-prone. The need for an automated system that detects unauthorized modifications while providing actionable insights led to the development of the 84EM File Integrity Checker plugin.
Solution
The 84EM File Integrity Checker provides automated security monitoring by verifying the SHA-256 checksums of every file in a WordPress installation. The plugin runs scheduled scans in the background, detects unauthorized changes, and delivers immediate notifications when modifications occur.
Built with modern PHP architecture and dependency injection patterns, the system handles large installations through memory-efficient streaming and background processing. Multiple scan schedules can run independently with customizable frequency and timing.
Technical Implementation
- Automated Background Scanning: Multiple independent scan schedules with configurable frequency (hourly, daily, weekly) run via Action Scheduler without impacting site performance.
- Comprehensive File Monitoring: Tracks additions, modifications, and deletions across WordPress core, themes, plugins, and uploads with SHA-256 checksum verification.
- Instant Notifications: Email and Slack webhook alerts deliver detailed change reports the moment unauthorized modifications are detected.
- Visual Change Tracking: Built-in diff viewer shows exact file modifications between scans, highlighting added and removed lines.
- Performance Optimization: Checksum caching with TTL reduces scan time on large installations, while compressed storage minimizes database overhead.
- WP-CLI Integration: Command-line tools enable scanning, scheduling, and configuration from the terminal or in deployment scripts.
- Comprehensive Logging: Activity tracking with retention management provides a complete audit trail of all scanning operations and detected changes.
- Flexible Configuration: Customizable directory exclusions, file pattern matching, and notification preferences adapt to any WordPress installation.
Results
The plugin provides continuous security monitoring without requiring manual intervention. Site administrators receive immediate alerts when files change, enabling rapid response to potential security incidents.
The combination of automated scheduling, detailed change tracking, and actionable notifications transforms WordPress file integrity monitoring from a manual, time-consuming task into a fully automated security layer. Development teams can deploy with confidence knowing any unauthorized modifications will be detected and reported immediately.