WordPress installations require some folders to have permissions set at 777 either temporarily or permanently. These writable folders allow hackers to upload files used for phishing, DDoS, or sending email spam.
The WordPress File Monitor Plus Plugin monitors not only the files in the WordPress installation folders but all the files in the public folder for additions/deletions/changes.
Here are features in the latest version (2.2):
- Monitors file system for added/deleted/changed files
- Sends email when a change is detected
- Administration area alert to notify you of changes in case email is not received
- Ability to monitor files for changes based on file hash, time stamp and/or file size
- Ability to exclude files and directories from scan (for instance if you use a caching system that stores its files within the monitored zone)
- Site URL included in notification email in case plugin is in use on multiple sites
- Ability to run the file checking via an external cron so not to slow down visits to your website and to give greater flexibility over scheduling
- Ability to set file extension to be ignored or only scanned
- Multi-site support