Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Monitoring file changes

From: WordPress 3: Developing Secure Sites

Video: Monitoring file changes

The bad guys are clever when it comes to covering their tracks. Often they will gain access to your site and leave only a small file, or slice of code on the server, without messing with anything else. The small file or code is referred to as a back door and enables the bad guys to come and go as they please. In this screencast, we'll see how to keep a close eye on any changes, so you can take swift action should this occur. Here in our FTP/file editor we're looking at the root directory of our demo site and as we can see here, a typical WordPress installation provides many places, many files and places for bad guys to get in and hide code snippets, other files, evil scripts, and so on, either tucked deep within one of these files or inserted into a directory somewhere. Unless you know exactly what to look for, finding these hacked files in your WordPress installation is virtually impossible, but there is an easy way to keep track of what's being changed on your server.

Monitoring file changes

The bad guys are clever when it comes to covering their tracks. Often they will gain access to your site and leave only a small file, or slice of code on the server, without messing with anything else. The small file or code is referred to as a back door and enables the bad guys to come and go as they please. In this screencast, we'll see how to keep a close eye on any changes, so you can take swift action should this occur. Here in our FTP/file editor we're looking at the root directory of our demo site and as we can see here, a typical WordPress installation provides many places, many files and places for bad guys to get in and hide code snippets, other files, evil scripts, and so on, either tucked deep within one of these files or inserted into a directory somewhere. Unless you know exactly what to look for, finding these hacked files in your WordPress installation is virtually impossible, but there is an easy way to keep track of what's being changed on your server.

Using a plug-in called WordPress File Monitor helps us to keep track of any and all changes made to anything on the server, and it's all done automatically. Let's go to the Add New Plugins screen and type in WordPress File Monitor to take a look at the plug in. Click on the Details link for WordPress File Monitor, and it says here that it has not been tested with a current version of WordPress, but in fact it is compatible with WordPress 3.0.

I can say from personal experience that this plug-in works great at the current 3.1.3 version of WordPress. This plug-in has been downloaded many times, enjoys excellent ratings, was updated not too long ago, and as you can see, installation is typical. And since we already have this plug-in installed on our demo site, let's go ahead and click on the WordPress File Monitor link in the Settings menu to configure the plug-in.

Here we are at the Plugins Settings page. Let's for now display a message on the Dashboard whenever there's an active alert. When this plug-in notices a change on the server, we can go to our dashboard and see a notification of what's going on. The Scan Interval, don't go too crazy here. This is something that should be set. 30--actually the default value is fine. Leave it at 30. If anything, change it to 60. I wouldn't go anything less than 15 minutes, especially if you have a lot of traffic on your site.

So let's just leave it at the default and let the plug-in scan your files every 30 minutes. For the Detection Method, let's just leave this at the default setting. We don't want to invoke any potential performance issues, but feel free to experiment if you have time. And here, enter your email address and then replicate it here. For the Notification Format, leave it at detailed so you can see what a detailed alert looks like, and then if it's too much information, maybe change it later.

And here the site root will be pre-filled by the plug-in, but if it doesn't look right or if the plug-in doesn't work, feel free to change it. And here, exclude paths are helpful if you're running specific plug-ins that are changing files constantly or continuously and should be excluded from these alerts. For example, here we have w3 total cache and we've added its directory here, so that the plug-in knows not to worry about changes made in this directory.

Once we have all of our settings in place, click on the Submit button to save our changes, and that's it. Now that we've configured the plug-in, let's see it in action. We go to the FTP/file editor and we open a random file, which we've done, and let's make a change. A good way of modifying a file without actually changing anything is to simply tab down, add some text, and then remove your changes, and click Save, and put the file back up on the server.

Then we return to the File Monitor settings page and run a test by clicking Performs Scan Now. It may take a moment, especially if you have a lot of files and aha! The plug-in has noticed the change. We can click this link here to view changes and clear this alert, which is also available from the WordPress dashboard. Click on View changes and clear this alert and you will see the changes we've made, both for this tutorial and previous tutorials.

When we're done we click Remove Alert after we've inspected the changes. If there's anything that you see that you did not change, you're in a better position to take immediate action. We've been using WordPress File Monitor at our Digging into WordPress site for over a year, and with much success. It's a great way to keep an eye on changes in an easy automated way. If our site is ever hacked, we'll know exactly which files have been added, deleted, or edited. In this screencast, we've seen how to improve the security of our site by keeping a close eye on changes made to the server.

We do this with a plug-in called WordPress File Monitor, which is free and easy to install--highly recommended to increase the security of your WordPress site.

Show transcript

This video is part of

Image for WordPress 3: Developing Secure Sites
WordPress 3: Developing Secure Sites

36 video lessons · 11282 viewers

Jeff Starr
Author

 

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ.

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Join now "Already a member? Log in

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed WordPress 3: Developing Secure Sites.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferencesfrom the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.