Report if files (core, theme, plugins) don't match checksums #382
Comments
|
This is part of the Health Check plugin since #41 - but only for core WordPress files. Themes and plugins are possible but they seem to be creating much more false positives: And this feature needs to be manually started. There is no schedule at the moment. If I remember correctly this was classified as plugin territory. Maybe this feature request could be revisited again. |
|
@Zodiac1978 from a security POV, this is very important. It'd be good to check core filess at least hourly. |
|
I do believe this falls a bit out of scope for the Health Check plugin (the intent of which is to be a troubleshooting tool, and not necessarily something that remains installed permanently, at least not now that the Site Health checks are part of WP core). There are many security plugins that are aimed at this use case though, and I believe it is better to leave this behavior to them. |
Feature request/bug description
Similar to WP-CLI's
verify-checksumsfeaturehttps://developer.wordpress.org/cli/commands/core/verify-checksums/
It would be helpful if Health Check warned you when a checksum mismatch occurred. A bunch of sites I manage had
wp-includes/general-template.phpaltered, and Site Health didn't warn of the problem.The text was updated successfully, but these errors were encountered: