Where can I see "detected file changes on your system"?

Viewing 7 replies - 1 through 7 (of 7 total)

  • @wpforum

    Please clarify.

    You do not have any File Changes Detected entries in the main Logs page ?

    Or File Changes Detected entries exist but the Details link is showing no Added, Removed, Changed values ?

    dwinden

    Thread Starter wpforum

    (@wordpressorgforum)

    @dwinden

    – I do not know where the File Changes Detected can be seen. In Logs?

    – Would I see “no Added, Removed, Changed values”?

    A screen shot would be helpful. Thanks.

    @wpforum

    Based on your response it looks like you don’t have any File Changes Detected entries/records displayed in the Logs page.

    If you select File Change History from the Select Filter: dropdown listbox at the top of the Logs report 0 records will probably be displayed in the Logs page.

    I think you are suffering from a database issue which prevents any iTSec plugin File Change Detection log records from being saved in your database. I’ve seen this issue before.

    Check your web server error_log file for any errors.

    dwinden

    Thread Starter wpforum

    (@wordpressorgforum)

    @dwinden Thank you. Now i see the File Change History. and I see Files Added, Removed, Changed. I clicked Details to see the changes.

    How can I tell which are from me updating the plugins, WordPress making automatic updates, or someone trying to hack the site?

    @wpforum

    Ah right, seems like the File Changes Detected entries got buried in many other log entries.
    Always use the Select Filter: dropdown listbox ??

    Well first of all you need to have a basic understanding of how your WordPress folder structure looks like. It’s easy:

    WordPress core files are in these folders:

    • / (root)
    • wp-admin
    • wp-content
    • wp-includes

    WordPress plugin files are in:

    • wp-content/plugins/[plugin name]

    WordPress theme files are in:

    • wp-content/themes/[theme name]

    So when you update the iTSec plugin the File Change Detection entry in the Logs page will report a number of Changed files (and perhaps some Removed and/or Added files) in the wp-content/plugins/better-wp-security folder.

    In general if you cannot link reported file changes to a legit event in WordPress you’ll need to investigate.
    It’s your WordPress site, you should know what happens to it.
    Use an event logging plugin for assistance in case you miss any event.

    The iTSec Pro plugin includes an additional File Change Detection setting named Compare Files Online.
    It compares files, for which file changes are detected, with clean online files. If the files match, the file change is remove from the File Change Detection result.
    Basically helps reducing reported file changes that YOU need to verify.

    If the info provided above answers your question please mark this topic as ‘resolved’.

    dwinden

    Thread Starter wpforum

    (@wordpressorgforum)

    Thank you for explaining the file types and for telling about the iTSec Pro plugin. It looks like I would need to upgrade to iThemes Security Pro to use this feature. Regradless, I would still need to review changes to see which ones are mine or not.

    @wpforum

    Correct.

    Please take a moment and mark this topic as ‘resolved’.

    dwinden

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Where can I see "detected file changes on your system"?’ is closed to new replies.