The WordPress Core File Scanner is a part of the Hack Guard module. It detects, and automatically eliminates any files on your WordPress site that don’t belong.
It also ensures that your core files are legitimate, and that none of your core files contain code that shouldn’t be there.
What are the WordPress Core files?
WordPress Core files are actually the original files shipped with WordPress installation.
When you install WordPress, you are actually installing a group of files (the “WordPress core”) that become the admin interface of your website.
How does the WordPress Core File Scanner feature work?
It regularly scans your WordPress core files for changes compared to official WordPress files.
This is an absolutely critical tool in the mitigation of WordPress security threats as WordPress Core files should never be altered for any reason.
The options available are as follows:
- Core File Scanner - Daily Cron, scans WordPress Core files for alternations by comparing all WordPress core files on your site against the official WordPress files.
- Auto Repair - Attempts to automatically repair WordPress Core files with the official WordPress file data, for files that have been altered or are missing.
The Core File Scanner also has Scan Indicator feature integrated. This feature indicates the last time that a scan was run successfully. Read more here.
Note: You can run this scanner from within Shield Security Dashboard => Scans section.
What does the Core File Scanner not do?
The Core File Scanner feature does not do the following:
- It will not scan your plugins or themes for change
- It will not scan your Hello Dolly and Akismet plugins for changes (even though they ship with WordPress)
- It will not scan your Twenty-something WordPress themes for changes
I need further help and information!
For further information on this feature, please see the related blog article.
Note: You can set the scan frequency by using Daily Scan Frequency feature. For more information on this, please follow the link here.