WordPress integrity checker
Find security issues in WordPress
What is the WordPress Integrity Checker
Integrity Checker is a WordPress plugin that uses a mix of traditional and new techniques to scan your website for potential issues. First and foremost, it verifies that all installed code is identical to it’s original version. By comparing WordPress core, plugins and themes in your installation with the original versions available at wordpress.org, Integrity Checker can quickly determine if there are any changes you need to be aware of. Integrity Checker also lets you compare your local version to the original to help you determine if you’ve been hacked.
Additionally, Integrity Checker scans all installed files for permission issues. Ensuring correct permissions is vital for WordPress security, as with any PHP based web application.
Lastly, Integrity Checker will look through some of the basic WordPress configuration to look for common security problems like user enumeration, directory index weak credentials etc.
Features and benefits
- Helps you track down hacked WordPress files in core, plugins and themes
- Shows you exactly which files that are edited, added or deleted from your WordPress install
- Makes it easy to find issues with file permissions
- Detects common configuration problems like user enumeration, weak database credentials, file editing permissions etc.
- Free plugin with free access to our backend API for small and medium WordPress users. Larger installations may require subscription to raise the hourly API rate limit
Raise your hourly API rate limit
More about Integrity Checker
Integrity Checker finds changes to individual files in your WordPress installation. Each issue is classified as a soft (minor) or hard (major) issue. A typical example of a soft issue is when a .htaccess file has been added to WordPress root. It’s considered a change since that file wasn’t there when WordPress was installed, but it’s also nothing to worry about.
However, a modified PHP file in WordPress core is considered a hard issue, something you need to look into and fix.
You can show a graphical diff for all modified files (files that exists both locally and in the original code). The graphical diff highlights any changes between the two versions so that it’s easy to see what the actual difference is.
Find other potential issues
A WordPress installation is mostly secure out of the box. But in most usage scenarios, it makes sense to tighten up security a little bit further. Integrity Checker will look through your installation for known configuration issues and highlight things that you should consider fixing, like user enumeration, version information leaks etc.
Powered by wpessentials.io
Integrity Checker is powered by the wpessentials.io API. We have detailed plugin information about thousands of the most popular WordPress plugins and themes and we’re making that data work for you for free. We constantly add new data to our database to ensure that we’re able to quickly serve users with accurate information.
Access to our database is completely free for small and medium site owners. If you register with us, you are allowed to make 75 requests per hour, enough to check 1-3 small or even medium sized WordPress installations. If you need to make more requests on a regular basis, you can purchase a subscription that allows for thousands of requests.
Raise your hourly API rate limit