What is the WordPress Core File Scanner and how does it work?

The WordPress Core File Scanner is a part of the Hack Guard module. It detects, and automatically eliminates any files on your WordPress site that don’t belong.

It also ensures that your core files are legitimate, and that none of your core files contain code that shouldn’t be there.

What are the WordPress Core files?

WordPress Core files are actually the original files shipped with WordPress installation.

When you install WordPress, you are actually installing a group of files (the “WordPress core”) that become the admin interface of your website.

How does the WordPress Core File Scanner feature work?

It regularly scans your WordPress core files for changes compared to official WordPress files.

This is an absolutely critical tool in the mitigation of WordPress security threats as WordPress Core files should never be altered for any reason.

The options available are as follows:

  • Core File Scanner - Daily Cron, scans WordPress Core files for alternations by comparing all WordPress core files on your site against the official WordPress files.
  • Auto Repair - Attempts to automatically repair WordPress Core files with the official WordPress file data, for files that have been altered or are missing.

Note: You can run this scanner from within Shield Security Dashboard => Scans section.

What does the Core File Scanner not do?

The Core File Scanner feature does not do the following:

  • It will not scan your plugins or themes for change
  • It will not scan your Hello Dolly and Akismet plugins for changes (even though they ship with WordPress)
  • It will not scan your Twenty-something WordPress themes for changes

Note: There is a separate scanner that scans your plugins or themes

I need further help and information!

For further information about the WordPress Core File scanner, read this article here.

Note: You can also set the scan frequency by using Daily Scan Frequency feature.

We also recommend you to read: