Docs

⌘K
  2. Home
  4. Docs
  6. Site
  8. Security
  10. WordPress Integrity Checker

WordPress Integrity Checker

Keeping your WordPress site secure is paramount. Unauthorised changes to core or plugin files can introduce vulnerabilities or malware. FlyWP’s WordPress Integrity Checker is a powerful tool designed to scan your site’s files, compare them against the official WordPress repositories, and alert you to any unauthorised modifications.

This powerful tool verifies the integrity of:

  • WordPress Core files.
  • Plugins that are available on the WordPress.org repository.

Note: This feature cannot verify premium plugins or themes that are not hosted on the official WordPress.org repository.

This feature is currently only available for NGINX sites.

Accessing the Integrity Checker

You can easily access the security tools from your Site Dashboard.

  1. Navigate to the site you wish to check.
  2. From the sidebar menu, click on the Security tab.
  3. Select the Plugin and Core Integrity Checks sub-tab.
Image

Running an Integrity Scan

You have two ways to scan your site:

  • Manually at any time.
  • Automatically on a daily basis.

Automated Daily Scan

For continuous peace of mind, you can enable automated daily scans.

  • Toggle the Enable Automated Daily Scan switch.
  • A confirmation pop-up will appear. Click Enable.
Screenrecording2025 09 25at16.01.14 ezgif.com video to gif converter

FlyWP will now automatically scan your site’s integrity every day, ensuring that any unauthorised changes are detected promptly.

Manual Scan

To run an immediate scan of your WordPress core and plugin files, simply click the Start Scan button. The process will begin, and you’ll see a status indicator while FlyWP verifies your files.

Image

Understanding the Scan Results

After a scan is complete, the results will be displayed clearly.

Image

No Issues Found

If all your files match the official versions, you will see green checkmarks for both WordPress Core and Plugins. This indicates that your site’s foundational code is clean and unmodified.

Image

Issues Found

If the scan detects a mismatch, it will be flagged with a warning icon. This means a file’s “checksum” (a unique digital fingerprint) does not match the official version. This could be due to a manual code change or, in a worst-case scenario, malicious code injection.

FlyWP will provide a detailed list of the affected files, specifying which file in the WordPress Core or a specific plugin has been altered.

Image

Restoring File Integrity

When issues are found, you have a simple and powerful way to restore the original files.

Click the Force Update button next to the list of affected files (either for WordPress Core or Plugins).

Image

What does “Force Update” do?

This action will download a fresh, verified copy of the affected files from the official WordPress.org repository and overwrite the modified ones on your server. This effectively reverts any unauthorised changes and restores the integrity of your site.

Important Note: This process is irreversible and will overwrite any custom modifications you may have made to these files. This feature applies only to WordPress Core and Plugins, not themes.