Security Scanner

File integrity monitoring, malware detection, and vulnerability scanning for your WordPress installation.

Scan Types

Core Integrity Check

Compares every WordPress core file against official checksums from wordpress.org. Detects modified, missing, or added files in core directories. Files that don't match the expected hash are flagged for review.

Malware Scan

Scans all PHP files in wp-content/ for known malicious patterns including:

  • Obfuscated code (base64_decode, eval, gzinflate chains)
  • Backdoor signatures (web shells, file uploaders, command execution)
  • Suspicious file names and hidden files
  • Injected code in theme and plugin files
  • Database injection indicators

Vulnerability Check

Checks installed plugins and themes against known vulnerability databases. Reports CVEs, severity levels, and whether an update is available that patches the issue.

Running Scans

Navigate to VistoShield → Scanner in your WordPress admin. Choose the scan type and click Start Scan.

Scan TypeTypical DurationServer Impact
Core Integrity5–15 secondsLow
Malware Scan30 seconds – 5 minutesMedium (file I/O)
Vulnerability Check5–10 secondsLow (API call)
Full Scan (all three)1–6 minutesMedium

Scan Findings

Each finding includes:

  • Severity — Critical, High, Medium, Low, or Info
  • File path — Relative to the WordPress root
  • Description — What was detected and why it matters
  • Action — Quarantine, restore original, or dismiss

Quarantine

Suspicious files can be quarantined with a single click. Quarantined files are:

  1. Moved to wp-content/vistoshield-quarantine/
  2. Renamed with a .quarantined extension to prevent execution
  3. Logged with the original path, timestamp, and detection reason

You can restore quarantined files from the Quarantine tab if a detection was a false positive.

Important: Quarantining a plugin or theme file may break functionality. Always review findings before quarantining and keep backups.

Baseline

The scanner can create a baseline snapshot of your entire installation. After establishing a baseline:

  • New files are detected as additions
  • Modified files show a diff of what changed
  • Deleted files are reported as removals

Create a baseline after a clean installation or after verifying your site is clean. Update the baseline after legitimate changes (plugin updates, theme customizations).

Scheduled Scans

Enable automatic scanning on a schedule from VistoShield → Scanner → Settings:

SettingOptionsDefault
Auto ScanEnabled / DisabledDisabled
FrequencyDaily / Weekly / MonthlyDaily
Scan TypeFull / Core Only / Malware OnlyFull
Email ReportAlways / On Findings / NeverOn Findings

Settings

  • Exclude paths — Skip specific directories (e.g., cache folders, upload directories)
  • Max file size — Skip files larger than this limit (default: 5 MB)
  • Scan depth — Maximum directory nesting depth (default: 10)
  • Custom patterns — Add your own regex patterns to the malware scanner