Title: Site Lockdown Security Author: WP Fix It - WordPress Experts Published: 29 Тамыз, 2025 Last modified: 31 мая, 2026 --- Search plugins ![](https://ps.w.org/folder-auditor/assets/banner-772x250.png?rev=3555623) ![](https://ps.w.org/folder-auditor/assets/icon-256x256.png?rev=3555623) # Site Lockdown Security By [WP Fix It — WordPress Experts](https://profiles.wordpress.org/wpfixit/) [Download](https://downloads.wordpress.org/plugin/folder-auditor.8.0.zip) * [Details](https://kk.wordpress.org/plugins/folder-auditor/#description) * [Reviews](https://kk.wordpress.org/plugins/folder-auditor/#reviews) * [Installation](https://kk.wordpress.org/plugins/folder-auditor/#installation) * [Development](https://kk.wordpress.org/plugins/folder-auditor/#developers) [Support](https://wordpress.org/support/plugin/folder-auditor/) ## Description **Site Lockdown Security** helps WordPress administrators, agencies, and support teams keep websites cleaner, safer, easier to audit, and better protected from unwanted file changes. Site Lockdown Security combines file auditing, Site Lock protection, Watch Dog file change monitoring, WordPress core integrity checks, infection scanning, cleanup tools, setup guidance, email alerts, scheduled security reporting, and white label branding into one practical WordPress security suite. Unlike most WordPress security plugins, Site Lockdown Security includes built-in** White Label Branding**. Agencies, developers, and support providers can customize the plugin experience with their own brand colors, icons, banners, email imagery, and plugin presentation. White label settings can be exported and imported between sites, making this especially useful for teams managing multiple client websites. Use Site Lockdown Security to review leftover plugin folders, abandoned theme files, old uploads, temporary files, suspicious scripts, modified files, unexpected core files, unsafe permissions, and other items that can create clutter or security risk. Site Lockdown Security is designed for administrators who want clear visibility into what exists on the server and simple tools to help protect WordPress after the site is clean and stable. #### Key Features * Site Lock to make important WordPress files and folders read-only * Watch Dog baseline scans for new, modified, and deleted files * WordPress core integrity checks using official WordPress.org checksums * Infection scanning for suspicious file content * Scheduled scans and automated security reports * File change, core change, software health, risk review, infection scan, plugin update, and security digest email notifications * Real email preview tools for individual alert types * Unique White Label Branding options for agencies, developers, and support teams * White Label import and export for moving branding settings between sites * White Label reset to restore the default Site Lockdown theme * Custom branding text, colors, icons, dark icons, banners, and email imagery * Abandoned file and folder review tools * File preview, download, approve, ignore, delete, and bulk actions * Recommended setup guide with progress tracking * Cleanup tools for old backups, temporary files, logs, cache files, and abandoned folders * Plugin Refresher and Theme Refresher tools for reinstalling clean WordPress.org copies * Permissions Check for important WordPress files and folders * Software Health checks for outdated or potentially abandoned plugins and themes * Risk Review checks for common local site risk signals * Security tools for permissions, XML-RPC, author scans, debug exposure, blacklist status, SSL information, and more * Branded admin interface with responsive AJAX navigation #### Site Lock Site Lock helps prevent unwanted file additions, injected scripts, unauthorized edits, and accidental deletions by locking selected WordPress files and folders. You can unlock the site when legitimate updates or maintenance are needed, then apply Site Lock again when finished. Site Lock is useful after a site has been cleaned, audited, updated, or stabilized and you want to reduce the chance of future unexpected file changes. #### Watch Dog Watch Dog creates a trusted baseline of your site files and compares future scans against that baseline. It reports new, modified, and deleted files so administrators can quickly review changes after updates, maintenance, cleanup work, or suspicious activity. Watch Dog includes file change monitoring, baseline rebuilding, review actions, scheduled scans, and email alerts when changes are detected. #### Watch Dog Baseline Storage Watch Dog stores protected baseline data under: wp-content/uploads/site-lock/watch-dog/ This keeps baseline data outside the plugin folder so it is not removed during plugin updates. Sites updating from older versions automatically migrate Watch Dog baseline storage from the previous location: wp-content/uploads/guard-dog/watch-dog/ After a successful migration, the old storage folder is safely removed and the new Watch Dog storage path remains excluded from Site Lock so baseline files can continue to be updated when needed. #### Core Check Core Check compares installed WordPress core files against the official WordPress. org checksum API. It reports modified, missing, unreadable, or unexpected files in WordPress core areas so administrators can review potential core file integrity problems. #### Infection Scanner The infection scanner reviews site files for suspicious patterns commonly associated with malware, backdoors, obfuscated scripts, spam injections, and unwanted code. Scans can be run manually or scheduled, and results can be included in reports and notifications. #### Email Notifications Site Lockdown Security includes configurable email alerts for important security events and scheduled checks. Supported notification types include: * Plugin Update Notification * Security Snapshot Digest * Scheduled Infection Scan * Automated Security Report * File Change Notification * Core Change Notification * Software Health Alert * Risk Review Alert Each individual alert includes a preview option so administrators can review the email layout before using it. The global email notification settings form allows administrators to set the default frequency and recipient email for alerts in one place. #### White Label Branding White Label Branding is one of the standout features of Site Lockdown Security and is not commonly found in WordPress security plugins. Agencies, developers, maintenance providers, and support teams can customize the security plugin experience so it better matches their own brand or client-facing service. Administrators can customize branding text, colors, icons, dark icons, banners, and email imagery. White Label settings can be exported to a JSON file and imported on another site, making it easier to reuse the same branding across multiple installations. The Reset Settings option restores the default Site Lockdown theme and brings back the default support contact button when branding is returned to its original values. #### Plugin Refresher Plugin Refresher helps reinstall fresh copies of WordPress.org plugins. This can be useful when a plugin may have been modified, corrupted, or affected by suspicious files. Site Lockdown Security uses native WordPress upgrade handling for safer refresh workflows and supports both individual and bulk plugin refreshes. #### Theme Refresher Theme Refresher helps reinstall fresh copies of WordPress.org themes. It includes version information, update status, WordPress.org availability detection, and support for individual or bulk theme refresh workflows. #### Permissions Check Permissions Check reviews important WordPress files and folders and compares current permissions against recommended values. It helps identify writable files, risky permissions, and items that may need attention. When Site Lock protects a file or folder, permissions results account for that protected status. #### Software Health Software Health checks installed plugins and themes for maintenance signals that may indicate abandoned or outdated software. It helps administrators identify items that may need updates, replacement, removal, or closer review. #### Risk Review Risk Review checks local site risk signals and common security configuration concerns. It includes severity sorting, ignore/include controls, scheduled checks, and optional email alerts. #### Setup Guide The Setup Guide helps administrators complete recommended Site Lockdown Security settings. Setup items include Site Lock, scheduled infection scans, automated reports, file change baselines, file change notifications, core change notifications, software health alerts, and risk review alerts. Progress tracking helps administrators see which recommended protection steps are complete. ## Screenshots * [[ * **Command Center** showing security score and important folder issues present on your site. * [[ * **Main Folder Auditor** displaying folders and files in the root of your WordPress installation. * [[ * **Content Folder Auditor** listing folders and files found inside the wp-content directory. * [[ * **Plugins Folder Auditor** showing installed plugin folders and hidden or orphaned plugin directories. * [[ * **Themes Folder Auditor** displaying theme folders on disk and alerting you to invalid or unrecognized themes. * [[ * **Uploads Folder Auditor** showing upload folders and identifying PHP files present in uploads. * [[ * **.htaccess Auditor** listing every .htaccess file detected across your site for review and management. * [[ * **Security Settings** page where you can configure Site Lock, security headers, and user hardening features. * [[ * **Infection Scanner** selection screen allowing you to choose which areas of your site to scan. * [[ * **Security Tools** section providing access to File Finder & Remover, Blacklist Checker, SSL Checker, and Plugin Refresher. * [[ * **File Finder & Remover** tool for searching specific filenames or detecting files with no extension. * [[ * **Blacklist Checker results** showing your domain/IP status across multiple blacklist and reputation services. * [[ * **Plugin Refresher** tool for reinstalling a fresh copy of a WordPress.org plugin. * [[ * **Site Lock prevention notice** informing you that Site Lock is enabled and blocking file changes. * [[ * **Settings screen** for auto lock, Site Lock admin bar status, scheduled scans, automated reports, email notifications, and white label branding. * [[ * **Watch Dog area** for file change monitor, core check, software health, and risk review security tools. * [[ * **File Change Monitor** to create a trusted file baseline, scan for changes, and review individual files. * [[ * **Core Check** to compare WordPress core files against the official WordPress. org core checksum API. * [[ * **Theme Refresher** tool for reinstalling a fresh copy of a WordPress.org theme. * [[ * **Permissions Check** to view important file and folder permissions. * [[ * **Setup Guide** to complete recommended protection for your site. * [[ * **Software Health** to find installed plugins and themes that may no longer be maintained. * [[ * **Risk Review** to check local site risk signals and common security configuration concerns. * [[ * **White Label Settings** for customizing Site Lockdown Security branding, colors, icons, banners, and email imagery. * [[ * **Email Notification Preview** showing individual alert preview layouts before notifications are sent. * [[ * **Headers Security Review** for checking important website security headers and identifying missing or misconfigured protections. * [[ * **User Security Monitoring** for reviewing account activity, login behavior, role changes, and other user-related security events. ## Installation 1. Upload the plugin files to the /wp-content/plugins/ directory, or install through the WordPress Plugins screen. 2. Activate the plugin through the **Plugins** screen in WordPress. 3. Navigate to **Site Lockdown** to begin auditing and protecting your site. 4. Use **Site Lock** to lock files when your site is clean and stable. 5. Use **Watch Dog > File Change Monitor** to create a trusted baseline and scan for file changes. 6. Use **Watch Dog > Core Check** to verify WordPress core file integrity. 7. Use **Setup Guide** to complete recommended protection steps. 8. Configure email alerts, scheduled scans, reports, and white label branding as needed. ## FAQ ### Why do I need this plugin? Site Lockdown Security helps you identify leftover folders, suspicious files, unexpected file changes, weak security settings, risky permissions, and WordPress core file issues. It gives administrators better visibility into what exists on the server and what may need review. ### Does Site Lockdown Security automatically delete orphaned folders or suspicious files? No. Site Lockdown Security is built to help you review and take informed action. Files and folders are shown with action buttons so you can decide whether to view, download, ignore, include, delete, approve, refresh, or lock them. ### What is Site Lock? Site Lock makes protected files and folders read-only to help prevent unauthorized changes. You can unlock the site when updates or maintenance are needed, then lock it again when finished. ### What is Watch Dog File Change Monitor? Watch Dog File Change Monitor creates a trusted baseline of your site files. Future scans compare the current site against that baseline and report new, modified, or deleted files. ### What is Watch Dog Core Check? Watch Dog Core Check compares your installed WordPress core files against the official WordPress.org checksum API. It helps detect modified, missing, unreadable, or unexpected files in WordPress core areas. ### Does Core Check scan plugins and themes? No. Core Check only verifies WordPress core files in the WordPress root, wp-admin, and wp-includes areas. Plugins, themes, uploads, and custom content are handled by other Site Lockdown Security tools. ### Will Watch Dog work when Site Lock is enabled? Yes. Watch Dog stores baseline and scan data in its protected uploads storage folder, and Site Lockdown Security allows that required Watch Dog path to remain writable while Site Lock is active. ### Where is Watch Dog baseline data stored? Watch Dog stores protected baseline data under wp-content/uploads/site-lock/watch- dog/. This keeps baseline data outside the plugin folder so it is not removed during plugin updates. Sites updating from older versions automatically migrate baseline storage from the previous wp-content/uploads/guard-dog/watch-dog/ location. ### Does Watch Dog email me when file changes or core issues are found? Yes. File Change Monitor and Core Check each include email alert settings. Emails are sent only when the related scan finds issues. ### Can I preview email notifications? Yes. Individual email alert settings include preview tools so you can review how each notification type will look. Preview layouts are available for plugin update alerts, security snapshot digests, scheduled infection scans, automated security reports, file change notifications, core change notifications, software health alerts, and risk review alerts. ### What makes the White Label options unique? Most WordPress security plugins focus only on scanning, hardening, firewalls, or alerts. Site Lockdown Security also includes built-in White Label Branding, allowing agencies, developers, and support providers to present the security dashboard, branding assets, and notification imagery with their own identity. This makes it especially useful for client management, maintenance services, and branded support programs. ### Can I white label Site Lockdown Security? Yes. Site Lockdown Security includes White Label settings for customizing plugin branding text, colors, icons, dark icons, banners, and email imagery. ### Can I move White Label settings to another site? Yes. Use White Label Export to download the current branding settings as a JSON file. Use White Label Import on another site to upload and apply those settings. Imported settings are validated and sanitized before being saved. ### What happens when I reset White Label settings? Reset Settings restores the default Site Lockdown theme. When the settings return to the default theme, the default support contact button is shown again. ### Will this slow down my website frontend? No. Site Lockdown Security tools run inside the WordPress admin area and do not run on the public frontend during normal page visits. ### Does it work on multisite? Site Lockdown Security is currently designed for single-site WordPress installations. Multisite support may be added in a future release. ## Reviews ![](https://secure.gravatar.com/avatar/d103472fae26c89e825a8106d2670e8508948290374c4ddb7e713c2222393359? s=60&d=retro&r=g) ### 󠀁[Easy to use!](https://wordpress.org/support/topic/easy-to-use-5318/)󠁿 [bmccloskey](https://profiles.wordpress.org/bmccloskey/) 11 Қаңтар, 2026 WPFixIt has been an absolute lifesaver for my business. They’ve fixed countless number of issues for me. I trust them so much so I signed up for their hosting service. This plugin is the perfect addition! Easy to get rolling. Install and lock. The plugin is smart enough to know what to lock and not. So if you have an ecommerce site for example it will not lock the features that allows woocommerce to work for example. Having to manually update wordpress, themes, plugins is a minor VERY MINOR complaint I have as I prefer using MainWP but for the security peace of mind it works for me. ![](https://secure.gravatar.com/avatar/30d70b0c219b0bac6942eb2108a0c1a1f99cb3cd138efd35357bc9601a46402c? s=60&d=retro&r=g) ### 󠀁[Absolutely Essential – The Site Lock is a Game Changer!](https://wordpress.org/support/topic/absolutely-essential-the-site-lock-is-a-game-changer/)󠁿 [LearnToDoIt](https://profiles.wordpress.org/talentsquad/) 22 сентября, 2025 I can’t say enough good things about Folder Auditor. It does exactly what it promises, but what really blew me away is the site lock feature. With just a click, I can lock down my entire site and know it’s 100% secure while I’m doing updates or troubleshooting. No more worrying about visitors running into broken pages or sneaky bots taking advantage while I work. The lock is instant, reliable, and gives me total peace of mind. I’ve tried other plugins with similar functionality, but nothing comes close to how smooth and effective this is. Combine that with the clean interface and lightweight performance, and you’ve got an absolute must-have for any WordPress site owner. If you value security and control, Folder Auditor is hands-down one of the best plugins you can install. Highly recommended! ![](https://secure.gravatar.com/avatar/e3f46037a5081b92be13dfb7eced3d66c2e26c7bc4ecac694b8aa4cd3da1b5b4? s=60&d=retro&r=g) ### 󠀁[Finally, a straightforward way to uncover orphaned folders plus a Site Lock](https://wordpress.org/support/topic/finally-a-straightforward-way-to-uncover-orphaned-folders-plus-a-site-lock/)󠁿 [WP Rocks](https://profiles.wordpress.org/wprocks1/) 19 сентября, 2025 I installed Folder Auditor & Site Lock after noticing my /wp-content/ had turned into the wild west over the years, and I’m genuinely impressed with how clean and practical this plugin is. What I love most is the clear, no-nonsense workflow. The plugin adds a Tools Folder Auditor screen and immediately scans the places that matter: your WordPress root, wp-content, plugins, themes, uploads, and even .htaccess. It compares what’s actually on disk with what WordPress recognizes, which makes it dead simple to spot orphaned or hidden plugin/theme directories and other leftovers that accumulate after updates or partial uninstalls. No guesswork, no hunting through folders. Just a concise list of what needs attention and why. The UI is thoughtfully organized into tabs (Root, Content, Plugins, Themes, Uploads, .htaccess), with a dashboard that summarizes findings at a glance. When you’re ready to dive deeper, the details view makes it easy to review suspicious directories and understand what’s safe to investigate or remove. I also appreciate the “view file” action buttons for quick spot-checks when something looks off. The Site Lock feature is the icing on the cake. With a couple of clicks, you can lock folders and files read-only to block unauthorized changes. That’s exactly the kind of damage-prevention control I want on sites that shouldn’t be changing at the file level. Pair that with the ability to set sensible security headers, and you’ve got a lightweight, practical layer of protection that complements your existing security stack. Performance-wise, it’s a breath of fresh air. Nothing is running on the frontend; scans only happen when you open the tool. That means zero impact on visitors and no mystery cron jobs to worry about. It’s truly “install, activate, audit.” No complex configuration, no fiddly setup. Highlights: Instantly surfaces orphaned/hidden plugin and theme folders you won’t see on the normal Plugins/Themes screens. Flags missing plugin folders referenced by active/installed plugins (great for catching half-removed code). Tabbed interface for Root, wp-content, Plugins, Themes, Uploads, and .htaccess, with a summary dashboard. Site Lock to make folders/files read-only and apply security headers. Minimal footprint: runs only when you open the tool; nothing loads for site visitors. If you manage WordPress professionally or if your site has a few years of history, this is a must-have maintenance and hardening tool. It turns what used to be a tedious, risky manual cleanup into a confident, guided process. Five stars all the way. ⭐⭐⭐⭐⭐ ![](https://secure.gravatar.com/avatar/2eddfd5f572fb1cdb139f3f5eda36852415730f864ca0808e55b8ae67229b350? s=60&d=retro&r=g) ### 󠀁[Didn’t Know How Much I Needed This](https://wordpress.org/support/topic/didnt-know-how-much-i-needed-this-2/)󠁿 [](https://profiles.wordpress.org/ideasandbox/) 18 сентября, 2025 While I consider myself a fairly advanced WordPress user, I’m not technical enough to mess with MySQL tables. I’ve had my site since 2004 and it is crazy how much stuff has been left behind, how many outdated an unused files I have. Folder Auditor& Site Lock has done an amazing job pin pointing in a clear to understand way what is out of place, unused, potentially causing security issues and more. From my plugins, themes, main content — all of it. This is going to be a must-install for my old sites, and a will install on any new sites [ Read all 4 reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/) ## Contributors & Developers “Site Lockdown Security” is open source software. The following people have contributed to this plugin. Contributors * [ WP Fix It — WordPress Experts ](https://profiles.wordpress.org/wpfixit/) [Translate “Site Lockdown Security” into your language.](https://translate.wordpress.org/projects/wp-plugins/folder-auditor) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/folder-auditor/), check out the [SVN repository](https://plugins.svn.wordpress.org/folder-auditor/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/folder-auditor/) by [RSS](https://plugins.trac.wordpress.org/log/folder-auditor/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 8.0 * Added unique White Label Branding options designed for agencies, developers, support providers, and client maintenance teams. * Added White Label settings export so current branding options can be downloaded as a JSON file. * Added White Label settings import so saved branding options can be restored or moved to another site. * Added custom branding support for text, colors, icons, dark icons, banners, and email imagery. * Improved White Label reset behavior so resetting settings restores the default Site Lockdown theme. * Fixed White Label reset behavior so the Site Lockdown support contact button displays again after settings return to defaults. * Added safer validation and sanitization for imported White Label settings. * Fixed a WordPress security coding standards warning for White Label settings sanitization. * Improved White Label settings saving performance by avoiding unnecessary option updates when settings have not changed. * Improved White Label asset cache handling so cache versions are only refreshed when branding image assets change. * Moved Watch Dog protected baseline storage from wp-content/uploads/guard-dog/ watch-dog/ to wp-content/uploads/site-lock/watch-dog/. * Added automatic Watch Dog baseline storage migration for sites updating from the older Guard Dog storage path. * Added safe cleanup for the old Watch Dog storage folder after the baseline is successfully moved and verified. * Updated Site Lock exclusions so the new Watch Dog baseline storage folder remains writable while uploads are protected. * Improved Watch Dog storage exclusions so baseline files are not reported as suspicious upload files. * Restored the animated magic.webp asset and added targeted cache busting for that image only. * Improved email alert preview modals with cleaner close button styling. * Improved email notification Save and Preview button alignment. * Removed the Preview button from the global email notification settings form. * Improved individual email alert previews so each preview better matches the real notification type being sent. * Improved preview email font rendering so modal previews look closer to the actual delivered emails. * Added preview layouts for plugin update, security snapshot digest, scheduled infection scan, automated security report, file change, core change, software health, and risk review emails. * Fixed JavaScript and PHP syntax validation issues found during testing. * Added additional admin styling refinements for email notification controls. #### 7.7.4 * Improved AJAX loading when navigating between tabs * Fixed page reload on plugin and theme refresher tabs * Added LOCKED status to table items when they are locked * Fixed security report generation * Fixed some styling issues on many buttons = 7.7.3= * Style corrections = 7.7.2= * New CSS methods for WordPress 7.0 = 7.7.1= * Fixed ManageWP connection = 7.7= * Made WordPress 7.0 ready = 7.6= * Massive overhaul of infection scanner * Added infection scan results to security report #### 7.5.2 * Made correction to Site Lock error on SiteGround servers #### 7.5.1 * Fix Site Lock critical error issue on sites with large file counts #### 7.5 * Added a new Setup Guide page with recommended Site Lockdown security setup steps, progress tracking, completion percentage, and quick actions. * Added setup cards for Auto Site Lock, Folder & File Audit, Scheduled Infection Scans, Automated Security Reports, File Change Baseline, File Change Notifications, Core Change Notifications, Software Health Alerts, and Risk Review Alerts. * Added dismiss, undo, completed, recommended, and dismissed states for Setup Guide items with live AJAX progress updates. * Added a recommended setup banner when setup is incomplete, plus automatic redirect to the Setup Guide after plugin activation. * Added a global Email Notification Settings form to apply the same notification frequency and recipient email for all alert notifications. * Added a combined Site Lockdown Security Summary digest to reduce multiple scheduled alert emails being sent at the same time. * Added a new Watch Dog Software Health tool to identify installed plugins and themes that may no longer be maintained. * Added scheduled Software Health checks with optional email alerts. * Added Software Health delete actions for abandoned plugins and themes, including bulk delete support with safety checks. * Added a new Watch Dog Risk Review tool for local site risk checks. * Added scheduled Risk Review checks with optional email alerts. * Added Risk Review severity sorting, ignore/include controls, and bulk ignore/ include actions. * Added direct Setup Guide actions for enabling Auto Site Lock and building the File Change Baseline without leaving the Setup Guide page. * Added Watch Dog Defense as the updated Watch Dog section label with a new four- card layout. * Updated plugin navigation labels, including Hub, Audit, Secure, Watch Dog, Tools, and Scan. * Updated Site Lockdown left admin submenu labels for clearer section naming. * Removed Dashboard from the Site Lockdown left admin submenu and made the main Site Lockdown menu open the Hub/dashboard tab. * Updated Audit and Tools dropdowns into cleaner two-column layouts. * Standardized Site Lockdown admin styling with consistent purple accents, green action buttons, card borders, shadows, and branded layouts. * Standardized Save Settings button styling across plugin admin pages. * Removed folder path and copy button clutter from Site Lock folder/file cards. * Added Site Lock modal behavior for blocked plugin uploads when the uploads folder is locked. * Updated permissions results so Site Lock-protected files and folders are not flagged as high risk. * Added Protected by Site Lock status handling for locked files and folders. * Improved permissions results layout by removing extra columns, improving permission number display, and prioritizing actionable results. * Added Lock buttons for permission entries that are not already protected by Site Lock. * Added bulk Ignore All support for non-core root files. * Added Delete All support for orphaned plugin and theme folders. * Disabled Delete All actions when Site Lock is active for protected areas. * Improved Watch Dog baseline rebuilding so existing baselines are reused safely, replacements are built before old baselines are removed, and only one baseline file is kept at a time. * Improved Watch Dog baseline storage compatibility with locked uploads folders, FTP filesystem transports, and Site Lock exclusions. * Kept Watch Dog baseline storage in wp-content/uploads/guard-dog/watch-dog/ while keeping the uploads root locked. * Updated Watch Dog scans to exclude media files and ZIP archives while keeping uploaded PHP, JS, and other non-media files visible. * Fixed Watch Dog review actions so deleting or approving detected files immediately refreshes counts and tables without a full browser tab reload. * Confirmed core, plugin, theme, upload, and delete actions rebuild the Watch Dog baseline immediately without relying on the auto-rebuild cron fallback. * Added translator comment fixes and Plugin Check compatibility improvements. #### 7.1 * Added Plugin Refresher tool to securely refresh WordPress.org plugins with clean copies. * Added queued native WordPress upgrader process for safer and more reliable plugin refreshes. * Added bulk plugin refresh support with selectable plugins. * Added individual plugin refresh support with branded progress feedback. * Added branded Bulk Refresh Running window with progress tracking. * Added refreshed count, remaining count, percentage complete, and progress bar to bulk refresh progress. * Added navigation protection during bulk refreshes to help prevent users from leaving before completion. * Added automatic window close behavior once refresh processes complete. * Added installed version and available version details to the Plugin Refresher table. * Added Update column to show whether each plugin is current or needs an update. * Added Last Updated column using WordPress.org plugin data. * Added separate manual refresh/install table for plugins not available on WordPress. org. * Added stronger detection for WordPress.org plugin availability. * Added Theme Refresher tool to securely refresh WordPress.org themes with clean copies. * Added queued native WordPress upgrader process for safer and more reliable theme refreshes. * Added bulk theme refresh support with selectable themes. * Added individual theme refresh support with branded progress feedback. * Added installed version and available version details to the Theme Refresher table. * Added Update column to show whether each theme is current or needs an update. * Added Last Updated column using WordPress.org theme data. * Added separate manual refresh/install table for themes not available on WordPress. org. * Added stronger detection for WordPress.org theme availability. * Added Theme Refresher card to the main Tools page. * Added Theme Refresher item to the Tools dropdown menu. * Added Permissions Check tool to review important WordPress file and folder permissions. * Added Permissions Check card to the main Tools page. * Added Permissions Check item to the Tools dropdown menu. * Added permission status counts for Good, Needs Attention, and High Risk items. * Added current and recommended permission values to the Permissions Check table. * Added Actions column to the Permissions Check table. * Added permission repair actions for files and folders that can be safely updated. * Added 403-safe fallback handling for permission repair requests blocked by admin- ajax.php. * Added special handling for wp-config.php permission checks. * Added support for detecting wp-config.php in the WordPress root or parent directory. * Added High Risk status for wp-config.php when permissions are not set to 0644. * Added High Risk status for unsafe writable files. * Added Needs Attention status for folders that are not using recommended permissions. * Added sorting to show High Risk items first, then Needs Attention, then Good. * Improved Plugin Refresher table styling and layout. * Improved Plugin Refresher helper text to better explain its infection-cleanup purpose. * Improved bulk refresh messaging and completion behavior. * Improved button hover styling so text and icons remain readable. * Improved Theme Refresher table styling and layout to match Plugin Refresher. * Improved Watch Dog baseline exclusion handling. * Improved dashboard badge icon contrast. * Improved Tools page card layout for a cleaner six-tool grid. * Improved Plugin Check compatibility by adding missing translator comments. * Improved Plugin Check compatibility by escaping settings page output. * Improved Plugin Check compatibility by sanitizing request values. * Improved Plugin Check compatibility by cleaning nonce handling warnings. * Improved Plugin Check compatibility by cleaning prefix and naming warnings. * Removed unnecessary summary stat cards from the Plugin Refresher page. * Removed plugin folder slugs from the Plugin Refresher table for a cleaner interface. * Removed Recommended Baseline card from Permissions Check. * Removed bottom “No obvious world-writable wp-content items found” card from Permissions Check. * Excluded Support Plugin — WP Fix It from the manual fresh install list. * Excluded Site Lockdown Security from the Plugin Refresher table. * Changed inactive status icons from a dash to an X. * Changed Permissions Checker text to Permissions Check. * Changed Blacklist Checker text to Blacklist Check. * Changed SSL Checker text to SSL Information. * Reordered navigation so Scanner appears after Tools in both the top menu and WordPress admin side menu. * Reordered Tools menu items so File Finder & Remover appears after Theme Refresher. * Added File Finder & Remover card ordering improvements on the main Tools page. * Fixed scanner success messages so they only display on the Scanner page. * Fixed Watch Dog handling for wp-config.php review actions. * Fixed wp-config.php exclusion saving and detection behavior. * Fixed Site Lock menu icon hover color behavior. * Fixed Theme Refresher fatal error caused by loading WordPress theme install functions more than once. * Fixed visible translator comment text appearing on the dashboard. * Fixed mixed line ending warnings across plugin files. * Improved PHPCS compliance across refreshed plugin files. #### 7.0 * Added Watch Dog File Change Monitor. * Added trusted file baseline creation and rebuild workflow. * Added file change scanning for new, modified, and deleted files. * Added scheduled Watch Dog file change scans. * Added branded email alerts when file changes are detected. * Added Watch Dog detected changes review table with view, download, approve, delete, and bulk actions. * Added file details modal with readable size and modified date values. * Added expandable file paths for long detected file paths. * Added baseline exclusions for folders, individual files, wildcards, and server paths. * Added protected Watch Dog baseline storage under wp-content/uploads/guard-dog/ watch-dog/. * Added Site Lock compatibility for Watch Dog storage while Site Lock is enabled. * Added automatic internal exclusions for Watch Dog storage, report helpers, and error_log files. * Added AJAX actions and loading overlays for baseline creation, baseline deletion, baseline rebuilds, and change scans. * Added scan completion scrolling and success confirmation messages. * Added Watch Dog Core Check. * Added WordPress core file verification against the official WordPress.org checksum API. * Added detection for modified, missing, unreadable, and unexpected WordPress core files. * Added Core Check review actions to view, download, delete, and ignore reported files. * Added scheduled Core Check scans. * Added branded Core Check email alerts when core issues are found. * Added dedicated Core Check settings for scan frequency, email alerts, and recipient. * Updated Watch Dog navigation with File Change Monitor and Core Check tools. * Improved Watch Dog styling, buttons, cards, status badges, modals, and admin workflow. * Improved AJAX navigation and pagination handling. * Improved compatibility with Plugin Check security and coding standard recommendations. #### 6.8 * Now compatible with hosting environments that auto lock WordPress core files. * Improved site lock conditions to isolate certain folders and files. #### 6.7 * Removed Site Lock status in admin bar on site frontend. * Added bulk database actions to infection scanner. * Added select file actions to file remover tool. #### 6.6 * Fixed auto lock/unlock with MainWP. #### 6.5 * Made plugin code run only in admin area where needed. #### 6.4 * Fixed styling issue on scanner page. #### 6.3 * Added a database infection scanner to find harmful data. * Added a setting to disable the admin bar Site Lock status display. #### 6.2 * Corrected typo in plugin description. #### 6.1 * Added AJAX loading content notice. #### 6.0 * Changed user interface to AJAX for faster navigation on Site Lockdown pages. * Added SSL checker tool to get details about the site SSL certificate. * Improved infection scanner and added saved previous scan view. * Made all tables responsive on all screen sizes. * Improved blacklist checker tool. #### 5.6 * Added scheduled infection scans emailed directly to designated email addresses. #### 5.5 * Added additional lock exceptions for folders that need write permissions. #### 5.4 * Improved API REST endpoint call for cache bypass. #### 5.3 * Fixed permissions issue with Site Lock and MainWP. #### 5.2 * Added integration with MainWP to manage Site Lock during remote updates. #### 5.1 * Added a plugin refresher to reinstall fresh plugins when the current version is corrupted. #### 5.0 * Added an all-new Tools section to expand WordPress site auditing capabilities. * Introduced the Find & Remove Files tool for locating, filtering, and deleting unwanted or suspicious files. * Added a built-in Blacklist Checker to scan URLs, domains, and site status against major reputation lists. * Added internal optimizations for future feature expansion. #### 4.9.2 * Can now exclude single plugins from Site Lock. #### 4.9.1 * Added new infection patterns to reduce false positives. #### 4.9 * Added new infection patterns to find bad files. #### 4.8 * Added new infection patterns to find bad files. #### 4.7 * Improved scanner performance. #### 4.6 * Added new infection patterns to find bad files. #### 4.5 * Temporarily removed MainWP integration to correct timeout issues during updates. #### 4.4 * Added new infection patterns to find bad files. #### 4.3 * Set up MainWP bridge for unlock/relock when running updates. #### 4.2 * Minor style changes. #### 4.1 * Added Site Lock Auto Enable. * Added automated security reports. #### 4.0 * Rebranded plugin as a full security suite. #### 3.7 * Updated infection scanner patterns. #### 3.6 * Added infection scanner for site files. #### 3.5 * Fixed bulk delete action. * Updated button styling. #### 3.4.4 * Fixed report fatal error. #### 3.4.3 * Fixed report hyperlinks. #### 3.4.2 * Fixed font styling on report download. #### 3.4.1 * Fixed typo. #### 3.4 * Added ability to download folder audit and security report. #### 3.3 * Added per-folder lock exclusion. * Added new UI on main menu. #### 3.2 * Added locked item count to dashboard display. #### 3.1 * Fixed Site Health issue when Site Lock is on. #### 3.0 * Added user security settings to lock down account attacks. #### 2.9.4 * Added Site Lock under Tools menu. * Added area for new settings tab. * Added dropdown to security tab. * Added style changes. #### 2.9.3 * Corrected bulk delete actions. #### 2.9.2 * Enhanced Site Lock conditioning. #### 2.9.1 * Fixed conflict with WP Rollback. #### 2.9 * Added view file action buttons. #### 2.8 * UI improvements. #### 2.7 * Fixed security header defaults. #### 2.6 * Fixed bulk ignore and delete functions. #### 2.5 * Added security area to lock folders and files and set security headers. #### 2.0 * New UI. #### 1.3.1 * Improved plugin header and descriptions. * Added Author URI and GPL license URI. * Enhanced escaping for better security compliance. #### 1.3.0 * Added auditing of wp-content and WordPress root folder. * Improved error handling for unreadable directories. #### 1.2.0 * Added uploads and themes auditing. * Improved plugin rows to match the Plugins screen exactly. #### 1.0.0 * Initial release. Added plugin folder auditing. ## Meta * Version **8.0** * Last updated **5 часа ago** * Active installations **200+** * WordPress version ** 5.0 or higher ** * Tested up to **7.0** * PHP version ** 7.4 or higher ** * Language * [English (US)](https://wordpress.org/plugins/folder-auditor/) * Tags * [malware scanner](https://kk.wordpress.org/plugins/tags/malware-scanner/)[wordpress security](https://kk.wordpress.org/plugins/tags/wordpress-security/) * [Advanced View](https://kk.wordpress.org/plugins/folder-auditor/advanced/) ## Ratings 5 out of 5 stars. * [ 4 5-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/folder-auditor/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/folder-auditor/reviews/) ## Contributors * [ WP Fix It — WordPress Experts ](https://profiles.wordpress.org/wpfixit/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/folder-auditor/) ## Donate Would you like to support the advancement of this plugin? [ Donate to this plugin ](https://www.wpfixit.com)