BlogSafe Scanner Help
How Does BlogSafe Scanner Work?
When you first install BlogSafe Scanner you will only have the option of running a ‘Full Scan.’ When BlogSafe Scanner runs a full scan it examines every file on your web server and creates a unique checksum for those files. It then contacts the official WordPress site and downloads a list of known good checksums for the version of WordPress you’re using. It also retrieves the known good checksums for all of your plugins from the official WordPress site as well.
Because there are no official checksums for themes, BlogSafe Scanner temporarily downloads any themes you have installed from the official WordPress site, un-zips them and creates a set of checksums from the known good files.
With this list of known good checksums, BlogSafe Scanner then looks at all of the files on your website and compares the checksums of your files to the known good ones. Any files found to be modified are brought to your attention in a manageable list when the scan is complete.
BlogSafe Scanner also looks for potentially vulnerable plugins and themes. My mirroring the portion of the NIST National Vulnerability Database related to known WordPress vulnerabilities every hour, BlogSafe Scanner is able to alert you to these vulnerabilities as soon as they become known.
BlogSafe Scanner also monitors over 87,000 plugins and over 21,000 themes. Should these plugins or themes not be updated in over 12 months, BlogSafe Scanner will alert you that they may be abandoned.