WordPress.org
Get WordPress

Plugin Directory

Changeset 3373763


Ignore:
Timestamp:
10/06/2025 02:09:26 PM (3 months ago)
Author:
wpfixit
Message:
  • Updated infection scanner patterns
Location:
folder-auditor
Files:
64 added
12 deleted
3 edited

Legend:

Unmodified
Added
Removed

  • folder-auditor/trunk/folder-auditor.php

    r3372509 r3373763  
    77 * Description: Helps WordPress administrators quickly see what’s really on their server. It scans the root, wp-content, plugins, themes, uploads, and .htaccess files, then highlights anything unusual like orphaned folders, leftover files, or PHP hidden in uploads. From the admin dashboard, you can safely download or delete what doesn’t belong, while active and required resources are protected. This also allows you to lock all folders and files to make them read only and stop anyone from adding, removing or changing any physical folder or file present in your WordPress installation.
    88
    9  * Version: 3.6
     9 * Version: 3.7
    1010
    1111 * Author: WP Fix It

  • folder-auditor/trunk/includes/helpers/scanner/scanner.php

    r3372509 r3373763  
    789789        '(?s)(?:OPENSSL_RAW_DATA.*substr\s*\(\s*hash\s*\(\s*[\'"]sha256[\'"]|substr\s*\(\s*hash\s*\(\s*[\'"]sha256[\'"].*OPENSSL_RAW_DATA|[\'"]<\s*\/?\s*scr?\s*[\'"]\s*\.\s*[\'"]r?ipt\s*>[\'"])',
    790790        '(?s)\$[A-Za-z_]\w*\s*=\s*\$_(?:POST|REQUEST)\s*;.*?isset\s*\(\s*\$[A-Za-z_]\w*\s*\[[\'"][a-z0-9_]{3,}[\'"]\]\s*\).*?\$\w+\s*\(\s*\.\.\.\$\w+\s*\)',
    791 '(?s)readfile\s*\(\s*base64_decode\s*\(\s*["\'][^"\']{8,}["\']\s*\)\s*\)\s*;.*?eval\s*\(\s*.*?ob_get_clean\s*\(\s*\)\s*\)\s*;',
     791        '(?s)readfile\s*\(\s*base64_decode\s*\(\s*["\'][^"\']{8,}["\']\s*\)\s*\)\s*;.*?eval\s*\(\s*.*?ob_get_clean\s*\(\s*\)\s*\)\s*;',
     792        'function\s*uPqmvR\s*\(',
     793        'function\s*yh1\s*\(',
     794        '\bUpVwwHRQ\s*\(',
     795        'array_map\(\s*[\'"]md5[\'"]\s*,\s*\$_COOKIE',
     796        '\$gi6\[\d+\]\s*\(\s*\$_(?:COOKIE|POST|REQUEST)',
     797        'include\s*\(\s*base64_decode\s*\(\s*\$[A-Za-z_]\w*\s*\)\s*(?:\.\s*)?\)\s*;',
     798        'call_user_func\s*\(\s*new\s+LiteSpeedMetaDataStore'
    792799    ];
    793800
     
    818825            '(?s)readfile\s*\(\s*base64_decode\s*\(.*?\)\s*\).*?eval\s*\(\s*.*?ob_get_clean\s*\(\s*\).*?\)',
    819826            '\$[A-Za-z_]\w*\s*=\s*\$[A-Za-z_]\w*\s*\[[\'"][a-z0-9_]{3,}[\'"]\]\s*;.*\$\w+\s*\(\s*\.\.\.\$\w+\s*\)',
     827        'function\s*uPqmvR\s*\(',
     828        'function\s*yh1\s*\(',
     829        '\bUpVwwHRQ\s*\(',
     830        'array_map\(\s*[\'"]md5[\'"]\s*,\s*\$_COOKIE',
     831        '\$gi6\[\d+\]\s*\(\s*\$_(?:COOKIE|POST|REQUEST)',
     832        'include\s*\(\s*base64_decode\s*\(\s*\$[A-Za-z_]\w*\s*\)\s*(?:\.\s*)?\)\s*;',
     833        'call_user_func\s*\(\s*new\s+LiteSpeedMetaDataStore'
    820834        ];
    821835    }

  • folder-auditor/trunk/readme.txt

    r3372509 r3373763  
    66Tested up to: 6.8
    77Requires PHP: 7.4
    8 Stable tag: 3.6
     8Stable tag: 3.7
    99License: GPLv2 or later
    1010License URI: https://www.gnu.org/licenses/gpl-2.0.html
     11
    1112Audit your site to keep WordPress clean and secure. Enable our one-of-a-kind SITE LOCK to give your site the ultimate security.
    1213
    1314== Description ==
    1415**Folder Auditor & Site Lock** helps WordPress administrators keep their installations clean and secure. 
     16
    1517Over time, it’s common for orphaned plugin or theme folders to build up in your wp-content directory. These stray folders may be the result of incomplete uninstallations, leftover files from updates, or abandoned code that was never fully removed. While they might seem harmless at first glance, they can create confusion, waste storage space, and in some cases pose a serious security risk.
     18
    1619Hackers often exploit these forgotten folders by hiding backdoors or malicious scripts inside them, knowing that site owners rarely check for or even notice such files. An orphaned folder can act as an open invitation for unauthorized access, giving attackers a quiet place to operate undetected.
    1720By identifying and removing these unused folders, you not only keep your WordPress installation clean and organized but also close off potential entry points that could otherwise be used to compromise your site. The Folder Auditor plugin makes this process simple, scanning your directories to uncover anything that doesn’t belong and highlighting it for review before it becomes a problem.
     21
    1822**SITE LOCK - Only found here!**
     23
    1924One of the easiest ways for a hacked user to damage your site is by adding or changing the physical files that WordPress relies on. If attackers can place hidden scripts, modify plugin or theme files, or inject malicious code, they gain the power to compromise your entire site.
     25
    2026The Site Lock feature in Folder Auditor protects against this by allowing you to lock all folders and files in your installation and make them read-only. Once locked, no new files can be added, no existing files can be changed, and nothing can be removed. This ensures that the foundation of your WordPress site remains untouched, even if someone attempts to exploit vulnerabilities or gain access.
     27
    2128When updates or changes are needed, you can unlock the system with a single action, perform your updates, and then reapply the lock. This simple but powerful safeguard gives you complete control over your site’s file structure and adds a layer of security that goes beyond what most WordPress plugins offer.
     29
    2230This plugin scans the following directories:
    2331- WordPress Root (main installation folder)
     
    2735- Uploads Folder (wp-content/uploads/)
    2836- htaccess files
     37
    2938Folder Auditor takes a disk-first approach. It crawls your entire WordPress installation and inventories every single file and folder, not just plugins and themes. Everything is presented in a clear interface where you can open items to view their contents, mark them to ignore, delete them if they are not needed, or download a copy for backup or investigation.
     39
    3040Because it works directly from what is actually on disk, you are never limited by what WordPress shows in the admin. You can quickly spot unfamiliar files, tidy up leftovers from old plugins or themes, and pull down suspicious items for review, all without leaving the dashboard. It provides a fast and transparent way to see exactly what is on your server and take action immediately.
     41
    3142**Key Features**
    3243- Finds plugin folders not listed on the Plugins screen (hidden or orphaned)
     
    4253- Configure user security
    4354Provides settings to strengthen account and login security for WordPress users.
     55- Infection scanner
     56Scan all site files to find any suspicious files
    4457- Zero configuration setup
    4558Works right after install and activation—no complex setup required.
     59
    4660== Installation ==
    47611. Upload the plugin files to the /wp-content/plugins/folder-auditor directory, or install via the WordPress Plugins screen directly.
    48622. Activate the plugin through the **Plugins** screen in WordPress.
    49633. Navigate to **Tools > Folder Auditor** to begin auditing your site.
     64
    5065== Frequently Asked Questions ==
     66
    5167= Why do I need this plugin? = 
    5268Hidden or leftover folders can sometimes indicate incomplete uninstalls or even malicious code. This plugin helps you identify them.
     69
    5370= Does it automatically delete orphaned folders? = 
    5471No. Folder Auditor is strictly an auditing tool. It shows you what exists so you can make informed decisions.
     72
    5573= Will this slow down my site? = 
    5674No. All operations run only when you open the Tools > Folder Auditor screen. Nothing runs on the frontend.
     75
    5776= Does it work on multisite? = 
    5877Currently designed for single-site installs. Multisite support may be added in the future.
     78
    5979== Screenshots ==
    60801. **Dashboard tab** showing score and all folder issues present on your site.
     
    65856. **Uploads tab** for auditing your uploads directory.
    66867. **htaccess tab** for auditing your htaccess files.
    67 8. **Security tab** for locking down your site.
     878. **Security Settings** for securing your site from attacks.
    68889. **Infection Scanner** finding infected files.
    698910. **Site Lock Notice** notifying users when enabled.
     90
    7091== Changelog ==
     92
     93= 3.7 =
     94* Updated infection scanner patterns
    7195
    7296= 3.6 =
     
    95119* Added per folder lock exclusion
    96120* New UI on main menu
     121
    97122= 3.2 =
    98123* Added items locked to dashboard display
     124
    99125= 3.1 =
    100126* Fixed Site Health issue when Site Lock is on
     127
    101128= 3.0 =
    102129* Added user security settings to lock down account attacks
     130
    103131= 2.9.4 =
    104132* Added Site Lock under Tools menu
     
    106134* Added drop down to security tab
    107135* Style changes
     136
    108137= 2.9.3 =
    109138* Corrected bulk delete actions
     139
    110140= 2.9.2 =
    111141* Enhanced Site Lock conditioning
     142
    112143= 2.9.1 =
    113144* Fixed conflict with WP Rollback
     145
    114146= 2.9 =
    115147* Added view file action buttons
     148
    116149= 2.8 =
    117150* UI improvements
     151
    118152= 2.7 =
    119153* Fixed security header defaults
     154
    120155= 2.6 =
    121156* Fixed bulk ignore and delete functions
     157
    122158= 2.5 =
    123159* Added security area to lock folders and files and set security headers
     160
    124161= 2.0 =
    125162* New UI
     163
    126164= 1.3.1 =
    127165* Improved plugin header and descriptions.
    128166* Added Author URI and GPL license URI.
    129167* Enhanced escaping for better security compliance.
     168
    130169= 1.3.0 =
    131170* Added auditing of wp-content and WordPress root folder.
    132171* Improved error handling for unreadable directories.
     172
    133173= 1.2.0 =
    134174* Added uploads and themes auditing.
    135175* Improved plugin rows to match Plugins screen exactly.
     176
    136177= 1.0.0 =
    137178* Initial release. Added plugin folder auditing.
     179
    138180== Upgrade Notice ==
     181
     182= 3.7 =
     183* Updated infection scanner patterns
    139184
    140185= 3.6 =
Note: See TracChangeset for help on using the changeset viewer.