Get started with 33% off your first certification using code: 33OFFNEW

How to check your WordPress core installation for unauthorised changes

2 min read
Published on 4th January 2024

WordPress, being one of the most popular content management systems, is often a target for malicious activities. Unauthorised changes to your WordPress core files can compromise your site's security and functionality. Regularly checking these files for any unauthorised modifications is crucial in maintaining a secure WordPress environment. Let's explore how to perform this vital security check.

Understanding the Risks of Modified Core Files

Modifications to WordPress core files can be a sign of hacking or malware infection. Such changes can lead to various security issues, including backdoors, data leaks, and website defacement.

1. Manual Comparison Against Official WordPress Core

The most straightforward method to check for changes is to manually compare your WordPress core files with the official versions from the WordPress repository.


1. Download the Latest WordPress Version: Go to and download the version of WordPress you're currently using.

2. Extract and Compare: Extract the downloaded files. Use a file comparison tool (like Diffchecker or WinMerge) to compare these files with your WordPress installation files (usually in the wp-includes and wp-admin directories). Look for any differences.

2. Using WordPress Security Plugins

Many WordPress security plugins offer file integrity monitoring. They can automatically check your core files against the official versions and alert you to any discrepancies.

Popular Plugins:

  • Wordfence Security: Offers a file integrity check feature.

  • Sucuri Security: Includes a file integrity monitoring tool.

  • iThemes Security: Provides file change detection.

Install and configure one of these plugins to regularly scan your WordPress core files.

3. Checksum Verification

WordPress provides a checksum API that security plugins and tools can use to verify the integrity of WordPress files.

  • WP CLI Checksum Command: If you have WP CLI installed, run the following command in your WordPress directory:


  wp core verify-checksums


  This command compares your WordPress core files against the checksums provided by

4. Regularly Update WordPress

Keeping WordPress updated is one of the best ways to ensure core file integrity. Updates often include security patches that protect against known vulnerabilities.

5. Monitor File Access Logs

Regularly reviewing your server's file access logs can help identify unauthorised access or changes. Look for any unusual activity or modifications to core files.

Best Practices for WordPress Core Security

  • Restrict File Permissions: Set appropriate file permissions on your WordPress installation to prevent unauthorised access.

  • Implement Strong User Account Security: Use strong passwords, limit login attempts, and employ two-factor authentication.

  • Regular Backups: Maintain regular backups of your WordPress site. In case of an intrusion, backups are crucial for restoring your site.

  • Use a Security-Focused Hosting Service: Choose a hosting provider known for its emphasis on security.

Regular checks of your WordPress core files are essential for a secure and well-functioning website. Whether you opt for manual comparisons, use security plugins, or leverage WP CLI, staying vigilant against unauthorised changes protects your site from potential threats and vulnerabilities.