Security & Integrity
URL: /dashboard/site/[id]/security
WP Smart includes a heuristic security engine that analyses the site at multiple levels.
What is analysed
Section titled “What is analysed”1. WordPress core file integrity
Section titled “1. WordPress core file integrity”The system compares hashes of all WordPress core files on your server with official versions from WordPress.org. Any modified, added or missing file in wp-admin and wp-includes is flagged.
2. Malware and backdoor detection
Section titled “2. Malware and backdoor detection”WP Smart scans files for typical malware patterns: dangerous PHP functions (eval, base64_decode), suspicious .php files in wp-content/uploads, and backdoor scripts.
3. Database Scanner
Section titled “3. Database Scanner”Analysis of the WordPress database for anomalous tables or meta-keys indicating a compromise.
Remediation actions
Section titled “Remediation actions”| Action | Description |
|---|---|
| Repair Core | Replaces compromised core files with clean versions from WordPress.org |
| Quarantine | Moves suspicious files to an isolated folder protected by .htaccess |
| Permanent Delete | Physically removes quarantined files from the server |
| DB Clean | Repairs corrupted or suspicious database configurations |
WP Smart account security
Section titled “WP Smart account security”All communication uses HTTPS with Bearer Token authentication. The security token is unique per site and can be regenerated at any time. FTP credentials are never stored in plain text.