How to check WordPress file integrity (malware & tampering)
Use SwiftPress’s built-in integrity check in the client area to scan core files, spot unexpected changes, and restore known-good copies—plus checks from the file manager.
WordPress sites can be tampered with when plugins or themes are outdated, credentials leak, or malicious code is uploaded. Alongside strong passwords and timely updates, it helps to verify that WordPress core files (and selected paths) match what they should be—so you can spot unexpected changes that might indicate malware or broken installs.
SwiftPress includes a specialised integrity check in the client area so you don’t have to rely only on generic desktop scanners for remote files.
Run the integrity check (recommended path)
- Sign in to my.swiftpress.io.
- Open your site (select the website you want to review).
- Go to Website → Security → Integrity check (wording may match slightly after UI updates).
This tool compares WordPress core (and related checks offered by the platform) against known-good references so you can see:
- Added files that shouldn’t be there
- Modified files that differ from expected originals
- Missing files that could break updates or leave gaps
It’s designed for hosted WordPress on SwiftPress—so it understands your environment better than a one-size-fits-all script you run locally.
Why run it every so often?
| Reason | Why it matters |
|---|---|
| Early detection | Small changes are easier to fix before they spread or damage SEO. |
| After incidents | If you suspect a bad login, plugin upload, or odd behaviour—run a check. |
| Before/after updates | Confirms core is intact when WordPress or major components change. |
| Peace of mind | Periodic checks (e.g. monthly or quarterly) turn security into a habit, not a panic. |
Integrity checking is one layer of defence—not a replacement for backups, WAF, or malware scanning at other layers—but it’s fast and targeted for file truth on your installation.
Check specific files via the file manager
You can also use the same integrity capability in context when you’re already browsing files:
- In my.swiftpress.io, open the file manager for your site (location may be under Files, Site tools, or similar—labels can vary).
- Select specific files or folders you’re concerned about (for example after editing
wp-config.phpor uploading a theme). - Run the integrity check action offered there for those paths (exact control name may show as Integrity check or similar).
Use this when you don’t need a full-site scan—only a targeted verification after a change or support ticket.
Restore broken or missing files
When the integrity tool finds modified or missing core-related files, SwiftPress can typically help you restore expected versions from known-good sources—so you don’t have to hunt ZIPs manually.
- Missing files — Restore so WordPress can update and run reliably.
- Corrupted or infected core files — Replace with clean copies to match the reference set (always follow up with password rotation and plugin/theme review if you suspect compromise).
If you’re unsure what to restore, stop and use live chat—we can guide you so you don’t overwrite legitimate customisations that live outside core.
What this tool doesn’t replace
- Plugin/theme code from third parties isn’t always “hashed like core”—expect more signals on core and platform-supported paths.
- Database malware (spam posts, rogue users) needs database and admin review too.
- Backups remain essential—integrity fixes are easier when you can roll back if needed.
Need help?
Use — same as the Support link in the site footer (opens the chat widget). You can also sign in at my.swiftpress.io. We don’t offer email support — see How to contact customer support. If something in this article doesn’t match your dashboard, and we’ll point you to the right screen.