How does WPFingerprint work? When files on your website change, WP Fingerprint uses checksums to verify if these files are authentic. The WP Fingerprint plugin on your WordPress website runs through each of your plugins and creates a SHA-1 checksum for each file within any plugin folder it finds. It also compiles some other basic information about the plugins such as version number it sends this information back to WP Fingerprint servers to validate the checksum.
Why should I use WPFingerprint?
WordPress is the most popular open source CMS on the planet. By most estimations a third of the entire web runs WordPress. If you’re a hacker, that’s a huge target to aim for. As such, WordPress security should be at the very top of your considerations for your website.
Hacked WordPress sites are often used for a wide variety of activities you don’t want to be linked to: sending large volumes of spam, SEO spam links, propagating viruses and more. All of these can have negative impacts on your website, from losing search engine rankings to dissuading your site visitors from checking out your site.
One of the main vectors of attack against WordPress are plugins. WP Fingerprint works to identify if the plugins on your website have been exploited. Every time a plugin or core file changes, our scanner will verify the file for you.
Will it work with Premium Plugins?
Yes, While plugins from wordpress.org are checked directly from source. WPFingerprint crowdsources the correct checksums for plugins not found on wordpress.org. It will then return a percentage of how often it’s seen changed files.
