Replies: 0
WP All in One runs its scans weekly. Most often, the results are easy to interpret as updates to plug-ins, because (1) I’ve recently updated a plug-in manually and (2) the files reported as changed are in the folder for that plug-in.
My last scan, though, is trickier. It reports 20 files in wp-includes. They were changed on 5/17, and WP’s update to 4.7.5 was 5/16. That is suggestive, the files listed look essential, and there are no visible changes to my site suggestive of a hacker. Still, as opposed to plug-in updates, WP updates are automatic, and it’s harder to know which files are involved. Do I have an easy way to feel safe? I realize that I can subscribe to another security scan that looks not for changes but dangers, and I did for a month, all great, but the clean results also made me think there has to be a way to do without that. Thanks!