Couldn't you just set it to automatically quarantine any suspect files?
Or in a more dramatic manner, overwrite certain files with the originals. Seems like overkill when you could just disable server permissions on writing to such files.
But either way, it seems you shouldn't be "required" to monitor anything in a fine grained manner. I feel this is the benefit to having code do work for you. And this seems like a simple problem to solve in a number of manners.
A scanner like the one presented doesn't seem to actually help you fix anything, just alert you to threats. Unless I misunderstand how it works?
Yep, you can quarantine, overwrite, or disallow writes altogether in _some_ directories, but any of those will prevent auto update or component updates managed by the CMS... Which is a nice feature to patch known vulnerabilities. A happy medium might be to quarantine and send an alert for manual approval, or having the hash change trigger deeper inspection -> quarantine & alert based on some risk assessment.
These scanners will only send alert, no ability to remediate built in.
I guess an alert is better than nothing. But you still have to deal with the cleanup. It seems the only real way (which I figured out) is to have a separate management system from the CMS.
Having the CMS manage it's own files seems like an oversight committee watching itself. :P
This seems like an opportunity for WP to do what Microsoft did, make their own security system to pair up with WP.
Or in a more dramatic manner, overwrite certain files with the originals. Seems like overkill when you could just disable server permissions on writing to such files.
But either way, it seems you shouldn't be "required" to monitor anything in a fine grained manner. I feel this is the benefit to having code do work for you. And this seems like a simple problem to solve in a number of manners.
A scanner like the one presented doesn't seem to actually help you fix anything, just alert you to threats. Unless I misunderstand how it works?