To scan your core WordPress files go to the “Core Scanner” tab.
Click the button to do your first scan. Once you click the button an overlay will show while the plugin scans your WordPress files. The process takes less than a minute.
In the background, Security Ninja contacts wordpress.org and gets a list of all files that should be in the version of WordPress you are using. Each file also comes with a checksum that is compared to the checksum of the file on your site.
Using checksums are an easy way to check if a file has been manipulated. Every change to a file is detected, even a single character change or linebreak is easily found and will alert you to a potential infection.
There are over 1200 files in a standard WordPress installation and each file is checked to verify no changes have been made to it.
We also check to see if there are any extra unknown files. This check is to make sure there are no files in your core WordPress installation. Every modification you do to your website should happen via theme or plugin functionality.
That is not necessarily a bad thing. Although the WordPress community does not recommend changing core WordPress files, there can be reasons to modify the core functionality for very specific reasons.
You could be working on a site that has to work in a particular environment or other 3rd party solutions that do not work with a regular WordPress installation.
Unless you know of a good reason, usually when we discover manipulated core WordPress files it is because of a developer that does not know how to work with WordPress and they chose to take a shortcut fixing a problem by changing the core WordPress files. You only want to manipulate WordPress via plugins or theme code.
Note: If you re-install WordPress, these modifications will be erased and you will have to verify with your developer and have made the changes again if it breaks functionality.
It is important that you keep your WordPress website up to date, as each update contains security updates and modifications to core functionality that plugins and themes might depend on.