BlogSafe Scanner


BlogSafe Scanner is a lightweight file scanner designed to notify you when any files are modified or uploaded to your server.

It’s features include:

  • Creates a checksum of each file on your web server and compares them to official WordPress checksums. *1
  • Detects new and modified files on your web server.
  • Optionally ignore files that are changed often.
  • Optionally checks plugins and themes against the U.S. NIST National Vulnerability Database for known issues. *2
  • Optionally hecks plugins and themes for last known updates and alerts you when they haven’t been updated in over 12 months. *2
  • Sends e-mail alert to the server admin when it’s been deactivated.
  • Works with WP Multi-site (Activate on parent site only).
  • Sends e-mail alearts when new or modified files are detected (Plus version).
  • Scheduling of automatic scans (Plus version).

Notes regarding 3rd party services:
1. BlogSafe Scanner directly contacts various WordPress API’s for checksum verification.
During this contact the following information may be sent:
a. Plugin name and version.
b. Theme name and version.
c. WordPress version.

The WordPress Privacy Policy can be found here: [WordPress](  "WordPress Privacy")
  1. monitors and mirrors a portion of the NIST National Vulnerability Database for vulnerabilities related to WordPress, plugins and themes. When opting-in, BlogSafe Scanner will poll the API for these potential vulnerabilities. At no time will the plugin contact the NIST database directly. also maintains a database of known WordPress themes and plugins. This database is generated directly from the WordPress repository and verified via the WordPress API. When opting-in, BlogSafe scanner will poll the API for this data. At no time does BlogSafe Scanner directly contact the WordPress SVN.
    During this opt-in contact the following information may be sent:
    a. A list of plugins and themes found on your website along with their versions.

    The privacy policy can be found here: [BlogSafe] ( “BlogSafe Privacy”)


  • BlogSafe Scanner showing the results of a scan.
  • Settings available in BlogSafe Scanner Plus.
  • The ignore list.


  1. Unzip and upload the entire directory to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress


Read all 1 review

Contributors & Developers

“BlogSafe Scanner” is open source software. The following people have contributed to this plugin.


Translate “BlogSafe Scanner” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Security fix to 3rd party code.


  • Patch for WP ob_end_flush() bug.


  • PHP notices suppressed.
  • Fixed multi-site detection.


  • Suppressed buffer notices when not used.


  • Complete update of menuing system in preparation of potential addons.
  • Reworked buffered output during scans to better provide real-time scanning updates.


  • Added language files for en
  • Updated scan routines to produce a report instead of static output.
  • Removing files from the ignore list now triggers a full scan requirement.


  • Initial public release.