Main Support

What is the Early Warning Audit?

The Early Warning Audit is an automated security scanner that performs a number of checks on system files and basic components of your website software and infrastructure.

Changes in these files and/or services are rare and could indicate an intruder has gained unauthorized access to your site. Thus, the audit looks for changes and notifies you when they are detected.

Audit frequency

The Early Warning Audit is an automated scan that runs regualrly on your websites. These audits can also be triggered on-demand at any time using the Refresh Data button.

The date of the most recent and next audit are displayed in the site drawer on the Watchful Dashboard as shown below.

audit times

Audit Notifications

If a change is detected in one of the files or services monitored by the Early Warning Audit, an email notification will be sent to you. Note that you must have notifications enabled for these types of changes in your Settings as described elsewhere in the Knowledge Base.

Items included in the early warning audit

The Early Warning Audit performs checks in the following categories:

  • File — Changes to the size, checksum, and/or time stamp of critical system files. This is CMS-dependent
  • Add-on — Changes to the installed extensions/plugins, themes/templates, and languages
  • IP/URL — Changes to the IP Address or URL of the website
  • System — Changes at the system/CMS level such as new admin accounts
  • Service — Changes in the version or status of critical services

The following table describes the files and services monitored for changes by the audit for both Joomla and WordPress.

index.php File checkmark checkmark
.htaccess File checkmark checkmark
wp-config.php File checkmark x
wp-admin/index.php File checkmark x
wp-admin/.htaccess File checkmark x
wp-content/themes/[theme_name]/footer.php File checkmark x
wp-content/themes/[theme_name]/functions.php File checkmark x
wp-content/themes/[theme_name]/header.php File checkmark x
wp-content/themes/[theme_name]/index.php File checkmark x
wp-content/themes/[theme_name]/style.css File checkmark x
configuration.php File x checkmark
administrator/index.php File x checkmark
templates/[theme_name]/index.php File x checkmark
templates/[theme_name]/error.php File x checkmark
templates/[theme_name]/component.php File x checkmark
administrator/templates/[theme_name]/index.php File x checkmark
Recently installed plugin/extension/language/theme/template Add-on checkmark checkmark
Recently updated plugin/extension/language/theme/template Add-on checkmark checkmark
Recently deleted plugin/extension/language/theme/template Add-on checkmark checkmark
Update(s) avalable Add-on checkmark checkmark
Scheduled backup fails Add-on checkmark checkmark
Latest Backup Date Add-on checkmark checkmark
Stale Backups Add-on checkmark checkmark
Website URL IP/URL checkmark checkmark
IP Address IP/URL checkmark checkmark
Admin user change* System checkmark checkmark
PHP Version Service checkmark checkmark
MySQL Version Service checkmark checkmark
Web Server Version Service checkmark checkmark
Uptime (including Word to check) Service checkmark checkmark

*Admin user changes include creating/deleting accounts with admin privileges, or adding/removing admin privileges for existing users. In WordPress, this applies only to the Administrator role. In Joomla, this includes the Manager, Administrator, and Super User usergroups.