File integrity

With File Integrity we can check file integrity of every file in our Joomla site. File integrity will generate a hash value for each file; when a file is changed, even with a minimal modification, it hash value will be modified and we will be alerted: nothing will happend in our system file without our knowing.

In File Integrity Control Panel window we can see two sections: Manual integrity check and Integrity check summary:

In Manual integrity check section we have a 'Start' button to launch acheck of files integrity. We have a table with the start time, end time and current task of this process.

If we launch this check, we will get a progress bar to get info about the process status. Please, don't navigate to another page until the process has finished or you get an error message.

This process can cause an overload of your server, afecting QoS, so this check should be launched in a period of low server activity. A standard Joomla installation has almost five thousand files, and every one has to be checked, so this process can take a long time.

When this process ends, you'll see a completion message and the integrity check summary table will be updated, showing us last check timestamp, number of analized files and number of new/modified files:

You won't be able to launch a new task and access to File Integrity Status until the last task has finished.

At the bottom of the page you will see files integrity status with the same color code used in Check Vulnerabilities option:

As you can see, we can filter results choosing integrity (compromised, ok, exceptions) or any other search term. If we have files marked as compromised and we know that there is no problem with them (e.g. when we install an update of an extension), we must use Mark all as safe option:

To help you with this task, you can check the extensions installed/updated since the last scan was performed:

There are three folders (and all files and subfolders under them) marked as exceptions: /tmp, /logs and /cache.