You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to ensure the integrity of the themes installed on my WordPress site. Currently, WP-CLI allows you to check the integrity of WordPress core files and plugins, but not themes. This is a problem because themes, like plugins, can be targets of attacks and compromise website security.
Proposed solution
I would like WP-CLI to include a command to check the integrity of themes, similar to the wp --allow-root plugin verify-checksums --all command. This command, which could be something like wp --allow-root theme verify-checksums --all, would verify the theme files against the checksums provided by the official WordPress theme repository.
This command would help identify any theme files that have been modified or corrupted and could be a valuable tool in maintaining website security.
Possible Disadvantages
A potential disadvantage of this functionality is that it may not be able to verify the integrity of custom themes or themes that have been significantly modified. Furthermore, like any security tool, it is not foolproof and should not be used as the only line of defense against security threats.
The text was updated successfully, but these errors were encountered:
Feature Request
Use Case and Problem Faced
I'm trying to ensure the integrity of the themes installed on my WordPress site. Currently, WP-CLI allows you to check the integrity of WordPress core files and plugins, but not themes. This is a problem because themes, like plugins, can be targets of attacks and compromise website security.
Proposed solution
I would like WP-CLI to include a command to check the integrity of themes, similar to the wp --allow-root plugin verify-checksums --all command. This command, which could be something like wp --allow-root theme verify-checksums --all, would verify the theme files against the checksums provided by the official WordPress theme repository.
This command would help identify any theme files that have been modified or corrupted and could be a valuable tool in maintaining website security.
Possible Disadvantages
A potential disadvantage of this functionality is that it may not be able to verify the integrity of custom themes or themes that have been significantly modified. Furthermore, like any security tool, it is not foolproof and should not be used as the only line of defense against security threats.
The text was updated successfully, but these errors were encountered: