Title: Guard Dog Security & Site Lock Author: WP Fix It - WordPress Experts Published: 29 Avost 2025 Last modified: 02 Avril 2026 --- Search plugins ![](https://ps.w.org/folder-auditor/assets/banner-772x250.png?rev=3374418) ![](https://ps.w.org/folder-auditor/assets/icon-256x256.gif?rev=3352576) # Guard Dog Security & Site Lock By [WP Fix It – WordPress Experts](https://profiles.wordpress.org/wpfixit/) [Download](https://downloads.wordpress.org/plugin/folder-auditor.6.7.zip) * [Details](https://lmo.wordpress.org/plugins/folder-auditor/#description) * [Reviews](https://lmo.wordpress.org/plugins/folder-auditor/#reviews) * [Installation](https://lmo.wordpress.org/plugins/folder-auditor/#installation) * [Development](https://lmo.wordpress.org/plugins/folder-auditor/#developers) [Support](https://wordpress.org/support/plugin/folder-auditor/) ## Description **Guard Dog Security & Site Lock** helps WordPress administrators keep their installations clean and secure. Over time, it’s common for orphaned plugin or theme folders to build up in your wp-content directory. These stray folders may be the result of incomplete uninstallations, leftover files from updates, or abandoned code that was never fully removed. While they might seem harmless at first glance, they can create confusion, waste storage space, and in some cases pose a serious security risk. Hackers often exploit these forgotten folders by hiding backdoors or malicious scripts inside them, knowing that site owners rarely check for or even notice such files. An orphaned folder can act as an open invitation for unauthorized access, giving attackers a quiet place to operate undetected. By identifying and removing these unused folders, you not only keep your WordPress installation clean and organized but also close off potential entry points that could otherwise be used to compromise your site. The Guard Dog Security plugin makes this process simple, scanning your directories to uncover anything that doesn’t belong and highlighting it for review before it becomes a problem. **SITE LOCK – Only found here!** One of the easiest ways for a hacked user to damage your site is by adding or changing the physical files that WordPress relies on. If attackers can place hidden scripts, modify plugin or theme files, or inject malicious code, they gain the power to compromise your entire site. The Site Lock feature in Guard Dog Security protects against this by allowing you to lock all folders and files in your installation and make them read-only. Once locked, no new files can be added, no existing files can be changed, and nothing can be removed. This ensures that the foundation of your WordPress site remains untouched, even if someone attempts to exploit vulnerabilities or gain access. When updates or changes are needed, you can unlock the system with a single action, perform your updates, and then reapply the lock. This simple but powerful safeguard gives you complete control over your site’s file structure and adds a layer of security that goes beyond what most WordPress plugins offer. This plugin scans the following directories: – WordPress Root (main installation folder) – wp-content Folder (wp-content/) – Plugins Folder (wp-content/plugins/)– Themes Folder (wp-content/themes/) – Uploads Folder (wp-content/uploads/) – htaccess files – Database tables Guard Dog Security takes a disk-first approach. It crawls your entire WordPress installation and inventories every single file and folder, not just plugins and themes. Everything is presented in a clear interface where you can open items to view their contents, mark them to ignore, delete them if they are not needed, or download a copy for backup or investigation. Because it works directly from what is actually on disk, you are never limited by what WordPress shows in the admin. You can quickly spot unfamiliar files, tidy up leftovers from old plugins or themes, and pull down suspicious items for review, all without leaving the dashboard. It provides a fast and transparent way to see exactly what is on your server and take action immediately. **Key Features** – Finds plugin folders not listed on the Plugins screen (hidden or orphaned) Scans for plugin folders that exist in your WordPress installation but aren’t showing on the Plugins screen. – Detects missing plugin folders referenced by active or installed plugins Identifies when active or installed plugins are missing their associated folders. – Lists top-level folders and files in key WordPress directories Displays top-level files and folders within critical WordPress directories for easy auditing. – Fully lock all folders and files to make them read only Lets you make all folders and files read-only for maximum protection. – Configure security headers Adds and manages HTTP security headers to harden your site against common threats.– Configure user security Provides settings to strengthen account and login security for WordPress users. – Infection scanner Scan all site files to find any suspicious files – Zero configuration setup Enable scheduled scans to find any suspicious files and send you an email report – As many emails receipts as you like Works right after install and activation—no complex setup required. ## Screenshots * [[ * **Dashboard tab** showing score and all folder issues present on your site. * [[ * **Main Folder Auditor** displaying all folders and files in the root of your WordPress installation. * [[ * **Content Folder Auditor** listing all folders and files found inside the wp- content directory. * [[ * **Plugins Folder Auditor** showing installed plugin folders and any hidden or orphaned plugin directories. * [[ * **Themes Folder Auditor** displaying theme folders on disk and alerting you to invalid or unrecognized themes. * [[ * **Uploads Folder Auditor** showing all folders in the uploads directory and identifying any PHP files present. * [[ * **.htaccess Auditor** listing every .htaccess file detected across your site for review and management. * [[ * **Security Settings** page where you can configure Site Lock, security headers, and user hardening features. * [[ * **Infection Scanner** selection screen allowing you to choose which areas of your site to scan. * [[ * **Security Tools** section providing access to File Finder & Remover, Blacklist Checker, and Plugin Refresher. * [[ * **File Finder & Remover tool** for searching specific filenames or detecting files with no extension. * [[ * **Blacklist Checker results** showing your domain/IP status across multiple blacklist and reputation services. * [[ * **Plugin Refresher** to re-install fresh plugins when current version is corrupted. * [[ * **Site Lock prevention notice** informing you that Site Lock is enabled and blocking file changes. * [[ * **Folder & File Scanner** interface allowing full-site, wp-content, plugin, theme, or uploads scanning. * [[ * **Export Report screen** displaying the generated audit and security report that can be downloaded. * [[ * **Settings screen** enable auto lock, disable Site Lock admin bar status display, schedule scans and automated security reports. ## Installation 1. Upload the plugin files to the /wp-content/plugins/ directory, or install via the WordPress Plugins screen directly. 2. Activate the plugin through the **Plugins** screen in WordPress. 3. Navigate to **Guard Dog** to begin auditing your site. ## FAQ ### Why do I need this plugin? Hidden or leftover folders can sometimes indicate incomplete uninstalls or even malicious code. This plugin helps you identify them. ### Does it automatically delete orphaned folders? No. Guard Dog Security is strictly an auditing tool. It shows you what exists so you can make informed decisions. ### Will this slow down my site? No. All operations run only when you open the Guard Dog Security screen. Nothing runs on the frontend. ### Does it work on multisite? Currently designed for single-site installs. Multisite support may be added in the future. ## Reviews ![](https://secure.gravatar.com/avatar/d103472fae26c89e825a8106d2670e8508948290374c4ddb7e713c2222393359? s=60&d=retro&r=g) ### 󠀁[Easy to use!](https://wordpress.org/support/topic/easy-to-use-5318/)󠁿 [bmccloskey](https://profiles.wordpress.org/bmccloskey/) 11 Sginer 2026 WPFixIt has been an absolute lifesaver for my business. They’ve fixed countless number of issues for me. I trust them so much so I signed up for their hosting service. This plugin is the perfect addition! Easy to get rolling. Install and lock. The plugin is smart enough to know what to lock and not. So if you have an ecommerce site for example it will not lock the features that allows woocommerce to work for example. Having to manually update wordpress, themes, plugins is a minor VERY MINOR complaint I have as I prefer using MainWP but for the security peace of mind it works for me. ![](https://secure.gravatar.com/avatar/30d70b0c219b0bac6942eb2108a0c1a1f99cb3cd138efd35357bc9601a46402c? s=60&d=retro&r=g) ### 󠀁[Absolutely Essential – The Site Lock is a Game Changer!](https://wordpress.org/support/topic/absolutely-essential-the-site-lock-is-a-game-changer/)󠁿 [LearnToDoIt](https://profiles.wordpress.org/talentsquad/) 22 Setember 2025 I can’t say enough good things about Folder Auditor. It does exactly what it promises, but what really blew me away is the site lock feature. With just a click, I can lock down my entire site and know it’s 100% secure while I’m doing updates or troubleshooting. No more worrying about visitors running into broken pages or sneaky bots taking advantage while I work. The lock is instant, reliable, and gives me total peace of mind. I’ve tried other plugins with similar functionality, but nothing comes close to how smooth and effective this is. Combine that with the clean interface and lightweight performance, and you’ve got an absolute must-have for any WordPress site owner. If you value security and control, Folder Auditor is hands-down one of the best plugins you can install. Highly recommended! ![](https://secure.gravatar.com/avatar/e3f46037a5081b92be13dfb7eced3d66c2e26c7bc4ecac694b8aa4cd3da1b5b4? s=60&d=retro&r=g) ### 󠀁[Finally, a straightforward way to uncover orphaned folders plus a Site Lock](https://wordpress.org/support/topic/finally-a-straightforward-way-to-uncover-orphaned-folders-plus-a-site-lock/)󠁿 [WP Rocks](https://profiles.wordpress.org/wprocks1/) 19 Setember 2025 I installed Folder Auditor & Site Lock after noticing my /wp-content/ had turned into the wild west over the years, and I’m genuinely impressed with how clean and practical this plugin is. What I love most is the clear, no-nonsense workflow. The plugin adds a Tools Folder Auditor screen and immediately scans the places that matter: your WordPress root, wp-content, plugins, themes, uploads, and even .htaccess. It compares what’s actually on disk with what WordPress recognizes, which makes it dead simple to spot orphaned or hidden plugin/theme directories and other leftovers that accumulate after updates or partial uninstalls. No guesswork, no hunting through folders. Just a concise list of what needs attention and why. The UI is thoughtfully organized into tabs (Root, Content, Plugins, Themes, Uploads, .htaccess), with a dashboard that summarizes findings at a glance. When you’re ready to dive deeper, the details view makes it easy to review suspicious directories and understand what’s safe to investigate or remove. I also appreciate the “view file” action buttons for quick spot-checks when something looks off. The Site Lock feature is the icing on the cake. With a couple of clicks, you can lock folders and files read-only to block unauthorized changes. That’s exactly the kind of damage-prevention control I want on sites that shouldn’t be changing at the file level. Pair that with the ability to set sensible security headers, and you’ve got a lightweight, practical layer of protection that complements your existing security stack. Performance-wise, it’s a breath of fresh air. Nothing is running on the frontend; scans only happen when you open the tool. That means zero impact on visitors and no mystery cron jobs to worry about. It’s truly “install, activate, audit.” No complex configuration, no fiddly setup. Highlights: Instantly surfaces orphaned/hidden plugin and theme folders you won’t see on the normal Plugins/Themes screens. Flags missing plugin folders referenced by active/installed plugins (great for catching half-removed code). Tabbed interface for Root, wp-content, Plugins, Themes, Uploads, and .htaccess, with a summary dashboard. Site Lock to make folders/files read-only and apply security headers. Minimal footprint: runs only when you open the tool; nothing loads for site visitors. If you manage WordPress professionally or if your site has a few years of history, this is a must-have maintenance and hardening tool. It turns what used to be a tedious, risky manual cleanup into a confident, guided process. Five stars all the way. ⭐⭐⭐⭐⭐ ![](https://secure.gravatar.com/avatar/2eddfd5f572fb1cdb139f3f5eda36852415730f864ca0808e55b8ae67229b350? s=60&d=retro&r=g) ### 󠀁[Didn’t Know How Much I Needed This](https://wordpress.org/support/topic/didnt-know-how-much-i-needed-this-2/)󠁿 [](https://profiles.wordpress.org/ideasandbox/) 18 Setember 2025 While I consider myself a fairly advanced WordPress user, I’m not technical enough to mess with MySQL tables. I’ve had my site since 2004 and it is crazy how much stuff has been left behind, how many outdated an unused files I have. Folder Auditor& Site Lock has done an amazing job pin pointing in a clear to understand way what is out of place, unused, potentially causing security issues and more. From my plugins, themes, main content – all of it. This is going to be a must-install for my old sites, and a will install on any new sites [ Read all 4 reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/) ## Contributors & Developers “Guard Dog Security & Site Lock” is open source software. The following people have contributed to this plugin. Contributors * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) [Translate “Guard Dog Security & Site Lock” into your language.](https://translate.wordpress.org/projects/wp-plugins/folder-auditor) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/folder-auditor/), check out the [SVN repository](https://plugins.svn.wordpress.org/folder-auditor/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/folder-auditor/) by [RSS](https://plugins.trac.wordpress.org/log/folder-auditor/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 6.7 * Removed SiteLock status in admin bar on site frontend * Added bulk database actions to infection scanner * Added select file actions to file remover tool #### 6.6 * Fixed auto lock/unlock with MainWP #### 6.5 * Made plugin code run only in admin area where needed #### 6.4 * Fixed styling issue on scanner page #### 6.3 * Added a database infection scanner to find harmful data. * Added a setting to disable the admin bar Site Lock status display. #### 6.2 * Corrected typo in plugin description. #### 6.1 * Added AJAX loading content notice. #### 6.0 * Change user interface to AJAX for faster navigation on Guard Dog pages * Added SSL checker tool to get details about site’s SSL certificate * Improved infection scanner and added saved previous scan view * Made all tables responsive on all screen sizes * Improved blacklist checker tool #### 5.6 * Added scheduled infection scans emailed directly to designated email addresses #### 5.5 * Added additional lock exceptions for folders that need to have write permissions #### 5.4 * Improved API rest point call for cache bypass #### 5.3 * Fixed permissions issue with Site Lock and MainWP #### 5.2 * Added integration with MainWP to manage Site Lock feature during remote updates #### 5.1 * Added a plugin refresher to re-install fresh plugins when current version is corrupted #### 5.0 * Added an all-new Tools section to expand WordPress site auditing capabilities. * Introduced the Find & Remove Files tool, allowing administrators to quickly locate, filter, and delete unwanted or suspicious files anywhere in the WordPress installation. * Added a built-in Blacklist Checker to scan URLs, domains, and site status against major security and reputation blacklists. * General housekeeping and internal optimizations preparing for future feature expansion. #### 4.9.2 * Can now exclude single plugins from Site Lock #### 4.9.1 * Added new infection patterns to stop false positives #### 4.9 * Added new infection patterns to find bad files #### 4.8 * Added new infection patterns to find bad files #### 4.7 * Improved scanner performance #### 4.6 * Added new infection patterns to find bad files #### 4.5 * Removed MainWP integration for to correct time out updates and will repair #### 4.4 * Added new infection patterns to find bad files #### 4.3 * Setup MainWP bridge for unlock relock when running updates #### 4.2 * Minor style changes #### 4.1 * Added Site Lock Auto Enable * Automated Security Reports #### 4.0 * Rebranded plugin as a full security suite #### 3.7 * Updated infection scanner patterns #### 3.6 * Added infection scanner for site files #### 3.5 * Fixed bulk delete action * Updated some button styling #### 3.4.4 * Fixed report fatal error #### 3.4.3 * Fixed report hyperlinks #### 3.4.2 * Fixed font styling on report download #### 3.4.1 * Fixed typo #### 3.4 * Added ability to download folder audit and security report #### 3.3 * Added per folder lock exclusion * New UI on main menu #### 3.2 * Added items locked to dashboard display #### 3.1 * Fixed Site Health issue when Site Lock is on #### 3.0 * Added user security settings to lock down account attacks #### 2.9.4 * Added Site Lock under Tools menu * Added area for new settings tab * Added drop down to security tab * Style changes #### 2.9.3 * Corrected bulk delete actions #### 2.9.2 * Enhanced Site Lock conditioning #### 2.9.1 * Fixed conflict with WP Rollback #### 2.9 * Added view file action buttons #### 2.8 * UI improvements #### 2.7 * Fixed security header defaults #### 2.6 * Fixed bulk ignore and delete functions #### 2.5 * Added security area to lock folders and files and set security headers #### 2.0 * New UI #### 1.3.1 * Improved plugin header and descriptions. * Added Author URI and GPL license URI. * Enhanced escaping for better security compliance. #### 1.3.0 * Added auditing of wp-content and WordPress root folder. * Improved error handling for unreadable directories. #### 1.2.0 * Added uploads and themes auditing. * Improved plugin rows to match Plugins screen exactly. #### 1.0.0 * Initial release. Added plugin folder auditing. ## Meta * Version **6.7** * Last updated **3 days ago** * Active installations **200+** * WordPress version ** 5.0 or higher ** * Tested up to **6.9.4** * PHP version ** 7.4 or higher ** * Language * [English (US)](https://wordpress.org/plugins/folder-auditor/) * Tags * [file permissions](https://lmo.wordpress.org/plugins/tags/file-permissions/)[site lock](https://lmo.wordpress.org/plugins/tags/site-lock/) * [Advanced View](https://lmo.wordpress.org/plugins/folder-auditor/advanced/) ## Ratings 5 out of 5 stars. * [ 4 5-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/folder-auditor/reviews/?filter=1) [Add my review](https://wordpress.org/support/plugin/folder-auditor/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/folder-auditor/reviews/) ## Contributors * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/folder-auditor/) ## Donate Would you like to support the advancement of this plugin? [ Donate to this plugin ](https://www.wpfixit.com)