Dealing with changes/custom modifications to WordPress core

Just as with plugins and themes, WordShell will take note of customisations that you make to WordPress core. Just as with plugins and themes, it can create patches and attempt to maintain them across version upgrades. However, it is recommended that you never modify WordPress core. Plugins were designed to make it possible to modify WordPress without needing to touch the core code and then deal with ensuing version-control issues.

If you really need to modify WordPress core, then the same options are available as ¬†with plugins and themes. You should read the relevant manual page from the “plugins section”.

Check if your WordPress core has been modified

This command can be useful for detecting modifications, whether authorised or not:

wordshell mysite --core --checkmodifications

Note ¬†that the above command only checks files that are part of WordPress core, and that this does not include wp-config.php. So if a hacker has broken into your site and modified wp-config.php, then the above command will not detect it. For the same reason, the above command cannot detect additional files added to your WordPress directory. Those however can be detected because WordShell will back them up. You can find WordShell’s backup of added or changed files in ~/.wordshell/current/mysite/core.

If any changes are detected, then you can view them like so:

wordshell mysite --core --checkmodifications=view


Leave a Reply