If your site was recently attacked, you can see which files were modified to assist with any investigation. Note that in most Unix file systems, a file is considered modified when its inode data is changed; that is, when the permissions, owner, group, or other metadata from the inode is updated.
The scanner that searches for modified files under the content directory is disabled. This tool is disabled by default to prevent an overflow in the memory of the PHP interpreter in the majority of websites that have too many files in their projects, but you can enable this scanner from here though, and if you experience issues like "Internal Server Error" messages or blank pages just disable the scanner again.
| Modified files (inside the content directory) | ||
|---|---|---|
| File Path | File Size | Modified at |
| No files modified in the last %%SUCURI.ModifiedFiles.Days%% days | ||