Snapshot vs Audit: What's the Difference?
mySites.guru checks your WordPress and Joomla sites in two very different ways: the Snapshot and the Audit. Both produce a list of checks with pass/fail results, but they collect that data differently and catch different things.
The snapshot checks your site’s configuration and settings in milliseconds. The audit reads every single file in your webspace looking for threats. They run independently, on their own schedules, and you want both.
How the mySites.guru Snapshot works
The snapshot is a quick health check. It looks up database settings, reads specific configuration files, checks HTTP response headers, and counts things like user accounts and installed plugins. None of this requires scanning your file system, so it completes in milliseconds.
There are over 140 individual checks, grouped into categories like:
- Platform configuration (debug mode, SSL, file editing, XML-RPC, auto-updates, and dozens more)
- User accounts (inactive users, unactivated accounts, hashed passwords, admin count)
- Security headers (X-Frame-Options, Content-Security-Policy, HSTS, Referrer-Policy)
- Extensions and plugins (installed versions, available updates, deactivated plugins still on disk)
- Database integrity (table prefix, user permissions, pending migrations)
- Hosting environment (PHP version, disabled functions, error reporting, session configuration)
Snapshots run automatically twice a day on every connected site. You can also trigger one on demand whenever you want fresh data. At the end of each snapshot, mySites.guru also gathers your full list of extensions and themes, checks each one for available updates, and flags any with known vulnerabilities.
Many snapshot checks include a one-click toggle to fix the issue right from the dashboard. Debug mode left on? One click. User registration accidentally enabled? One click. No need to log into the site.
How the mySites.guru Audit works
The audit goes much deeper. Instead of checking configuration values, it reads and inspects every file and every line of code in your entire webspace. That means PHP files, JavaScript, images, archives, hidden files, everything.
It uses over 20,000 regex patterns and 14,000 MD5 hashes to identify:
- Malware and backdoors (suspect code patterns, obfuscated PHP, known malicious file hashes)
- Mass mailers (scripts designed to send spam from your server)
- Modified core files (WordPress or Joomla core files that have been tampered with)
- Hidden files and folders (files starting with a dot, tucked into directories you’d never think to check)
- Dangerous permissions (files or folders with 777 permissions)
- Suspicious file types (SQL dumps, renamed PHP files, upload scripts in unexpected locations)
Because the audit has to read every file, it takes longer than a snapshot. A small site might finish in a couple of minutes; a large site with thousands of files takes longer. The system adjusts its scan speed automatically to avoid overloading slower hosts.
Audits run on a schedule - weekly by default, but you can set them to run daily or monthly depending on how security-sensitive your sites are. You can also trigger one manually whenever you need it.
Side-by-side comparison
| Snapshot | Audit | |
|---|---|---|
| Speed | Milliseconds | Minutes (depends on site size) |
| Frequency | Twice daily + on demand | Weekly by default (daily/monthly options) |
| What it checks | Config, settings, headers, users, extension versions | Every file and line of code in the webspace |
| Number of checks | 140+ | 26-30 deep inspection tools |
| Finds hacks? | Catches config red flags | Yes - deep malware and backdoor detection |
| One-click fixes? | Yes, many checks have toggles | Investigation tools for reviewing findings |
| Runs automatically? | Yes, twice daily | Yes, on your chosen schedule |
When to use each
Snapshots are for daily monitoring. Are your sites configured correctly? Has anything drifted from best practice? Do any extensions need updating? You get answers twice a day without lifting a finger.
Audits are for periodic security checks. They tell you whether any files on your server have been compromised, modified, or look suspicious. The audit is what catches the backdoor someone planted three months ago, or the mass mailer hiding in a forgotten uploads directory.
You run both. Snapshots handle configuration and updates. Audits handle file-level threats.
Why the speed difference?
It comes down to what gets read. Snapshot tools pull a database value or check a single file - that’s a millisecond operation. Audit tools open every file in the webspace and compare its contents against thousands of patterns. That takes real time, and it should.
If you’re managing a portfolio of WordPress or Joomla sites, having both running on schedule means you’re covered on configuration drift and file-level threats without having to remember to check anything manually.
Start with a free audit and see where your sites stand.
Snapshots and audits are both covered in our complete security guide.
