PureNews

PureNews is an amazingly sleek and powerful news theme with unlimited color variations.

View full feature list Check out the live demo Buy this theme today

3 Useful Free WordPress Plugins That Scan Your Website For Malware

Posted by on 29th Nov 2012 | 3 comments

Earlier this year I received an email from a reader of one of my websites that advised me that my website was being blocked by their anti virus as it wasn’t safe. After checking all of my files, I realized my website had been hacked. The hackers had placed malicious files in one of my WordPress folders.

Website security is something a lot of us take for granted. I’m guilty of this myself and only became pro active on the issue when my own website was hacked.

It isn’t always clear when your website has been hacked. My website had been exploited for over a month without my knowledge. Thankfully, there are a lot of WordPress plugin solutions available that will scan your website and inform you of anything malicious on your website. Today I’d like to show you three good plugins which will help scan your WordPress installation and let you know if anything is afoul.

Please note that these plugins only reports suspicious files, they don’t remove them. Once you know which files are malicious, you can delete them (or replace them if applicable).

1. Look-See Security Scanner

Look-See Security Scanner is a simple plugin that searches your whole installation for missing, modified or unexpected files. It’s a useful way of seeing whether your website has been hacked.

You can verify core files, wp-admin, wp-includes and your uploads folder. You can also compare files to the last time the scan was run.

Look-See Security Scanner

Once the scan has completed you will see a report which lists anything suspicious. I noticed that it showed a lot of files from plugins I had installed so you may need to verify all unexpected files yourself.

Look-See Security Scanner

Look-See Security Scanner is a quick way of checking whether your WordPress files have not been tampered with.

Download Link: Look-See Security Scanner

2. Sucuri Sitecheck Malware Scanner

Sucuri is a malware monitoring company that lets you scan your website online. Their plugin checks for malware, spam, blacklisting and other security issues like htaccess redirections.

In addition to Malware, the scanner also reports blackhat SEO spam and checks that your domain is safe to browse on many services such as Google Safe Browsing, Norton and SiteAdvisor. The WordPress installation is also checked.

Sucuri Sitecheck Malware Scanner

The plugin also has a ‘1 click Hardening’ section that will make your uploads folder more secure. It also has an admin username changer though this feature didn’t work for me during testing (I recommend using Admin username changer for this instead).

Sucuri Sitecheck Malware Scanner

Securi offers a malware removal service for free. This can be done via their main website, not via the plugin.

Download Link: Sucuri Sitecheck Malware Scanner

3. Quttera Web Malware Scanner

Anti malware company Quettera have developed a good WordPress plugin that looks for malware in files including HTML, Javascript, Dynamic HTML, AJAX, Flash and PDF. All you have to do is enter your domain name and then run the scan.

Quttera Web Malware Scanner

The report will show the number of clean files, potentially suspicious files, suspicious files and malicious files.

Quttera Web Malware Scanner

Quttera Web Malware Scanner

Download Link: Quttera Web Malware Scanner

I recommend all users periodically run a scan of their WordPress website to check for malicious files. All of the above plugins have been tested on WordPress 3.4.2 and work well. There are other solutions available but many do not work. For example, I Exploit Scanner appeared like it was going to work but then didn’t actually scan anything. Detectify For WordPress seemed like a great plugin but they didn’t email me the verification email with the code that was necessary to use the plugin.

If you know of any other good malware scanners for WordPress, please share them in the comment area.

Thanks for reading :)
Michael


Michael Scott has been working with WordPress themes and websites in varying capacities since 2007. It was mainly as a project manager where he quickly developed a love for their simplicity and scalability. As a strong advocate of all things WordPress, he enjoys any opportunity to promote its use across the Interweb and on WPHub.com .

3 comments - Leave a reply
  • Posted by Shivani Sharma on 29th Nov 2012

    Thank you so much for the authentic and innovative post Michael. But unfortunately I’m not using wordpress platform. Do you have any idea about the process / plugins which can help me scanning my blogger blog for Malware? Thanks in Advance. Good day :)

  • Posted by Tekonade on 3rd Dec 2012

    the plugin Look-See Security Scanner really came handy to me…found 67 unknown files..thanks for the info
    Tekonade recently posted..iRock recharges your iPod while you enjoy your favorite tunesMy Profile

  • Posted by Salman Ahmad on 4th Dec 2012

    Great plugins. Thanks for all the hard work. This makes managing my blog-security really easy!
    Salman Ahmad recently posted..4 tips to use Youtube videos for Your BusinessMy Profile