WordPress Malware Scanner Plugin

The Malware Scanner plugin, allows you to proactively scan your entire website to find whether there has been a compromise or to check if you are vulnerable to an attack. It also enables the cross-checking of all URLs and outbound links with known blacklists, flagging and notifying you if any such signs of compromise are found.

anti malware
Malware Protection

Backdoors, trojans, viruses, worms, etc are detected using more than 5 million malware signatures which are updated daily.

anti malware
Version check & Compare Files

Checks WordPress, plugins and themes file's version with the WordPress.org repository to find any outdated files.

anti malware
Scan Post and Comment data

Scan posts and comments data from databases to detect malware and malicious URLs.

anti malware
Blacklist URLs

Detect any URLs in code that are blacklisted for containing malicious or inappropriate content.

anti malware
Actions On Malicious FIles

Users can take various actions like View, Delete, Repair or Ignore the flagged files.

Login Security and Spam Protection

Many attackers run scripts on the website to gain access to your account. To prevent this there are different security measures you can take. You can add protection on login like limiting the number of attempts, add a second layer of security with multi-factor authentication or even implement a Captcha to detect bots.

Why Does Your WordPress Site Need A WordPress Malware Scanner ? 

Powering over a third of the all websites on the internet, WordPress is an extremely popular and useful tool for anyone who wants to create and maintain a website. This popularity along with making WordPress extremely feature rich and customisable does come with some drawbacks. Give the popularity of WordPress among both hobbyists and professionals, it has attracted and continues to be the target of choice for hackers and other malicious actors.

In just one month on hacker is reported to have attacked 1 Million different WordPress Sites. These attacks are mostly run scattershot against any and every website that malicious actor can find. Most of these attacks are looking for vulnerabilities present in your site which could be leveraged to gain access to your site. From what we have observed across the past few years, the most common attack vectors through which attackers gain access to a site are:

  1. Brute Force Attacks – Here attackers, try to gain access to your WordPress Site by trying hundreds of thousands of combinations of username and passwords.
  2. Through Vulnerable Plugins or Themes -Statistically 98% of WordPress vulnerabilities are related to plugins.
  3. Through Un-updated versions of WordPress Core – Accounting for 37% of attacks on WordPress Sites.

What do Hackers Do After Gaining Access to your WordPress Site

After getting access to a site through methods listed above, we have observed a pattern that the hackers follow; that has persisted across almost all attacks.

  1. They create pages or modify existing ones, including in them links to phishing sites or other malicious content.
  2. They install a backdoor into your website, by downloading and installing a malicious plugin on your WordPress instance.
  3. They host malicious files, and viruses on your site, using it as a source for their malware campaigns.

Of special note here, is that, these attackers try their hardest to remain undetected by the admins of the website. Most of the time the attackers are only detected after the website has been black listed by Google or after the entire website is flagged as hosting malicious content. This can lead to severe monetary losses to the website, as the websites SEO ranking and reputation takes a big hit.



How Does The WordPress Malware Scanner Plugin Protect Your Website ?

The Malware Scanner plugin, allows you to proactively scan your entire website to find whether there has been a compromise or to check if you are vulnerable to an attack. As most attackers leverage vulnerabilities in plugins to break into a website, the malware scanner plugin maintains a list of plugins and their vulnerabilites, which are then cross checked against the plugins on your WordPress Site. Notifying you if you are using a plugin that may lead to a decrease in your site’s security.

The plugin also scans your entire site looking for any signs of malicious changes or signs of compromise. Cross checking all URLs and outbound links with known blacklists, flagging and notifying you if any such signs of compromise are found

What can the Malware Scanner do?

The Malware Scanner detects any threats/possible threats to the website. The following are the checks our Malware Scanner plugin performs to ensure website security.

Malware Scan:

  • Backdoors, trojans, viruses, worms, etc are detected.
  • Malicious code snippets are detected using more than 5 million malware signatures updated daily.
  • Scan for the presence of any Obfuscated/Encoded malicious code.

Version check & Compare Files

  • Check WordPress, plugins and themes version with WordPress.org repository.
  • Compare WordPress core, plugins and themes files with the marketplace repository to detect any file changes.
  • Detect any changes in the files present in the WordPress plugins and themes folder.

Scan post and comment data

  • Scan posts and comments data from databases to detect malware and malicious URLs.

Blacklist URLs

  • Detect any URLs in code that are blacklisted for containing malicious or inappropriate content.

Whitelist URLs

  • You can whitelist trusted URLs to avoid taking any action if that URL is flagged.

Check vulnerable plugins and themes

  • Checks vulnerable plugins and themes and notify them.
  • You can remove plugins and themes to enhance security.

Types Of Scans:

We offer a range of options to our users to meet their needs for an optimal and efficient malware scan.

    1. Quick Scan: Quick scan is used to scan plugins, themes and core files using malware signatures that are most commonly found. The scan is performed by just one click and needs no configuration.
    2. Standard Scan: The standard scan scans the entire website using more than a million signatures updated on a constant basis to catch Backdoors, trojans, viruses, worms, etc.
    3. Deep Scan: Deep scan, scans the entire website using more than 6.5 million signatures that include signatures retrieved by analysis and research, and are updated on a constant basis. A deep scan is available when you upgrade to the Premium version.
    4. Custom Scan: Custom scan provides configurable options to choose which folders to scan, extensions to skip, etc. A custom scan is suitable when you make changes to only a specific folder/file.

Types Of Attacks Protected by Using the WordPress Anti Malware Plugin

anti malware

A trojan looks like a normal file and hence tricks users into downloading it. Once installed, it gives the attacker remote access to the system resulting.

anti malware

Virus is dangerous as it can copy itself and spread to other devices by attaching themselves with executable programs, scripts, documents, etc.

anti malware

Worms are the most common type of malware. They harm the network by consuming bandwidth and overloading web servers.

anti malware

A backdoor is a malware type that dodges the authentication process to gain remote access.

Keep Your Website Safe From Attacks

Architecture of the Malware Scanner Plugin

Cloud Architecture

While using cloud architecture the file is sent from WordPress Server to the scanner server and the scanner server will scan the file data to detect malware and it will send the result to the WordPress server.

Architecture of Malware scanner plugin for cloud solution-malware scanner

On-Premise Architecture

In the On-premise architecture, the files are scanned on the same system. The scanner will read the files, scans for malware and sends the result to the plugin.

Architecture of Malware scanner plugin for on-premise solution-malware scanner

Benefits of Using the Anti Malware Plugin

Wide Range Of Signatures

We use over 5 million signatures to scan the website. We offer a wide range of signatures capable of detecting malware for multiple programming languages.

Multiple Deployment Ways

We offer Cloud as well as an On-premise service so that you can choose whichever solution that suits your needs best.

Up-to-date signatures

The signatures for detecting malware are updated constantly making our scanner capable of detecting the latest malware.

Fast Execution

We offer fast and reliable scan results compared to the market.

Easy to use Interface

Easy User Interface. Just one click to scan your website.


We provide 24x7 support in case you face any issues while using the product.

Pricing Plan for the Anti Malware Plugin

Malware Scanner

Price starting from

$15 /site/year

$35 /5 sites/year

$60 /10 sites/year

Upgrade Now

All Free features ⮞

Try Now
Repository Version Comparison We check if you have the latest and correct version plugin which has no known issues. FREE
Detect any changes in the files Any changes in the files will be detected and you will be notified. FREE
Malware Detection Detect malware in the files with signatures. FREE

All Premium Features ⮟

Upgrade Now
Advanced Signatures for Malware Detection miniOrange has it own premium signatures used to detect more advanced malwares in the files PREMIUM
Whitelist URLs Sometimes you have some URLs which are not known by the plugin but are harmless. You can whitelist the URLs so that they are not marked as spam PREMIUM
Blacklisted Domains We detect any blacklisted domain used in your wordpress so that your site does not get bad reputation PREMIUM
Custom Signatures If you want any particular string or code to be flagged, we can provide it as a custom signature just for you. PREMIUM
SQL Injection Check Checks for injected SQL queries which can harm your database and injected shell scripts which can harm your server by executing any commands. PREMIUM
Remote File Inclusion Check Inclusion of remote files can be harmful as code return in remote files will be executed on your server. PREMIUM
External link Detection We check for any backlinks or spam links inserted in your website. Spam links can cause a bad reputation for your website. PREMIUM
Action On Malicious Files You can View, Delete, Ignore or Repair the files flagged as malicious. PREMIUM
Detection Of Trojans and Backdoors Along with vulnerable code, you will be able to detect Trojans as well as backdoor code snippets. PREMIUM

Contact Us

if you have any query please contact us at info@xecurify.com or contact us Here

10 Days Return Policy-

At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you’ve attempted to resolve any issues with our support team, which couldn’t get resolved. We will refund the whole amount within 10 days of the purchase. Please email us at info@xecurify.com for any queries regarding the return policy.

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com