Scanning Your Wordpress For Malware

Recently I was chatting with one of my friends who is interested in creating a Wordpress site. He is quite new to the whole process and was using his site to sell golf handbooks for the European and US PGA tours. 

However he recently had an issue with malware (malicious software) and this was not only impacting the trade he could do through his site, but it had brought his productivity to a complete halt. Now me being the wonderfully helpful and salubrious chap that I am, felt it would only be right that I advise my friend in his time of need.

He was selling products through his newly created Wordpress site, but he was unaware of the security/malware protection aspects he should be taking note of. I felt duty bound to give him further advice and guidance especially in light of his recent issues, which resulted in malware redirecting his customers to other questionable sites and thusly affecting the trust they had in his product.

I informed him of a few steps he should be taking to repair the damage caused by this malware attack, and how to reduce this threat going forward. These steps can also help you if you have been affected by such problems on your own Wordpress site.

Logging into his Wordpress dashboard, I was surprised to see that he did not have any security, malware protection or exploit scanner plugins installed. I set about rectifying this by taking just a few simple steps and installing the following malware/exploit plugins.

Check Your Themes

The first plugin I installed is one I have previously mentioned, TAC (Theme Authenticity Checker). This plugin scans your Wordpress theme files for potential malicious or unwanted code that may have been injected into your Wordpress themes. Hackers often inject a line of code into themes that may not have been continually updated, this plugin is excellent for checking for those moments of malware induced madness.

Scan For Exploits

First up is the free plugin Exploit Scanner, as this is free I have no qualms recommending it and it can run alongside a more comprehensive ‘paid scanner’. This plugin scans all your Wordpress files and database installs for malicious software (Malware), highlighting signs that your Wordpress site may have fallen victims to hackers. This site does return a lot of false positives, however. So you will have to be aware of what you are doing to remedy these issues.

However if you are wanting to resolve and rescue your site which has been reduced to that of a mewling quim as a result of malware, or even to ensure comprehensive protection on top of the free plugin I mentioned previously. I would recommend going for a paid package that continually scans your Wordpress database, files and folders for any exploits (or other issues) that may be present. 

Fixhacked is a comprehensive exploit scanner that works just like any other Wordpress plugin, always scanning not only your website, but also your files and database, ensuring you are notified of any issues. Thus allowing you to respond accordingly. If an issue does crop up and you are at a loss for what you need to do in order to remedy those awful situations, you can always contact us to Hire an Expert. Initially this plugin will have a minor effect on your sites performance as it begins scanning your files and database, but in the long-run it runs painlessly and smoothly in the background with little effect to your sites continuous performance.

In the long run, what is a minor performance hit when ensuring the safety of your site going forward. Reducing the effects of malware and hack-attacks. Most of us are not experts and are complete noobs when it comes to spotting these problems, not to mention rectifying them. But if you ever do need help, please do feel free to ask. Communication is key after all.

Until next time.

Try FixHacked for free for one month

Try our free scanner!

Hire an Expert

I need an Expert


Chat with us and find out what you need to know!

Start livechat