Skip to main content
Help Center
The GoDaddy Community will undergo maintenance starting on Wednesday, July 28th at 3pm PST / 6pm EST. Learn more
  • GoDaddy Community
  • VPS & Dedicated Servers
  • VPS & Dedicated Servers

    cancel
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    SiteDoctor
    Helper IV

    Scanning for malware

    I posted this several months back and didn't get any responses, so I thought I'd take another shot at it now there are more people in the Community.

     

    I rely on using WordPress plugins to help find malware on customers' sites, however sometimes the site is offline. If I'm hosting the site then I have software on my server I can use to run a scan. But when someone else is hosting the site or it's on a shared host, I'd like to be able to upload a script that would scan all the files in the user's account and print out a list of suspect files I can investigate. Similar to what a company like Sucuri would use to do this type of thing.

     

    Does anyone have anything they can recommend? I welcome any and all suggestions.

     

    Cheers!

    Doc

     

     

    Need some help with WordPress? Check out Site Doctor 911
    Worry-Free WordPress Support - So You Can Focus On The Important Stuff
    4 REPLIES 4
    JesseW
    Community Manager

    Hey @SiteDoctor,

     

    Great post! Hope you get some good participation. If you're looking for WordPress specific suggestions, you may also consider posting this idea on the Managing WordPress board. Hope to see lots of suggestions!

     

    I'm not aware of a single script that would be able to scan for everything. I did find this helpful write-up from the folks over at Media Temple though. It has some great suggestions.

     

     

    JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give likes.

    Thanks @JesseW - that is a good article! I'm always looking for useful new techniques to add to my toolkit for un-hacking WordPress sites. It never ceases to amaze me how clever some of these hackers can be.

     

    I'll give this thread a bit of time here and if it doesn't get any traction I'll try posting in the Managed WordPress forum.

     

    Cheers!

    Doc

     

     

    Need some help with WordPress? Check out Site Doctor 911
    Worry-Free WordPress Support - So You Can Focus On The Important Stuff
    oslinux
    Helper V

    Most of the Malware scanners for wordpress are plugins. I was able to locate a few links for malware cli scanners.

    Free Scanner, looks very basic in what it scans

    http://www.php-beginners.com/wordpress-hack-malware-scanner.html

     

    Provided by WP-CLI plugin. Used to check wordpress core files for modifications

    https://dannyvankooten.com/periodically-check-wp-core-file-modifications/

     

    Commercial scanner that provides a free trial and looks like it is a complete wwebsite malware scanner that supports several CMS,s

    https://ispprotect.com/#trial 

    @oslinux - thanks for this, I will definitely check these out.

     

    Cheers!

    Doc

    Need some help with WordPress? Check out Site Doctor 911
    Worry-Free WordPress Support - So You Can Focus On The Important Stuff