MALWARE (TAMPERING AND VIRUSES) CHECK PLUGIN WITH THE HIGHEST DETECTION ACCURACY DEVELOPED IN JAPAN
PLENTY OF SECURITY (ENHANCEMENT) MEASURES TO PREVENT HACKING ACTIVITIES
EASY SETTINGS USING CHECK BOXES!
All security improvement functions are available free of charge, including 21 items (Login LockDown, Login captcha, Password reset captcha, Login log, Protect author information, Change login page URL, Prevent information leak about WordPress version, Protect important files, Protect server information, Prohibit display of Index list, Prohibit WPSCAN, Prohibit access from brute force attack IP to XMLRPC and wp-login, Inspect permission (write permission for files), Prohibit editing themes and plugins, Prohibit Pingback, Prohibit REST API, Prohibit Trace & Track, Prohibit comment posting via proxy, Comment form captcha, Prohibit comment posting by spambots, IP blocker , Include file protection, Upload folder protection, Block danger query) other than the above.
Complete scan of files and databases
WordPress Doctor Malware Scanner & Security v1.9 or later scans files as well as databases for all patterns and detects and removes any malicious code.
There are two types of malware: those that parasitize PHP files and send backdoor programs, spam, redirects, etc., and those that write directly into the database.
The most common malware type for databases is redirection hack.
WordPress malware (Virus) removal
You can easily remove or edit malware file at management screen.
This function not only can remove malware file but deleting just malware code included in wordpress ordinary files.
NIST vulnerability check.
This test checks for the most dangerous vulnerabilities (CVSS V 7.5 points ~) in WordPress and plugins.
※The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.
Vulnerabilities are detected from the data in the database of NIST, an international organization.
Block hacking
in realtime!
WordPress Doctor - Malware Scanner & Security has a world’s first function that blocks hacking activities before infection to malware.
.
Once hackers find fragility of a website, they will build-in a backdoor to tamper the website again even if the malware is removed. This function will block malware codes by catching them at the time they are sent, and log the hackers’ IPs.
*You can activate this function by subscribing the latest malware patterns.
Install the Plugin
- Download the plugin and save the ZIP file to your local computer.
- Log in to your WordPress. From dashboard, go to “Plugins” > “Add New” > Click “Upload Plugin”.
- Select the downloaded ZIP file and click Install Now to activate the plugin.
- Click plugin menu “Malware Scan” added to the left bar on dashboard.
- Click “Scan now” on the right top to start scanning shortly.
- Various settings are available on the “Setting” tab on this display, and the plugin’s security measures are available on the “Security Improvement” tab.
100000
files a day can be checked with the high-speed scanner.
6009
malware (tampering) patterns can be detected.
551
vulnerabilities can be inspected.
14728
sites installed & trusted our plugin.
Troubleshooting
Auto scaning does not start at the scheduled time.
Auto scaning of malware scanner uses the auto-execution function of WordPress. This function is triggered only when there is an access to the website.
If there is no access in the scheduled time zone, execution of auto scaning may be delayed.
SCANNING TAKES TOO MUCH TIME.
The execution time of malware scanning depends on the number of files. If there are a lot of files to be scanned, scanning may take several minutes at least, or more than 10 minutes to complete.
Can I switch the screen during scanning?
Scanning will be stopped, but the files are scanned properly and are recorded up to that point. Please restart scanning or wait until auto scaning is completed.
Login captcha is not displayed, or captcha value is not accepted.
Due to using Jetpack single sign-on function or caching plugin together, cached login screen without captcha or login screen including old captcha (captcha is generated at every access to the login screen for security) may be displayed. In this case, please create a URL as follows and try to access.
http://URL of WordPress/Changed login URL?jetpack-sso-show-default-form=1
If you have changed wp-login.php and login URL with a caching plugin, it is recommended not to cache the changed URL.
What if malware is detected?
When a malware is found by scanning only with pattern matching, there is a possibility of misdetection. Please consider waiting until the code is reviewed.
Please note that the website has been tampered when some files are judged as malware as a result of definitive diagnosis of individual files.
Removal of malware requires technical knowledge. It is recommended to ask an expert, but pay attention especially to the following points when you manage it by yourself.
● If the malware is infesting the file originally consists WordPress, please delete only the tampered parts carefully.
● If the file is not a regular file of WordPress, the entire file can be deleted without any problem.
However, if the tampered file is read by another tampered file, deletion of the tampered file may cause errors to the caller and may lead to malfunction such as undisplayable website. In that case, investigation of the caller and deletion of its tampering are required.
Inquiries about the plugin
Please feel free to send us your opinions, feedback, and questions.