Detects malware infection
from internal files

Checks and detects malware (tampering and virus infection) by scanning throughout the files inside WordPress.

Malware pattern detection
and definitive diagnosis

You can check both of the machine detection of malware patterns and the result judged by experts.

Highlights the detected
location of malware or tampering

Highlights the locations where malware or tampering is detected for easy identification.


Auto scanning runs at midnight so that tampering damage can be checked during hours with less visits to the website.

Emails you about the
detection result of malware infection

Notifies by email when detected malware so that you won’t miss it. (Email notification is only once in 24 hours even if detected multiple times.)


Automatically acquires malware patterns increasing day by day via cloud. Installs them to detect the latest malware and tampering methods.



Enhances login functions of WordPress to make it difficult for hackers to steal administrator right.


Prevents leak of important files (htaccess, wp-config.php, etc.) and server information.

Protects against
hacking tools

Detects accesses from well-known hacking tools and blocks them to protect WordPress.

Shows adequate write
permission for files.

Shows files having a problem with write permission, and advises adequate write permission.

Protects against brute
force attack

Detects and blocks IP addresses that attempted to login to your website by brute force attack.

Protects against comment
spam and spam emails.

Prevents automatically posted comment spam and spam emails.

All security improvement functions are available free of charge, including 21 items (Login LockDown, Login captcha, Password reset captcha, Login log, Protect author information, Change login page URL, Prevent information leak about WordPress version, Protect important files, Protect server information, Prohibit display of Index list, Prohibit WPSCAN, Prohibit access from brute force attack IP to XMLRPC and wp-login, Inspect permission (write permission for files), Prohibit editing themes and plugins, Prohibit Pingback, Prohibit REST API, Prohibit Trace & Track, Prohibit comment posting via proxy, Comment form captcha, Prohibit comment posting by spambots, IP blocker , Include file protection, Upload folder protection, Block danger query) other than the above.

Complete scan of files and databases

WordPress Doctor Malware Scanner & Security v1.9 or later scans files as well as databases for all patterns and detects and removes any malicious code.
There are two types of malware: those that parasitize PHP files and send backdoor programs, spam, redirects, etc., and those that write directly into the database.
The most common malware type for databases is redirection hack.

WordPress malware (Virus) removal

You can easily remove or edit malware file at management screen.

This function not only can remove malware file but deleting just malware code included in wordpress ordinary files.

NIST vulnerability check.

This test checks for the most dangerous vulnerabilities (CVSS V 7.5 points ~) in WordPress and plugins.

※The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes. Vulnerabilities are detected from the data in the database of NIST, an international organization.

Block hacking
in realtime!

WordPress Doctor - Malware Scanner & Security has a world’s first function that blocks hacking activities before infection to malware.
. Once hackers find fragility of a website, they will build-in a backdoor to tamper the website again even if the malware is removed. This function will block malware codes by catching them at the time they are sent, and log the hackers’ IPs.

*You can activate this function by subscribing the latest malware patterns.

Install the Plugin

  1. Download the plugin and save the ZIP file to your local computer.

  2. Log in to your WordPress. From dashboard, go to “Plugins” > “Add New” > Click “Upload Plugin”.

  3. Select the downloaded ZIP file and click Install Now to activate the plugin.

  4. Click plugin menu “Malware Scan” added to the left bar on dashboard.

  5. Click “Scan now” on the right top to start scanning shortly.

  6. Various settings are available on the “Setting” tab on this display, and the plugin’s security measures are available on the “Security Improvement” tab.

Download plugin for free v2.1.5


files a day can be checked with the high-speed scanner.


malware (tampering) patterns can be detected.


vulnerabilities can be inspected.


sites installed & trusted our plugin.


Auto scaning does not start at the scheduled time.

Auto scaning of malware scanner uses the auto-execution function of WordPress. This function is triggered only when there is an access to the website.
If there is no access in the scheduled time zone, execution of auto scaning may be delayed.


The execution time of malware scanning depends on the number of files. If there are a lot of files to be scanned, scanning may take several minutes at least, or more than 10 minutes to complete.

Can I switch the screen during scanning?

Scanning will be stopped, but the files are scanned properly and are recorded up to that point. Please restart scanning or wait until auto scaning is completed.

Login captcha is not displayed, or captcha value is not accepted.

Due to using Jetpack single sign-on function or caching plugin together, cached login screen without captcha or login screen including old captcha (captcha is generated at every access to the login screen for security) may be displayed. In this case, please create a URL as follows and try to access.

http://URL of WordPress/Changed login URL?jetpack-sso-show-default-form=1

If you have changed wp-login.php and login URL with a caching plugin, it is recommended not to cache the changed URL.

What if malware is detected?

When a malware is found by scanning only with pattern matching, there is a possibility of misdetection. Please consider waiting until the code is reviewed.
Please note that the website has been tampered when some files are judged as malware as a result of definitive diagnosis of individual files.
Removal of malware requires technical knowledge. It is recommended to ask an expert, but pay attention especially to the following points when you manage it by yourself.

● If the malware is infesting the file originally consists WordPress, please delete only the tampered parts carefully.
● If the file is not a regular file of WordPress, the entire file can be deleted without any problem.

However, if the tampered file is read by another tampered file, deletion of the tampered file may cause errors to the caller and may lead to malfunction such as undisplayable website. In that case, investigation of the caller and deletion of its tampering are required.

Inquiries about the plugin

Please feel free to send us your opinions, feedback, and questions.

Disclaimer: We do not guarantee the accuracy of the result of WordPress Doctor: Malware Scan Plugin. In addition, we are not responsible for any damage to users, other indirect servers, any items, or data by using this tool. In order to scan the malware found by us after installation, you need to subscribe the malware definition. Please use WordPress Doctor: Malware Scan Plugin with kind understanding and acknowledgement that it acquires a part of inspection data for the purpose of accuracy improvement.
Prohibited matters (licensing): Many of the functions of this plug-in can be used free of charge. But using this plug-in to get compensation from customers (Providing other companies with paid malware scanning and removal services) is prohibited. If you violate this clause, you agree to charge 400 $ per site. If you are interested in doing business like this, please contact us and conclude a licensing agreement.