Sucuri for WordPress: Remote Malware Scan

Learn How to Perform a Remote Malware Scan of Your WordPress Site

The Sucuri Security plugin offers a Remote Malware Scan tool you can use to protect and clean your WordPress site. For the best performance, this should be part of your site before you have an issue.

Do keep in mind this only monitors the Core WordPress files. This means that malware hiding in your plugins, themes, or media uploads are not part of the scan. If your reading this and don’t have a security plugin already as part of your site, add one now.

In this guide, we’ll go over what you’ll see and how to use the Sucuri Security plugin for WordPress.

This article assumes you have the Sucuri for WordPress plugin installed already.

Sucuri Security Tool in WordPress

After you have installed the plugin you will see a new section in the Dashboard called Sucuri Security. This is where you can access the Remote Malware Scan Tools.

Remote Malware Scan - Sucuri Security

Core WordPress Files Were Modified

Core WordPress Files Were Modified - Remote Malware Scan

If you see the above image on your screen, it’s not time to panic. There are a few things that could cause false positives.

If your site is several years old, it’s likely that WordPress has upgraded itself many times. Over the years WordPress has changed its core files. Every so often, files are not erased during an upgrade.

Common files that are not deleted:

  • wp-includes/css/dist/editor/editor-styles-rtl.css
  • wp-includes/css/dist/editor/editor-styles-rtl.min.css
  • wp-includes/css/dist/editor/editor-styles.css
  • wp-includes/css/dist/editor/editor-styles.min.css

Sucuri will also find files that you may not want to remove. The main ones would include:

  • .user.ini — This file is from cPanel when you make changes to the site via MultiPHP INI Editor.
  • phpinfo.php — This file will tell you the settings that PHP is using in your current directory. Useful for troubleshooting issues with WordPress.

As described later, the Sucuri plugin can delete the files by itself. If you get reports of files other than the ones above you may wish to ask your developer if it’s a false negative or not.

Sucuri Remote Malware Scan Options

While it may be tempting to erase everything that it finds, this can cause issues with your site not loading at all.

To fix the issue you have the following options under Action:

  • Mark as Fixed (tells the system to ignore the file)
  • Restore File (restores the file back to the original that WordPress says it should be)
  • Delete File (erase the file, if the is not needed)

If you want to delete files it will look like this:

Click on the box that you “understand that this operation cannot be reverted“. Then click on Submit for it to process the files.

Delete Malware Files

Going Forward

If you choose to use the Sucuri Plugin it should only be part of your security arsenal. It doesn’t replace making sure you update your site and plugins regularly.

For the most secure WordPress site, you need secure hosting. That’s why InMotion Hosting created their own WordPress Hosting package with rigorous server-side security - so you can spend less time hardening your hosting and more time creating your website.

View WordPress Hosting Plans

IC
InMotion Hosting Contributor

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting

Was this article helpful? Let us know!