9个最佳WordPress插件，用于检测网站上的恶意代码

恶意软件发生。当这样做时，拥有正确的工具进行扫描malware attacks and detect threats可以保护您的网站免受安全冲突。不像CMS集线器，WordPress站点需要the rightWordPress插件that can help detect malicious code and guard your site against possible threats. By getting ahead of potential compromise with comprehensive threat detection and remediation, the right plugins can keep your site clean and healthy.

Here’s a look at WordPress malware monitoring plugins that can help save your site — and give you much-needed peace of mind.

1.Sucuri Security

价格：免费

Sucuri是一个领先的名字website securityin the WordPress community.

SUCURI安全WordPress安全插件对于任何WordPress用户都是免费的。该插件提供的关键安全服务将确保您的网站安全。它将帮助您进行文件完整性监视，远程恶意软件扫描，黑名单监视等。

通过远程恶意软件扫描，安全性硬化，活动和文件监视，您可以轻松地知道您的网站始终受到潜在的恶意软件威胁的保护。

2.Wordfence Security

Price:Free, with premium plans available

Wordfence is one of the最受欢迎的WordPress安全插件迄今为止，下载量超过一百万。该插件可以判断您的网站是否已经受到质量不佳的代码影响，并对您的WordPress核心，主题和插件进行了深入的安全检查。

It uses gathered experience to safeguard your site against known attackers and will block entire malicious networks. It includes advanced IP and Domain WHOIS to report malicious IPs or networks and will also block entire networks using a firewall. The plugin is regularly updated to ensure your site is always defended by cutting-edge protection algorithms.

3.AntiVirus

价格：免费

This plugin was created to fight spam, but can also create a protective shield around your site, perform automated daily scans, and send reports to your email account so you can always be updated and take proactive measures to protect your site.

This plugin shows virus alerts in the WordPress admin panel, can perform daily security checks, clean up your site after the removal of any plugins, and check databases, themes, and templates to ensure everything on your site is safe. It also offers checksum verification for WordPress Core files and Google Safe Browsing to help monitor for malware and phishing attacks.

4.Quttera Web恶意软件扫描仪

价格：免费

Quttera Web恶意软件扫描仪is a free and powerful security plugin for WordPress that will scan your website for malware, trojans, backdoors, worms, viruses, and spyware. It can also check for other threats as well like JavaScript code obfuscation, exploits, malicious iframes, malicious code injections, malicious code obfuscation, auto-generated malicious content, redirects, hidden eval code, and more.

Additionally, this plugin will check if your site is blacklisted and ensure that you can take protective action against any possible threats. Other features include one-click scan capability, external links detection, an AI-based intelligence scan engine, and PHP malware detection.

5.反恶意软件

价格：免费

This is a custom WordPress plugin that fights malware and protects your site. It runs a complete scan of your WordPress site and removes all possible security threats to ensure that your site is healthy and safe.

反恶意软件还包括下载定义更新的能力，这些更新有助于防御您的网站免受新的威胁和升级脆弱脚本版本，以防止未经检测的利用。此外，您可以检查WordPress Core文件的完整性，以确保没有恶意软件代码损害关键功能和资产。

6.SecuPress Free

Price:Free, with premium plans available

secupress毫无疑问清楚地表明：“您做到了，我们确保它的安全！”

This free tool includes malware scanning that helps block malicious bots and suspicious IP addresses, and also offers a complete WordPress security toolkit as a for-pay plugin. SecuPress is also GDPR compliant, making it a great choice for any WordPress site hosted in the EU or that handles EU-origin data.

一些Secupress功能包括反蛮力登录保护，防火墙工具，安全警报和通过地理位置阻止的国家 /地区。该工具易于使用和安装，使其成为前线恶意软件检测和拆卸的绝佳选择。

7.MalCare

Price: $99/year for 1 site, $599 for 20 sites

Malcare品牌本身就是“唯一具有即时WordPress恶意软件的WordPress安全插件”，并且该高级插件被多个知名站点使用，以帮助确保其数据和WordPress资产安全。

Offering real-time protection with its “smart” firewall technology and using its own servers for malware scanning, MalCare won’t slow down your site — and promises effective malware removal in less than a minute.

In addition, MalCare targets malware by removing affected portions of files rather than the files themselves, leaving your site intact and fully-functional. While the service isn’t cheap, it’s worth considering if you have a substantive amount of WordPress data to protect.

8。泰坦反垃圾邮件和安全

Price:Free, with premium plans available

该插件先前称为Anti-Spam，最近被称为Titan Anti-Spam和安全性。

免费版本提供反垃圾邮件，防火墙，恶意软件扫描和站点可访问性功能，以帮助保护您的网站免受可能的攻击。它的反垃圾邮件功能对您的网站上的注释对全局数据库进行检查，以帮助识别潜在威胁，而其恶意软件扫描功能检查了恶意软件，后门，恶意重定向和代码注射的系统文件，主题和插件。

The Pro version includes advanced scanning with more than 6000 signatures along with the ability to update firewall rules in real-time.

9。WP Cerber Security

价格：免费

有超过200,000个安装，这个免费的恶意软件扫描仪插件可以帮助您确保您的网站安全而无需违反预算。

WP Cerber Security includes login attempt limitations that monitor login forms, XML-RPC, REST API, and auth cookie requests. It leverages Google reCAPTCHA to defend your registration, contact, and comments forms from bad actors attempting to spam your site.

This tool also gives you the ability to permit or restrict access on a per-IP basis using single IPs, IP ranges or subnets, and allows you to create custom login URLs.

如何从WordPress网站上删除恶意软件

If yourWordPress website表现奇怪 - 例如花比平时多的时间来响应，未经您的许可打开新链接或显示奇怪的错误消息 - 您可能已经被恶意软件妥协了。

When it comes to removing malware from your WordPress site, you’ve got two options: Take on this task yourself or use a purpose-built WordPress plugin. While the plugins described above all offer ways to automatically remove malware from your site, you may also want to conduct your own assessment to ensure no malicious files or folders have made their way into your site’s framework.

Start by backing up your site. Many reputable web hosts offer a site backup feature that lets you take a snapshot of your site and save it to a local desktop. You can also use aWordPress插件备份to create a backup if your site host doesn’t offer this feature.

Next, open your backup and examine key files such as wp-config.php and .htaccess along with your wp-content folder. You’re looking for anything out of place, such as additional file lines or strange web addresses that could indicate a malware compromise.

最好的选择？在桌面上运行本地恶意软件扫描工具，以自动评估文件并删除任何恶意软件。

确认备份清洁后，删除public_html文件夹中的所有文件，然后重置所有站点密码，然后将备份映像上传回WordPress站点。最后，使用上面列出的WordPress插件之一再次扫描您的网站，以确保删除成功。

Secure Your WordPress Site

WordPress插件can detect malicious code and safeguard your site from potential threats. Find one that best meets your needs and budget and run it regularly to help reduce the risk of malware infection and limit the impact of code compromise.

This post was originally published in January 2020 and has been updated for comprehensiveness.