[WordPress] 外掛分享： Cleverhog Malware Scanner

外掛標籤

開發者團隊

原文外掛簡介

Cleverhog Malware Scanner helps you investigate a suspicious or compromised WordPress site from the admin dashboard. It is free and may be used on unlimited websites with no license keys or per-site fees.
This plugin detects and reports potential security issues. It does not automatically remove malware or guarantee that a site is clean. Always back up your site before changing or deleting files.
What it scans

Files — Pattern-based scan of themes, plugins, uploads, wp-content, or the full site (with code snippets, file size, and last-modified date)
Backdoors — Must-use plugins, drop-ins, wp-config, cron jobs, and suspicious hooks
.htaccess — Discovers .htaccess files site-wide and lists suspicious redirects, PHP handlers in uploads, auto_prepend, cloaking rules, and more
Authentication — XML-RPC, user enumeration, weak salts, file editor, and SSL-related checks
Database — Suspicious autoloaded options and injected post content
Administrators — All admin users with registration dates and risk flags
Updates — Outdated plugins, themes, and core (medium for major/minor updates, low for patch-only updates)
Plugin integrity — WordPress.org plugins compared to official checksums (one summary per plugin)

Features

Live threat counter during scans
Results sorted by severity (critical, high, medium, low)
Last scan results restored when you reopen the dashboard
Admin menu badge showing critical issue count
Excludes this plugin’s own files from file scans to reduce false positives

Privacy
This plugin runs entirely on your server. Scans do not send your site files to the plugin author.
When you run a scan, the plugin may contact:

WordPress.org (downloads.wordpress.org) — to fetch official plugin checksums for integrity verification
WordPress.org update APIs — to check for available plugin, theme, and core updates (standard WordPress behavior)

No personal data is collected by the plugin author. Scan results are stored in your WordPress database (options and transients) for display in the admin dashboard and are visible to users who can manage the site.
Support
Support is provided through the WordPress.org support forums after publication.

延伸相關外掛

Wordfence Security – Firewall, Malware Scan, and Login SecurityWordfence Security 是最受歡迎的 WordPress 安全防護外掛，...Jetpack – WP Security, Backup, Speed, & GrowthJetpack 是一款多合一 WordPress 外掛，整合網站安全防護、自...Kadence Security – Password, Two Factor Authentication, and Brute Force ProtectionSolid Security 是一款專為 WordPress 網站設計的安全外掛，...Sucuri Security – Auditing, Malware Scanner and Security HardeningSucuri Security 外掛旨在保護您的 WordPress 網站，提供全面...NinjaFirewall (WP Edition) – Advanced Security Plugin and FirewallNinjaFirewall (WP Edition) 是一款先進的網頁應用防火牆，專...Jetpack ProtectJetpack Protect 是一款免費的每日惡意軟體掃描和 WordPress ...Defender Security – Malware Scanner, Login Security & FirewallDefender Security 是一款全方位 WordPress 安全防護外掛，提...SecuPress with Simple SSL – Simple and Performant SecuritySecuPress 是一款專為 WordPress 設計的安全外掛，提供全面的...Security Plugin, Firewall & Malware Scanner with Auto Removal此外掛提供全面的登入安全防護，包含暴力破解防護、雙重身份...NinjaScanner – Virus & Malware scan該款WordPress外掛為「NinjaScanner」，是一款輕量、快速且強...AntiVirusAntiVirus 是一個易於使用、安全的工具，可加固您的 WordPres...Jetpack VaultPress請注意：此外掛已不再對新客戶提供支援。 對於下一代的 Vault...Security Ninja – WordPress Security & FirewallSecurity Ninja 是一款輕量級的 WordPress 安全外掛，旨在保...DefendWP Firewall總結：DefendWP.org 是一款 WordPress 外掛，能保護您的網站...Vigilant – 100% Free Security Suite: Firewall, 2FA, Login, Headers, Scanner…Vigilant 是一款完全免費的 WordPress 安全外掛，提供企業級...