Antivirus for WordPress

When we think of an antivirus for WordPress as a plugin, we actually have a system that looks for patterns within the code, but very limited. Instead, an antivirus finds other types of profiles.

This tutorial has been created on a VPS. You can create your own VPS from 3€/month.

In addition, you have the possibility to create your VPS with the WordPress image in one click.


And there are antivirus for Linux that work just like in any other operating system, not only looking for functions that can be dangerous in WordPress code, but also in other files, such as documents, images, or executables.

If you have a shared hosting, it is very likely that your provider already has general security measures, but if you manage your own infrastructure, having an antivirus is always a good option.

In this case we will use a standard such as ClamAV. Its installation for Ubuntu is very simple.

apt -y install clamav clamav-daemon

And once installed, you can launch the scan of the folder you want.

clamscan --infected --infected --recursive /webs/

In this case it is configured so that it does not show you all the files, but only those that may contain some type of infection. With any luck, you will only receive the scan summary.

----------- SCAN SUMMARY -----------
Known viruses: 8515047
Engine version: 0.102.4
Scanned directories: 352
Scanned files: 2517
Infected files: 0
Data scanned: 107.12 MB
Data read: 49.50 MB (ratio 2.16:1)
Time: 58.752 sec (0 m 58 s)

In the event that a problem appears with a file, the specific file would appear and, from there, it is a matter of deleting, moving or quarantining it as necessary.

About this document

This document is regulated by the EUPL v1.2 license, published in WP SysAdmin and created by Javier Casares. Please, if you use this content in your website, your presentation or any material you distribute, remember to mention this site or its author, and having to put the material you create under EUPL license.