≡ Menu

WordPress Malware Removal Tool Sucuri!

This post discusses about WordPress malware removal tool – Sucuri, the WordPress plugins to make your blog BulletProof Secure from the nasty attackers and the best book about WordPress Security. Act now if you don’t wish to panic later!

Firefox warning about visiting a site that hosts malware

Just imagine, it was a fine morning. You visit your own blog and saw the message, something like in the image above. Could there be anything more disgusting?

“The website appears to host malware software that can hurt your computer or otherwise operate without your consent. Just visiting a site that hosts malware can infect your computer.

And, see the language – how harsh it is. Imagine the feelings of your visitors who saw this message. No doubt, they will be more frightened than you.

The adverse effect of malware infection does not just end here. The Google bots are constantly crawling your site. What happens when they find your site is hosting malware? It really takes a long time to recover in SERP position even after you clean up your blog.

I know, you did not host any malicious software in your website nor will allow anybody else. How did this happen? Yes, there are nasty people with smart malicious scripts.

It’s better you prevent it from happening rather than go through a painful process of malware removal.

How can you prevent malware infection?

There are some really nice and intelligent plugins for WordPress to detect and block the infection. I used WordPress Antivirus, WordPress Firewall and Login LockDown plugins.

The first plugin scans your theme files, plugins and core files to warn you of possible loopholes.

The second will block all the attempts to modify core files, theme functions and plugin codes.

The third one will block the user after the specified number of failed log in attempt. So this is effective to avoid brute-force method.

Those plugins were fine as long as I did not discovered BPS Security. Now, I use Bullet Proof Security on my blog which is capable to perform all of the above mentioned prevention, plus a lot more.

BPS Security employs the htaccess method to block the nasty attempts and offers you a number of suggestions regarding making your blog bullet proof. The plugin is highly recommended.

Click Here to visit BulletProof Security website to download and learn more about the plugin features and how to use it.

Use Online Malware Scanner Before Installing BPS Security

You can install Bullet Proof Security plugin and tighten your latches now, if your blog is fresh installed and free from any possible illness. However, if your blog is already popular and you ran it for so long without security plugins, you are strongly suggested to use online malware scanner.

I use Sucuri most often. It’s truly a good service.

Sucuri has three different plans, Power Plan for up to 5 sites, Premium for one site and Free for basic scan.

Click Here to visit Sucuri website to learn more about its features and how to use it.

Following is the result of scanning bivori.com:

Sucuri Online Malware Scanning Report


Sucuri Website Details


Sukuri blacklisting status

Sucuri for malware removal

If you buy their Power plan or Premium plan they offer:

  • Malware Cleanup (No page limit)
  • Website Integrity Monitoring
  • Email & Twitter Alerting
  • Manual Website Scanning
  • Blacklist Removal

It will be necessary to purchase the Power or Premium plan if you find that your blog is infected.

If you just want to perform a scan, you can Free Scan by entering the URL of your blog and click Scan button.

Securi online malware scanner

Please visit their site if you are interested on their service:- click here

Best Book about WordPress security


by Suresh Khanal

Hi, it’s me behind this blog - Bivori.com. Interested to blogging, different monetization options, WordPress Themes, Plugins and various blogging tools. I love setting up new blogs, customize and optimizing them. Want me to write for you? Add in your Google+ circle and lets get connected.

9 comments… add one

  1. Hi Suresh, wow what an awesome tool. A good few years back I experienced malware on one of my blog’s and it was caused by several things. 1, I didn’t have any internet security on my computer and 2, I was downloading plugins from shady sites and uploading them to my WordPress blog, not a good idea.

    This tool would have been useful if I had known about it, but it’s good to see that there is something available just in case it happens again in the future. Thanks for the great review.

    1. Thank you Fabrizio for the comment. It’s a good idea to scan your blog at least once a week, and the good thing is – its free for scanning. Knowing the problems earlier, I hope, will let you solve it easier.

      I hope you are already using BulletProof security on your blog.

  2. This really is great post Suresh. I came to your website through This is a very helpful article.The tools that you have mentioned are really helpful. Thank you!

    1. Thank you Balaji for the comment. I hope its better to stay safe than to panic later, isn’t it?

      BTW, you’ve redirected your site to redirect to /blog/. Are you planning something different for your main domain?
      Suresh Khanal recently posted…WordPress Malware Removal Tool Sucuri! My Profile

      1. To be honest my web developer had built my website with that url. I would like to ask you would that be a problem? If so, how can I change it? And once I change it will it be a problem to all the links for existing articles on my website?
        Balaji G S recently posted…Unique Small Business IdeasMy Profile

        1. There is no problem in having blog in subdirectory if you are planning to present something else on your main website. But if the blog itself is your primary thing, then its better to have in top level domain. Subdirectories are considered ‘sub’ by everybody.
          Suresh Khanal recently posted…My First Experience to Sell Website on FlippaMy Profile

          1. So if I change it in wordpress where we have an option for entering the desired url for the website will it be a problem for the existing articles and their links?
            Balaji G S recently posted…How to Start a Fast Food RestaurantMy Profile

  3. Here is another WordPress performance & security tip:

    Use the minimum amount of plugins necessary for a site. Also use something like Login Lockdown which will temporarily block an IP address that has failed to login successfully after a certain amount of times.
    Lorenzo recently posted…Why I Recommend and use WP EngineMy Profile

    1. That’s very true Lorenzo. Thanks for you input.
      Suresh Khanal recently posted…Should You Accept Guest Posts in Your Blog? Why and why not?My Profile


Leave a Comment

CommentLuv badge
This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)
Read previous post:
The Large Skyscraper Ad Unit 300x600
The New 300×600 Adsense Ad Unit – The Large Skyscraper

Larger Ad units performs better compared to the smaller ones and Adsense introduces the new 300x600 Ad Unit called the...