Deep Server Scan
Server-Level Analysis
The deep scan connects to your server via SSH and examines every file in your WordPress installation. This is the level of analysis that catches malware hiding inside PHP files, database tables, and directories that are invisible from the outside.
What It Detects
Core File Integrity
Every WordPress core file is compared against the official checksums from WordPress.org. Any file that has been modified, added, or is missing gets flagged. This catches backdoors injected into core files like wp-includes/ or wp-admin/.
Plugin and Theme Malware The scanner checks all installed plugins and themes against a database of known malware signatures. It looks for:
- Obfuscated PHP code (base64, eval, gzinflate chains)
- Known webshell patterns (48+ malware signatures)
- File injection backdoors
- Suspicious file timestamps (recently modified files in old plugins)
- Mass-modified files indicating widespread infection
Uploads Directory
PHP files should not exist in wp-content/uploads/. The scanner flags any executable files found in upload directories, which is one of the most common places attackers drop backdoors.
Database Injections The scan checks post content and option values for injected JavaScript, hidden iframes, SEO spam links, and other database-level infections.
User Audit The scanner lists all administrator accounts, checks for recently created users, and flags suspicious app passwords. Attackers often create hidden admin accounts to maintain access after the initial compromise.
Configuration Review
Your wp-config.php is checked for suspicious constants, disabled security features, and signs of tampering. The scanner also reviews .htaccess for malicious redirect rules.
How It Works
- You provide SSH credentials when adding your site (host, port, username, and key or password)
- The scanner establishes a secure SSH connection to your server
- It runs a 20-step verification process covering core integrity, plugin analysis, theme checks, uploads inspection, database content, user accounts, cron jobs, configuration review, and more
- You can monitor scan progress in real-time with step-by-step status updates in your dashboard
- Results are compiled into a structured report with AI-powered analysis
- The SSH connection is closed. We don't maintain persistent access.
The entire process takes 2-5 minutes depending on the size of your site.
AI Security Assessment
Every deep scan includes an AI-powered security assessment that goes beyond pattern matching. The AI analyzes all findings in context and provides:
- A prioritized list of actions based on risk and urgency
- Plain-language explanations of each issue and why it matters
- Specific remediation steps tailored to your site's configuration
- An overall security posture summary
PDF Report
Every deep scan generates a downloadable PDF report containing all findings, severity levels, AI explanations, and recommended actions. Share it with your team, hosting provider, or clients.
Pricing
Your first deep scan is free. After that, each scan costs $1. No subscription required - pay only when you scan.
When to Scan
- After noticing suspicious behavior (redirects, slow performance, unknown files)
- After a malware cleanup to verify the site is clean
- Periodically as a preventive check (monthly is a good cadence)
- Before and after major plugin or theme updates
Check Your WordPress Site Security
Free scan, no login required. Find vulnerabilities before attackers do.
Scan Your Site Free