Deep Malware Cleaner

开发者	themepaste habibnote
更新时间	2026年5月12日 21:22
PHP版本:	7.4 及以上
WordPress版本:	6.9
版权:	GPLv2 or later
版权网址:	版权信息

开发者

themepaste
habibnote

更新时间

2026年5月12日 21:22

PHP版本:

7.4 及以上

WordPress版本:

6.9

版权:

GPLv2 or later

版权网址:

版权信息

详情介绍:

Deep Malware Cleaner is a lightweight deep malware scanner built for WordPress. It performs a thorough deep cleanup scan of your wp-content directory, detects backdoors, cleans injected site scripts, fixes redirect hacks, and triggers malware auto-purge — all from your WordPress admin dashboard with no external service, no subscription, and no data ever leaving your server. Whether you're dealing with a live attack, a hidden backdoor, or a redirect hack silently sending visitors to malicious sites, Deep Malware Cleaner gives you the tools to scan, alert, and act — fast. Core Capabilities Deep Cleanup Scan Walks your entire wp-content directory, inspecting every PHP file for known malware signatures, obfuscated code, and injected payloads. Results are sorted by severity so the worst threats surface first. Backdoor Fixer Detects PHP backdoors uploaded through vulnerable plugins or themes — including webshells, remote-execution scripts, and hidden PHP files inside the uploads folder where no PHP should ever exist. Site Script Cleaner Identifies injected JavaScript and malicious <script> tags, hidden iframes, and obfuscated code blocks embedded in your theme or plugin files. Redirect Hack Fix Flags the PHP patterns most commonly responsible for redirect hacks — including header() injection, variable-based shell execution, and compressed payload backdoors used to silently redirect visitors to attack sites. Malware Auto-Purge Remove confirmed threats directly from the scan results screen without touching FTP or cPanel. Quarantine or delete flagged files in one click. Login Protection Hardens your WordPress login against brute-force attacks and unauthorized access attempts — an essential layer of website protection alongside active scanning. Instant Alerts Get notified the moment a scan finds a threat. Real-time alerts keep you informed so you can respond before an attack escalates. What the Scanner Detects

eval(base64_decode(...)) — the most widespread PHP malware obfuscation and attack vector.
eval(gzinflate(...)) / eval(gzuncompress(...)) — compressed-payload backdoors.
eval(str_rot13(...)) — rotation-cipher obfuscated malware.
Shell execution with dynamic arguments — shell_exec, passthru, proc_open, popen, and system called with a variable, a classic attack pattern for remote code execution.
Hidden iframes — <iframe> elements injected with display:none used to load malicious content invisibly.
Long base64 strings — unusually large base64 blobs embedded in PHP, a common technique for hiding large attack payloads.
PHP files inside the uploads directory — any .php file in wp-content/uploads/ is flagged High severity; legitimate uploads are never PHP files.

Key Features

Lightweight deep malware scanner — scans up to 500 files per run in under 25 seconds, safe on shared hosting.
On-demand scan — runs only when you click Start Scan, never in the background.
Deep Cleaner dashboard — at-a-glance stats: threats found, files scanned, time since last scan.
Website Security & Website Protection — comprehensive coverage against the most common WordPress attack types.
Troubleshoot mode — detailed per-file reporting to help you understand exactly what was found and why it was flagged.
Secure login hardening included.
All scan history stored in your own database — nothing leaves your server.
No account, no API key, no external requests.
Translatable — full .pot file included.

Who Is This For?

Site owners who received a "this site may be hacked" alert from Google.
Developers who need to troubleshoot a suspected redirect hack or injected script.
Agencies that manage multiple WordPress sites and need a fast, lightweight scanner with no SaaS dependency.
Anyone who wants ongoing website security and website protection without a monthly fee.

Privacy This plugin makes zero external HTTP requests. No data is sent to any third-party server. Scan results are stored only in your own WordPress database and are removed when you uninstall the plugin (if that option is enabled in Settings).

安装:

Automatic Installation

In your WordPress admin, go to Plugins → Add New.
Search for Deep Malware Cleaner.
Click Install Now, then Activate.

Manual Installation

Download the plugin zip file.
In your WordPress admin, go to Plugins → Add New → Upload Plugin.
Choose the zip file and click Install Now, then Activate.

After Activation

Go to Malware Cleaner → Settings to configure login protection, alerts, and data-management options.
Go to Malware Cleaner → Run Scan and click Start Scan to run your first deep cleanup scan.

屏幕截图:

升级注意事项:

1.0.1 Adds malware auto-purge, login protection, and real-time alerts. No database migration required — simply update and activate. 1.0.0 Initial release — no upgrade steps required.

常见问题:

Will this plugin slow down my site for visitors?

No. The scanner runs only when you click Start Scan in the admin. It does not hook into page loads or run any background cron jobs. Visitor-facing performance is completely unaffected.

Which files does the deep cleanup scan inspect?

The scanner reads PHP files with extensions .php, .php3, .php4, .php5, .php7, .phtml, and .phar inside your wp-content directory. It skips files larger than 512 KB and enforces a 25-second time budget and a 500-file cap per run to protect shared-hosting environments.

What does "PHP file in uploads" mean?

Legitimate image, video, and document uploads are never .php files. If the scanner finds any PHP file inside wp-content/uploads/, it is almost certainly a backdoor uploaded through a vulnerable plugin or theme — a High severity threat that should be removed immediately.

Can it fix or delete infected files?

Yes — the malware auto-purge feature lets you delete or quarantine flagged files directly from the scan results screen. Always review the file path and threat type before purging.

Is any data sent outside my site?

No. The plugin makes zero external HTTP requests. All scan results and alert history live only in your WordPress database.

How does login protection work?

Login protection limits repeated failed login attempts and helps prevent brute-force attacks against your wp-login.php endpoint — a key layer of website security that works alongside the malware scanner.

How do I troubleshoot a scan that flagged an unexpected file?

Go to Malware Cleaner → Scan Results and click the file path to view the matched pattern. The troubleshoot view shows the exact line and rule that triggered the alert, so you can decide whether it is a false positive or a real threat.

How do I remove all plugin data when I uninstall?

Go to Malware Cleaner → Settings, enable Remove all data on uninstall, then deactivate and delete the plugin. All database tables, scan history, and plugin options will be removed automatically.

The scan finished but I expected more files to be checked. Why?

The scanner caps each run at 500 files and 25 seconds to be safe on resource-constrained servers. If your wp-content directory is very large, only the first 500 PHP files encountered will be inspected per run. Future versions will support paginated / batch scanning.

更新日志:

1.0.1

Added malware auto-purge (delete / quarantine flagged files from the results screen).
Added login protection module.
Added real-time threat alerts.
Improved site script cleaner detection for injected JavaScript and hidden iframes.
Enhanced redirect hack fix detection patterns.

1.0.0

Initial release.
On-demand deep cleanup scan covering eight malware pattern types.
Backdoor fixer, site script cleaner, and redirect hack fix detection.
Admin dashboard with scan statistics.
Settings page with data-management option.