malCure Malware Removal & Firewall


No. 1 Plugin for cleaning up hacked websites. Scans your WordPress files for malware, infections, security-threats, viruses, trojans, backdoors, malicious redirects, dolohen, code injections and other vulnerabilities. It’s the most precise malware scanner yet light-weight, simple and easy-to-use.

No false positives. Now remove malware with confidence.

Do you know? malCure is trusted by web-security agencies to eliminate even the most challenging infections from WordPress.

  • Extremely powerful but lightweight, simple & works out of the box. No third-party service required.
  • Checksum / integrity check of the WordPress core files, plugins.
  • File & database scan for viruses and infections using regularly updated malware signatures.
  • WP CLI support for scanning via commandline.
  • Got security warning from Google Search Console? Google Webmaster Tools? malcure integrates with Google™ Search Console to fetch security warnings or notices to warn you in time.
  • Ultra-high-precision results + Auto-sync with WordPress Checksum API.

If your site is infected, here’s the steps to take.

Malware issues are time-sensitive and the fastest way to get support from us is to leave a message on our website.

malCure Malware Removal & Firewall is sophisticated and extremely powerful yet does not require any third-party integration, does not send your files / data to external services etc. to work. It’s simple and does the job.

Features You’ll Love:

  • Ultra-high-precision results.
  • Auto-sync with WordPress Checksum API.
  • Verifies WordPress files integrity using checksums from WordPress Checksum API.
  • No need for third-party scanning.
  • Links to external tools for additional site diagnostics.
  • Checks for viruses and infections using malware definitions.
  • Hourly update of malware signatures.
  • Connects to definition update server to fetch latest definitions.

Extremely Lightweight

Works out of the box

Simple to configure

No third-party service required

No Malware – No Google Penalties. Give your SEO a solid boost.

NOTICE: This plugin make call to our malware definition api to check for latest malware signatures (pretty much like what WordPress does when checking your plugins and themes for new versions. Staying up-to-date is a security best-practice. malCure Malware Removal & Firewall will inform you when there are new definition updates available. If you’re allergic to “phone home” scripts then don’t use this plugin (or WordPress at all for that matter).

malCure Advanced Edition

  • Full integration with WP CLI.
  • One-click setup.
  • Use custom definitions and patterns to scan for new virus strains.
  • Get detailed debug info.
  • Absolutely blazing-fast performance on CLI.
  • Scan humongous sites without pain.
  • Skip / Scan specific files and directories to save time.
  • Auto-Update definitions from CLI.
  • Schedule periodically recurring automatic scans with system cron.
  • Combine with CLI piping for an unmatched power-combination.

Get malCure Advanced Edition →


  • screenshot-1.png
  • screenshot-2.png
  • screenshot-3.png
  • screenshot-4.png
  • screenshot-5.png
  • screenshot-6.png
  • screenshot-7.png


Upload the plugin to your blog. Activate it. You may configure Firewall settings (optional). Create a support thread in case of any issues.


1. My website is detected by malCure as malicious. What next?

Option 1: Please follow the steps here to analyse and remove malware yourself.

Option 2: You can file a service request with us. Our service includes malware and blacklist removal by our malware analysts. Please click here to file a support request.

2. Some files are detected by malCure as „suspicious“. What gives?

malCure’s SmartScan checks each file for malware. However some files aren’t pure malware but may contain code that is suspicious and could do nasty things. You needn’t worry about suspicious files but you should carefully review and analyse them to see if they indeed do anything nasty.

3. I can’t get malCure to work. It hangs / doesn’t complete the scan / breaks for some reason.

malCure (or for that matter other plugins) may break on malware affected / broken websites. malCure Advanced Edition integrates with WP CLI and allows you to complete the scan from WP CLI. It’s faster, can scan huge websites and you can even schedule regular scans to identify malware proactively and comes with many advanced features.

4. My site is infected however malCure doesn’t detect the infection.

Malware keeps evolving. If you come across malware that malCure is not able to identify, you may please report it here.

5. How do I use malCure Advanced Edition?

Click here to visit the malCure Advanced Edition guide.

6. Should I buy malCure Advanced Edition?

malCure Advanced Edition will not auto-magically solve all issues. It’s not meant for:

  • Automatic malware cleanup.
  • End-user or website owners.
  • One-time use.
  • Protection.

malCure Advanced Edition is meant for:

  1. Web-Security professionals & agencies.
  2. Web-Security analysts, educationists & students.
  3. Professionals who need advanced power and control.
  4. Routine security servicing.
  5. Automation.
  6. WP CLI integration.
  7. Fixing broken installs when website access is revoked.

malCure Free Edition detects the same number of malware / threats as the paid version. You pay for convenience & control, not the end-result.

If you are not familiar with the above, you’ll not be able to utilize the potential of the Advanced Edition. Click here to read more about it.

7. Where can I get help?
  1. Click Here For Plugin Support.
  2. Click Here For Malware / Infection Support.


28. Oktober 2019
Really nice to have this awesome plugin and support in critical moments.
15. Juli 2019
Great to see the effort for clean code and a great plugin for detecting troublesome bugs from WordPress websites. Great Malware Detection and Protection. The signatures are updated quickly. The scanning database covers options that may contain issues and not just posts/pages like some others. Out of the box this is a very easy program to get used to using. Picks up on a lot that the others did not.
15. April 2019
Excellent plugin, fool proof scan. I've had issues with others when the scan breaks midway, but not this. I can even inspect the rogue files it flags.
Lies alle 4 Rezensionen

Mitwirkende & Entwickler

„malCure Malware Removal & Firewall“ ist Open-Source-Software. Folgende Menschen haben an diesem Plugin mitgewirkt:




  • Added infection details.
  • Optimized performance.


  • UX Revamp from the ground up.


  • Bugfix: File scan results wouldn’t show up sometimes.


  • Fixed: Scroll to results wouldn’t work when infnection is detected.
  • Updated default no. of files per batch for faster scans.


  • Bugfix: Definition update won’t trigger sometimes.
  • Bugfix: Result actionable wouldn’t trigger sometimes.
  • Bugfix: Plugin throws php warnings due to typo in function definition.


  • Updated firewall settings
  • Ability to reset plugin data.
  • Compatibility with WordPress 5.3