Sicherheitscheck für öffentliches WLAN
Beantworte 8 Fragen zu deinem Verhalten in öffentlichen WLANs und erhalte einen persönlichen Sicherheits-Score von 0 bis 100.
WordPress Malware Scanner
Complete WordPress security and malware detection
Die Ergebnisse dienen nur zur Information. Die Berechnung basiert auf deinen Eingaben und öffentlich verfügbaren Regeln; die offizielle Buchhaltung kann abweichen. Für maximale Genauigkeit sollte das Endergebnis bei Bedarf mit einer zuständigen offiziellen Stelle oder Fachperson bestätigt werden.
Wie funktioniert das?
How the Scanner Works
Our WordPress malware scanner performs a comprehensive security audit of your site by:
- Scanning Web Pages - Analyzes HTML, CSS, and JavaScript for malware patterns and obfuscated code
- Detecting Suspicious Code - Identifies eval(), base64 encoding, hex strings, and other obfuscation techniques
- Checking for Sensitive Files - Looks for exposed wp-config.php, .env, debug.log, and other sensitive files
- Analyzing Security Headers - Checks for CSP, HSTS, X-Frame-Options and other security headers
- REST API Scanning - Detects user enumeration and exposed API endpoints
- Threat Intelligence - Cross-references your domain against VirusTotal and Google Safe Browsing databases
Important: Only scan websites you own or have explicit permission to scan. Unauthorized scanning may be illegal in your jurisdiction.
Häufige Fragen
Is this scan safe for my site?
Yes, the scanner only performs read-only checks. It does not make any changes to your site. It scans public pages and checks for known security issues without modifying any files.
How long does a scan take?
Most scans complete within 1-5 minutes depending on site size and server response time. The scanner checks up to 30 pages by default.
What does the security score mean?
The security score ranges from 0-100, with 100 being the most secure. It's calculated based on the number and severity of security issues found. Scores above 80 are considered secure, 60-80 requires attention, and below 60 indicates critical issues.
Can I scan any website?
You can only scan websites you own or have explicit written permission to scan. Unauthorized scanning is illegal in most jurisdictions and violates computer security laws.
What if the scan finds vulnerabilities?
Each finding includes a detailed description and recommendation for fixing the issue. Common fixes include updating WordPress core, plugins, and themes; removing suspicious files; and implementing security headers.
What if malware or a virus is found on my site?
Each finding includes a plain-English description of the threat, its location, and a step-by-step recommendation for fixing it. Common remediation steps include removing malicious files, updating WordPress core or plugins, blocking sensitive file access in .htaccess, and restoring from a clean backup.
Why is my site flagged even though I just updated everything?
Updates fix known software vulnerabilities but don't address configuration issues. Many findings — like missing security headers, exposed wp-config.php, open user registration, or directory listing — are configuration problems unrelated to plugin versions. Review each finding individually for targeted fixes.
Can I scan any WordPress website?
You may only scan websites you own or have explicit written authorisation to test. Scanning third-party websites without permission may be illegal under computer crime laws in your jurisdiction.
How often should I scan my WordPress site for malware?
We recommend scanning at least once a month, and after every major update (WordPress core, plugins, or themes). Sites running e-commerce, accepting payments, or handling user data should scan more frequently — weekly if possible.
What is the difference between Critical, High, Medium, and Low severity?
Critical findings (e.g. malware injection, exposed wp-config.php) require immediate action — they indicate active compromise or direct data breach risk. High findings are serious vulnerabilities that attackers can exploit. Medium findings are configuration weaknesses that increase attack surface. Low findings are best-practice improvements with minimal immediate risk.