/antivirus

Useful plugin that will scan your theme templates for malicious injections. Automatically. Every day. For more blog security.

Primary LanguagePHPGNU General Public License v2.0GPL-2.0

AntiVirus

Security plugin to protect your blog or website against exploits and spam injections.

Description

AntiVirus is an easy-to-use, safe tool to harden your WordPress site against exploits, malware and spam injections. You can configure AntiVirus to perform an automated daily scan of your theme files. If the plugin detects any suspicious code injections, it will send out a notification to a previously configured e-mail address.

In case your WordPress site has been hacked, AntiVirus will help you to become aware of the problem very quickly in order for you to take immediate action.

Features

  • Scan for suspicious code in the theme files (daily scan with email notifications and manual scan) with an option to mark detected cases as false positive
  • Checksum verification for WordPress Core files
  • Optional: Google Safe Browsing for malware and phishing monitoring.

A complete documentation is available on the AntiVirus website.

Support

Contribute

  • Active development of this plugin is handled on GitHub.
  • Pull requests for documented bugs are highly appreciated.
  • If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the support forums first.
  • If you want to help us translate this plugin you can do so on WordPress Translate.

Credits

Changelog

1.4.3

  • Point Safe Browsing link on settings page to site-specific URL (#106)
  • Increase the size of the Safe Browsing API input to show the entire key (#109)
  • Show warning if Safe Browsing check is enabled without custom API key (#105)

1.4.2

  • Drop recursive check on option that failed in several scenarios (#96, #97)
  • Drop check for base64 encoded strings which did not work properly in al cases (#100)
  • Use WP 5.7 color palette for the UI (#99)

1.4.1

  • Fix some spelling mistakes and correct translations (#85)
  • Fix file name sanitization in manual theme scan causing errors to be not shown in the admin area (#88, #89)
  • Fix theme file collection for child themes with duplicate names (#86)
  • Consider all levels in theme file check instead of one only (#87, #90)
  • Support translations in old WordPress versions (#91)

1.4.0

  • Option to provide a custom key for the Google Safe Browsing API (#69)
  • Scan files of parent theme if a child theme is active (#1, #62)
  • Verify checksums of WP core files (integrated functionality from Checksum Verifier plugin (#5, #56)
  • Allow to enable Safe Browsing and Checksum Verifier as cronjob without theme scan (#66)
  • Update code style check and add build script (#68)

1.3.10

  • Updated PayPal link for donations
  • Improve coding standards
  • Translation fixes, improvements and cleanups
  • Better documentation
  • Some minor markup, styling, accessibility and security improvements
  • Update to Safe Browsing API v4 (fixing false positive email notifications)
  • PHP 7.x compatibility fixes
  • Better regex to prevent false positives in file scans

1.3.9

  • generated a POT file
  • added German formal translation
  • updated, translated + formatted README.md
  • updated expired link URLs in plugin and languages files
  • updated plugin authors

For the complete changelog, check out our GitHub repository.

Upgrade Notice

1.4.3

Please note that we will discontinue providing a built-in API key for the Google Safe Browsing feature. If you have enabled this check, please provide your own API key before the next update.

1.4.2

This is a bugfix release removing two checks of the theme scan causing false positives.

Screenshots

  1. WordPress AntiVirus settings
  2. Theme scan results