Malware Monitoring, Removal and Prevention

Malware Removal

We love destroying malware, and we’ve been at it for a while!

Our removal process uses our proprietary remediation engine, which we’ve been researching since 2004. Its history can be traced to early open source projects we released before incorporating as Sucuri in 2010. You can find information on the early incarnation of the engine by looking at Owl, version .1, and the Web Information Gathering System (WIGS).

If you need to have your site cleaned and malware removed and have your site unlisted from any type of web site blacklist (Google, Norton, etc), just sign up for any of our plans here:

How does cleanup work?

Website cleanup mixes both manual and automated processes. The automated elements are quite restricted, which is why every cleanup is handled by a malware analyst whose responsibility it is to look through the results, identify anomalies and clean manually as required. We include an analyst with every cleanup with no extra charge because we want to insure the process runs as smoothly as possible the first time.

Yes – cleanup is included in every plan!

What do you clean?

As malware evolves, so will our service. Under the current cleanups we include remediation for the following:

  • Obfuscated JavaScipt Injections
  • Hidden & Malicious iFrames
  • Embedded Trojans
  • Phishing Attempts
  • Cross Site Scripting (XSS)
  • Malicious Redirects
  • Backdoors (e.g., C99, R57, Webshells)
  • Stupid, Pointless, Annoying Messages (SPAM)
  • Defacement
  • Anomalies
  • SQL Injection
  • IP Cloaking
  • Social Engineering Attempts
  • Drive-by-Downloads

How do you clean?

In most instances our cleanups are conducted remotely, preferably using SFTP, but also HTTP and FTP. Because of the challenges with HTTP, specifically time-outs and other connection issues, we may request secure shell (SSH) access.

Once we have access to your server we load tools that allow us to authenticate with the mothership. This connection allows us to traverse your server files and databases.

How am I notified?

The internal ticket system uses the same notification options set in the alerting section. When a ticket is updated you are notified via email, you must log in to the system and update the ticket.

It’s not automated?

The clean up process needs to be initiated and requested via the “Malware Removal Request” form on our system. Here is why:

  • We require access to your server in order to perform the remediation process.
  • We do not offer services as a ‘Password Manager’ so we do not create or reset existing passwords.
  • After every cleanup the first change we ask you to make is to update every password you have (i.,e., administrator page, database, FTP, SFTP, SSH, etc.. )
  • We prefer to have a trained malware analyst working with each client.


    • Sucuri helps me sleep at night knowing that our websites and user data is secure. Over the years, Sucuri has helped us detect and prevent major hack attempts. I recommend Sucuri to all of my clients and users because they offer the most comprehensive and cost effective WordPress security solution. I've done my industry research, and there's no one better than these guys.

      —Syed Balkhi, Founder, WPBeginner


    • Let's be honest: the web can be a scary place sometimes. Having done many a WordPress malware cleanup in my day, I've found Sucuri to do a better job than I ever hoped I could do. Not only are they thorough, but they're fast as heck and affordable to boot. You don't just walk into a bad situation without some protection. Sucuri *is* that protection.

      —Andrew Norcross, Founder & Lead Developer @Reaktiv Studios, WordCamp Speaker

      Reaktiv Studios

    • We partnered with Sucuri for our WordPress migration and dehacking services as their capabilities are significantly more comprehensive than anything we’ve seen in the industry.

      —Brian Clark, CEO of Coppyblogger Media


    • I like to think I know security, but there is only one company I trust when it comes to the security of my websites, that company is Sucuri. They are, in my opinion, hands-down the leader in web-malware protection and cleanup services. Trust the experts, hire these fools!

      —Brad Williams, Co-Founder WebDevStudios, Co-Author Professional WordPress Series


    • When you’re talking about protection for your WordPress site and the things most important to you — your content — you want to trust the experts. There’s really no better choice than the team at Sucuri.

      —Cory J. Miller – Founder / CEO of


    • Before Sucuri we didn’t know that someone was hacked until they told us. (Or actually, when Google blocked their site!) Now we find and fix problems before they even know what’s happening. It’s a Godsend, it’s as simple as possible, and it’s so affordable that quite frankly it’s irresponsible to not use them!

      —Jason Cohen, CEO of WP Engine

      WP Engine

    • As the owner of, a shared web hosting company, we are always fighting malware and spam. Recently we partnered with Sucuri and now all our accounts are monitored. I love this product! It not only protects our customers from malware, but these guys will fix a hack in 4 hours.

      —Carel Bekker, Owner/President of


    • Sucuri is my go to service for web based security and are the group that I recommend, exclusively, to my clients and readers, in particular WordPress users.  They are affordable, they work fast and they get the job done – as a bonus, they’re a fun group to work with!

      —Lisa Sabin-Wilson – Author: WordPress For Dummies; Designer, Co-Founder Allure Themes, Founder E. Webscapes

      E. Webscapes

    • Though I believe my sites are secure, it would be inexcusable for me not to use Sucuri’s service and be absolutely sure around the clock.

      —Scott Kingsley Clark, Lead Developer, Pods Framework


Scan your website FOR FREE