Website AntiVirus + WAF

Focus on your business

and leave the business of
security to us

Working 24 / 7 / 365

to keep your website clean and malware free

Complete Website Security for any Website!!

Professional Malware Cleanup, Continuous Detection and Enterprise Protection.

Some Platforms We Support Wordpress Joomla Drupal Magento Microsoft Dot Net OSCommerce vBulletin PhpBB
Features Website Firewall Website AntiVirus
Malware Detection No Yes
Security Monitoring No Yes
Malware Cleanup No Yes
Blacklist Removal No Yes
Stop Hackers Yes Yes
DDOS Mitigation Yes Yes
Performance Optimization Yes Yes
Find Out More LEARN MORE

Complete List of Sucuri Features

Back to Grid View


Security Analysts

Our team is not restricted by traditional boundaries, we employ the brightest security analysts around the world. Each brings a unique perspective to your case. Providing you support 24 hours a day, 7 days a week, 365 days a year.

Highly skilled and trained security professional

Leading subject matter experts in the field of website security

Contributed to the biggest malware innovations in the past 4 years

24/7/365 support - security response when you need it most




There is no worse feeling in the world than when you realize your website has infected the computer of someone you know. They've lost everything because your website infected them with malicious software. Our system provides continuous malware monitoring to help avoid these issues.

Pharmaceutical Hack

Drive by Download injections

Defacements / Phishing

Backdoor Injections




Whether we detect it, or if someone else notifies you, our team is highly trained and specializes in the most complex infections. We're not restricted by what our malware / security scanners detect. We welcome all types of infections, whether website defacements, backdoors, Phishing or any other number of attacks like Pharmaceutical injections.

Unlimited Cleanups — no additional fees

Full core files and database remediation

Professional and specialized remediation




We have a responsibility to monitor and create a safe online experience for users. Many organizations like Google and Bing have invested a lot of energy to identify and blacklist websites that are being used nefariously. We integrate a number of the top Blacklist API's allowing us to quickly see if your brand is being affected.

This site may be compromised!

This site is hacked!

Warning: Visiting this site may harm your computer!

Supporting Google, Bing, Yahoo and Desktop AntiVirus'



Dirty SEO

Also known as Search Engine Poisoning (SEP) attacks we have a keen, and effective, approach to addressing infected SEO on Search Engine Result Pages (SERPs). There is nothing more embarrassing when someone is looking for your product, but instead they see and are redirected to Viagra and Cialas pages on your website.

Google / Bing / Yahoo Search Engine Results Pages

Clean your dirty SEO rankings

Restore your brands reputation




Scanning for malware is but one piece of the puzzle, there are a variety of other security related events that you should be mindful of. Things like DNS and WHOIS modifications, modifications that you didn't perform. Other events include monitoring the versions of your applications, and web servers. All contributing components to your security posture.

Continuous malware and non-malware scanning

Website Security state monitoring (i.e., DNS, WHOIS, SSL)


Distributed Denial of Service

(DDoS) Mitigation

DoS / DDoS attacks have increased in popularity. They are easy to employ and highly effective. Often, the attacker has to do little to cause your website harm. The goal is to disrupt your business by taking your website off-line, stay ahead of these attacks.

Layer 7 HTTP FLood Attacks

DNS Amplification Attacks

SSDP Attacks



Exploitation Prevention

The biggest contributor to website hacks today come from insecure code being exploited. With enough time, as new techniques are found, attackers find ways to exploit weaknesses in code. The Website Firewall helps stop those vulnerabilities from being exploited.

SQL Injection Attacks

Cross Site Scripting (XSS)

Remote File Inclusion / Local File Inclusion




No one wants to know that their website is being used to infect online visitors. Whether it's to install a Trojan or something similar on their computer, or to steal credentials to their social platforms (i.e., Facebook, Twitter, etc..).

Stop Your Website From getting Infected

Prevent Google Blacklists

Protect your Brands Reputation


Zero Day

Response Mechanism

Zero Day's have been around since the beginning of the security industry. They signify the moment where vulnerabilities are disclosed and a patch is not available. It's the moment where you and your website are biggest risk. Our Website Firewall allows us to virtually patch your environment within minutes of a Zero Day event.

Virtual Hardening

Virtual patching

Protection in the Cloud




The biggest concern with security implementations is always the impacts to the websites performance. Rest easy that with our Firewall you experience dramatic increases in performance, not just in how your website loads for your clients, but in the load placed on your web server.

Website / Content Caching at the edge

Reduced load on infrastructure

Improved Website Performance


Platform Agnostic

Simple Configuration

The beauty of the platform is it works across all platforms, including today's most popular brands - WordPress, Joomla!, Drupal, vBulletin and many more. It supports Apache, NGINX, and Windows web servers as well. It was built with the end-user in mind, allowing for quick and easy deployments.

No product installation required

Supports all Content Management Systems (CMS) — WordPress, Joomla, etc...

Support all Web Servers — Apache, IIS, NGINX

  • Professional

    Security Analysts

  • Malware


  • Malware


  • Blacklist


  • Repair

    Dirty SEO

  • Security


  • Distributed Denial of Service

    (DDoS) Mitigation

  • Vulnerability

    Exploitation Prevention

  • Malware


  • Zero Day

    Response Mechanism

  • Performance


  • Platform Agnostic

    Simple Configuration

Complete Website Security Achieved With

Website AntiVirus Bundles



  • Do you offer refunds?

    Yes we do in the following conditions:

    1. It's within 30 days of purchase and a ticket has not been submitted.

    2. We fail to remove an infection. We do request information on what was missed.

  • How do you define a website?

    The definition of a website varies by organization, here at Sucuri it is non different and we define a website very clearly. To us, a website in most instances is a unique Fully Qualified Domain Name (FQDN).

    There are however several situations in which more clarity is required. This is especially true for those that make use of a Content Management System (CMS) like WordPress, Joomla!, Drupal and so many others. In these instances, we extend the definition of a website to include unique CMS installations.

    To clarify further, the following configuration require a unique license: directs traffic to

    In situations like the one described above, the FQDN requires unique attention, which is why it requires its own coverage. This is especially true when dealing with FQDNs that have been blacklisted.

    The following configuration does not require a license: or

    In this configuration, we will treat the blog / forum or other extension of the main website as part of the main website, as long as a FQDNS is not associated with the directory. If a FQDN is associated with the directory, again, it will require it's own license. This means if your domain configuration is or then you would require a unique license for all three, the main domain and the subdomains.

  • What do I have to do to cancel?

    For your security, all cancellation requests must be initiated via the ticketing system. You open a general support request. Once that request has been assigned, the team will ask you to fill out a survey. Once the survey is complete, we'll initiate the refund.

  • How do you handle WordPress Multisite installs?

    We understand and appreciate the complexities of Multisite instances. For the Website AntiVirus, you must sign up for a plan that covers all your domains. Yes, we understand they share the same core, but they don't always share the same theme. Depending on your configuration, you could have multiple unique domains pointing to one install. Those distinct domains could be affected or blacklisted, and without directed knowledge of the domains we'd be none the wiser. To address this, a license is required for every domain to ensure we go through each one individually. Due to the nature of Multisite configurations, you cannot effectively sign up to cover just one domain without touching all of the others.

  • Will you clean all the websites at the root of my user account?

    You should upgrade your account to cover all websites in your account.

    Technically we have no choice but to scan. Our automated systems might remove a few backdoors, others that require manual reviews will not be removed until the appropriate plan is put in place. If other domains on the account are blacklisted, we also will not assist in getting them off blacklists.

  • Can I change coverage between sites?

    You can only change coverage between websites if they have not been submitted for a remediation. Once a ticket is submitted for a domain, that domain is attached to your account until the year is finished.

  • Can I upgrade ?

    Yes, we offer various upgrade options once you'r signed up. If you do not find the upgrade you're looking for, please submit a General Request and our administrative team will give you a hand.

  • Do you offer volume pricing?

    Yes, we definitely do but you'll need to engage our team via email at

  • Do you offer any partnerships with hosts or development shops?

    It depends on the circumstances, it's best to engage us directly via email at

  • Is this a subscription service?

    Yes, all plans are subscriptions, if you wish to stop the subscription you will need to submit a general request form via your dashboard. Requests to stop subscriptions will not be accepted over the phone, chat or email.

  • Can I cover my subdomains and test sites?

    A license is required for every subdomain ( and unique website structure. We do clean subdirectories ( found at the root of the site unless they redirect to a subdomain. We do not clean other databases outside of the main one for the domain and do not take care of blacklist issues associated with subdomains that are not directly associated with the main domain being cleaned.

  • Are there any additional taxes or fees?

    There are no extra fees, no additional taxes, and no hidden costs. The price you see is the price that you pay. All of our prices are listed in USD, and the conversion will be automatically handled by our third-party transaction processors.

The Cleanup Process

  • Can you explain your unlimited cleanup policy?

    Our unlimited cleanup policy is simple, we'll provide you an incident response team over the 12 month subscription that allows you to engage our team in the event of security incidents.

    There are stipulations however. One very common situation is a reinfection, this is an event in which your website gets infected repeatedly.

    In the instance of reinfections, our team will notify you of the problem and make recommendations to improve your security posture. If you, as the website owner, do not take proactive measures to address these attack vectors, we as an organization will throttle your cleanups. This means, that while we will help you get clean, our response times will slow. Additionally, if it continues, in excess of 5 times, we reserver the right to refuse service until appropriate actions are taken on your end.

    This does not constitute a case for a refund or cancellation.

  • Do you offer one-time cleanups?

    No, we do not offer one-time cleanups at this time.

  • Will you clean my website if my website is already infected?

    Yes, the Website AntiVirus product will clean your website if you are currently infected.

  • What do you need to clean my website?

    In order to begin the cleanup process, we need access to your server and it's associated files.

    We get this access in the form of FTP, sFTP, or SSH access to your server. FTP stands for File transfer Protocol, SFTP for Secure File Transfer Protocol, and SSH for Secure Shell. These are connection protocol mechanisms that allow us to log into servers to edit/add/remove files.

    These connection protocols allow us to log into your websites, specifically the server, and perform the remediation process. If you for some reason are unfamiliar with these protocols, don't worry, our team of analysts are prepared to assist you in the process. To do so, you'll need to be willing to share access information to your hosting account.

  • How do I start the cleanup process?

    The first thing you want to do after signing up is add your website to the monitoring dashboard.

    Then you will submit a Malware Removal Request, here is a Direct Link to the form, note however that you will need to be logged in to see. A more complete digest of the process can be found in our knowledge base.

    Once the ticket is received it will be assigned and all further communication will occur via the ticketing system.

  • Are clean ups automatic?

    The cleanup process is a combination of automation and manual. We've developed unique technology that allows us to greatly expedite the process, but at the same time we believe that effective remediation is only accomplished with human interaction.

  • Do you backup the site before cleaning?

    The way we work, we backup every file we touch. We do not backup the entire site. We do however offer a backup service you can leverage if you're interested in a backup solution.

  • Will the cleanup break my website?

    We do our best to avoid websites from breaking, but we'd be lying if we said it doesn't happen. Sometimes it's because of the cleanup, but often it's because of how the malware has been embedded within the core of the website.

    In these instances it's best to engage directly with our support staff via the ticketing system. We employ highly skilled professionals ready to help when things go wrong. This includes when websites break because of the remediation.

Website Protection

  • Does the AntiVirus product protect my website?

    Yes, the AntiVirus plans include protection via the Website Firewall product.

  • What is the Website Firewall

    The Website Firewall is an Intrusion Detection and Prevention System (ID/PS) designed specifically for websites. It sites as a intermediary filter between your website visitor and the web server housing the website. It scans all incoming requests and filters all malicious activity to ensure that attackers do not try to abuse your website or it's resources.

  • How does the protection work?

    The protection is provided via a custom Website Firewall solution that functions as a perimeter defense for your website. It directs all incoming traffic to your website through our network, allowing us to filter out all malicious traffic.

  • Do I have to install anything to activate the protection?

    No, the process is seamless and our team is ready to assist. To enable you'll require a slight DNS A record change; more advanced users can also opt to do a name server change and allow us to manage the websites DNS as well.

  • Can I expect any down time?

    The migration is seamless and you should not experience any down time.

  • Will this protection stop hackers from exploiting vulnerabilities?


Customer Support

  • Can I talk directly to the Support team?

    All support is handled via our ticketing system. We do not currently offer chat or phone support to clients.

  • Do you work every day?

    Yes, we provide support year round, 7 days a week, 24 hours a day.

  • Do you offer a Service Level Agreement?

    Yes, the AntiVirus plans offer different SLA's depending on your plan. They range from 24 hour response to 4 hour response periods.

  • How long does the cleanup process take?

    The response time is determined by your plans Service Level Agreement.

  • Does your SLA include resolution time?

    In most instances it does, but it's not a guarantee. Resolutions can be subjective depending on the state of the cleanup, meaning it can take more or less time. We do our best to keep it within the time frame, but the SLA talks specifically to our inquiry response time. There are too many variables to guarantee the resolution will be included in the SLA time frames.

Contact Us For Any Answer

Get in touch with us and we will help you right away!

Contact Us
Sucuri KnowledgeBase

Learn everything about our products and how they work

Learn More