Detect Website Malware

Continuous malware and security scanning.

Find Out If You Have Been Hacked

The threat of infection or a security incident is constant. If you don't know what is happening, how can you appropriately respond?

The idea of a website or environment that is immune from security issues is false. The ability to detect when incidents occur is fundamental to the establishment of a good security posture for your website. The Sucuri AntiVirus product provides continuous monitoring of your website. Providing immediate alerts in the event of a security incident.

Get Continuous Malware Scanning

Know When You've Been Hacked

The Sucuri scanning and detection technology is highly sophisticated and effective, taking advantage of remote and server level scanning technologies. This approach allows Sucuri to provide a holistic and practical view of the state of events with each website. It identifies various forms of website malware, non-malware and other malformations such as code anomalies and errors.

Your ability to quickly identify security incidents and act accordingly is the goal of the technology we have built. This detection engine is coupled with our alerting system that quickly notifies you in the event of an incident. The alerting mechanism delivers notifications via Twitter, Jabber chat, Email and SMS.

Our research lab works rigorously to update and maintain the scanning technology, making it the most effective and widely used on the market. It leverages both a signature and heuristic approach to detecting security events like malware. It continues to expand to include various forms of detection. We take great pride in our deep understanding of website security and our technology continues to improve as website security threats evolve.

Here is a quick snapshot of the various security events our scanning and detection technology is able to offer your website, along with some of the features that make it special and unique:

  • Any Hosting Provider Platform Agnostic (Any CMS / Any Language) Conditional Redirects
  • All Backdoors (PHP, ASP, Webshells, etc.) Phishing Attempts SQL Injections / Infected Database
  • Blackhat SPAM Injections Search Engine Blacklisting (Google, Bing, Yahoo, etc) Desktop AntiVirus Blacklisting (i.e., AVG, Norton, McAfee)
  • Malicious Redirects Obfuscated JavaScipt Injections Website Defacements
  • Website Errors and Disabled Sites Database Connection Errors Embedded Malicious iFrames
  • Hidden & Malicious iFrames PHP Mailers Dirty SERPs
  • Mobile Website Infections Code Anomalies As well as other attacks

Website Security Monitoring and Alerting

New vulnerabilities are discovered daily and hacker communities are growing across the web. Exploitable websites are easy to find, and every website is a target. Whether you have been hacked once or plagued with reinfections, we are here to help you respond quickly when you need it most. While we perform the clean up, you can see all of the security monitoring and alerting benefits that are available to you.

Frequent Remote Scans

The key to good scanning is configuring it to operate continuously. This is exactly what we've built for you. Upon logging into your dashboard you are able to add a website quickly to your configuration and set the scanning frequency. The scanner will proceed to crawl your website within minutes of addition. It will navigate the various links on your page and dive deeper as it follows your sitemap. Within your dashboard you'll be able to quickly see and identify the various links scanned. If an issue is identified, you'll be presented with a breakdown of the various issues so that you can take immediate action. Additionally, if anything suspicious is found, we will alert you so that appropriate action can be taken.

Heuristic Server Level Scans

Remote scans are but one piece of a very big puzzle. Because of the nature of remote scans, there are certain things that can never be seen. This is specific to things like Backdoors, Phishing lures, Email scripts, DDoS Scripts, and other similar infections. These types of infections avoid any external impacts to your website visitors. Instead, they focus on abusing your web server resources. Because of this, it's important that you always configure server level scans.

Using FTP/sFTP/SSH credentials, you can activate our server side scanner within your Sucuri dashboard. We are happy to set it up for you as well. This scanner allows us to access the back end of your website. It thoroughly scans your server files and database to identify infections, potentially harmful signatures, code anomalies, and suspicious behavior. Again, similar to the remote scan, if anything seems off, you receive an instant security alert so you can take action.

Blacklist Monitoring

Being one of the first and most effective security scanners on the market allows us the luxury of establishing some great relationships. Through our relationships we keep tabs on various blacklisting authorities that monitor for malware, SPAM, Phishing lures and various other malware and non-malware related security events. This option is on by default for new accounts.

Our monitoring makes use of various API endpoints, allowing us to keep close tabs on your brand reputation online. It checks for the warning signs of potential blacklisting. Blacklisting can be devastating to a website, from splash pages blocking visitors to warning notes next to search results. Sucuri can get you off the blacklist quickly. You will be alerted immediately when your site is blacklisted by: Google, Norton, AVG, Phish Tank, McAfee SiteAdvisor, SpamHaus, Bidefender, Yandex, Opera, or ESET.

WHOIS Monitoring

If your WHOIS records change, we are able to notify you. WHOIS is an internet directory providing information about domain ownership. The records are regulated and monitored by the Internet Corporation for Assigned Names and Numbers (ICANN) which is responsible for registration of all domains. This record contains information about the Registrant (the person who owns the domain), the Registrar (the entity that registered the domain), the dates, name-servers, and other important information related to your domain. Many website owners fail to pay much attention to their WHOIS information, but closely monitoring this information can often give you insights into malicious activity.

DNS Change Notifications

The Domain Name System (DNS) is a naming system used by all computers to identify websites. The DNS settings turn a domain name like, into an IP address, like 123.45.567.891. The address we type in the browser is translated by DNS into the IP which is what the computers use to communicate. This monitoring option will monitor the IP address and associated DNS information of your domain for any changes. Similar to the WHOIS monitoring, monitoring your DNS settings can be key to quickly identifying when something is wrong. Attackers have been known to redirect legitimate traffic to malicious websites by targeting a website owners' DNS.

SSL Change Notifications

If your website uses a Secure Socket Layer (SSL) certificate, we can let you know if it changes unexpectedly. E-commerce websites often use SSL to transmit over HTTP securely. The SSL certificate is returned to website visitors and often contains your site information and, in some instances, company information. If using an SSL certificate, this option allows you to ensure it doesn't change unexpectedly, which could be very bad for business.

Website Integrity Monitoring

This is hardcore auditing, not enabled by default. This monitoring option creates a snapshot of your website and notifies you any time a change has been made. This option is for those of us who like total control over the integrity of a website (we tip our hats to you). Confirm all changes, including: new posts, new pages, content changes, social media engagement, and threaded discussions. This option is best used with static pages as it can generate a high volume of email notifications.

Alerting Options

By default, you will receive an email if our monitoring service finds anything that you need to know about. You can specify additional email addresses, add a mobile phone number to receive SMS alerts, and receive direct messages on Twitter. We integrate with Google Hangouts, Jabber, and other instant messenger clients. You can even get a notification in your RSS feed.

Website Antivirus Features and Benefits

  • 24/7/365 support from our global team of technicians Daily server-side and remote website scans
  • Unlimited cleanups in case of reinfection Expertise from restoring over 1 million businesses
  • No limit on size and scope of website malware cleanup Predictable pricing; pricing based on number of sites
  • Full report of cleaned files and a quarantined backup Fast response and turnaround time

See What Happens When Your Site is Being Attacked

Being hacked can be embarrassing and devastating, especially if visitors feel unsafe knowing that your website was hacked. You want technology you can trust that will detect the backdoor, and allow you to remove it before the attacker has a chance to do more serious damage. Our global team of security professionals are able to respond quickly, when you need us most. If you need protection, the Complete Security bundle includes the Sucuri Website Firewall, which prevents all kinds of front-end attacks, such as Denial of Service (DoS).

Integrity and Value You Can Count On

At Sucuri, we believe that investing time and effort in research is the only way to build a strong website security company. Our heuristic scanners and skilled technicians constantly flag new and emerging threats for investigation. These samples are analyzed by our elite team of security researches who tirelessly identify and counteract new threats. We are committed to raising awareness about website security issues. It's why we publish new research and blog posts, and why we contribute free technology and advice to various website communities. You will not find another website security company that shares more relevant information about what is happening in the website security domain than Sucuri.

Sucuri SiteCheck - Malware / Security Scanner

We are so committed to making the web a safer place that we offer a free scan with Sucuri SiteCheck. This remote scanner will check the website source code for known malware, blacklisting status, website errors, and out-of-date software. We do our best to provide the best results possible here, but this scanning specifically leverages the remote scanning feature and so it lacks comprehensive scans. Something we achieve through the bundling of server and remote scans.

Sucuri WordPress Security Plugin - Free WordPress Plugin

WordPress Security is a big issue these days, rightfully so with it's global dominance. Because of it's broad use and adoption, we've built a free WordPress Security plugin designed to give you the ideal security configuration and features.

This plugin is also free to install, and offers WordPress users a security toolset to perform integrity checks, audit their installation, detect malware, and harden WordPress. This plugin is meant to complement your existing active security posture, and offers a glimpse at the kind of power we put into our AntiVirus monitoring and detection features.

Sucuri Chrome Extension

Websites make up the number one distribution mechanism for malware today. To help combat this, we've built a simple Chrome Website Scanning extension that helps ensure that the websites you visit do not harm you. Your website's security extends beyond your website, and extends into your daily online habits. Knowing what websites you are visiting, specifically if they are infected or not, goes a long way to ensure the integrity and security of your own website.

Detect Hacks and Website Infections!

Website AntiVirus