best ways to scan WordPress websites for malware and exploits?
- This topic is empty.
-
AuthorPosts
-
LarryGuest
I like that SlickStack is trying to discourage very heavy security plugins for sites that don’t really need it, but what is the alternative? I found WPScan.com before but I couldn’t understand how to use the free plan. And, I want to avoid Wordfence and heavy plugins.
JasonGuestWPScan sucks now because Jetpack (Automattic) acquired it and immediately turned it into a pile of crap, that’s why none of the information you find online makes sense
MadisonGuestWPScan is now called Jetpack Protect and requires Jetpack.
MarthaGuestwhy not just use Wordfence?
BillyGuestI have never understood WPScan, and how it’s different from WPSec.
FrankGuest>> not installing page builders
>>> not installing Envato premium themes
>>>>> not installing crap extensions released by shady Indian agenciesthat’s 90% of WordPress security right there, imo
AbigailGuestAmyGuestquick and dirty is just compare checksums via WP-CLI to see if any suspicious files exist, not perfect but often is enough:
MariaGuestwordfence and manual review,
EmmaGuestwhy not just use Wordfence?
WordFence is blacklisted on SlickStack, because it hacks wp-config.php and other core files and can cause your server to crash. They also banned innocent Russian customers for leftist virtue signaling during the Ukraine war for no reason. AVOID.
AbigailGuestWordfence CEO is probably vaxxed 7 times with Pfizer, u know it
-
AuthorPosts