Online Malware Scanner for websites

If your web site is hacked and infected by malware, Google Safe Browsing can block your web site with red warning.

If this happens, you need to clean your web site. If your web site have lot of files, cleaning become hard as hacker can hide his files in any of these files. Manually verifying files is almost impossible. If you antivirus like clamav, it won’t detect all malware. Even a 1 line PHP script with exec() function can give hacker access back. For this reason, it is always better to remove all files from your server and upload files fresh. If you use CMS like wordpress, joomla, etc.. just download the software and reinstall.

You may need to use images folder from hacked site, in such case, verify these folders don’t have any malware/php files in it. As for theme, it is always better to download latest version from theme provider and do a reinstall. Theme is one place where hackers hide/install backdoors, that allow them to access site after cleanup as many just copy back old theme files.

Here are some sites, that you can use to verify your web site have any malware.

Sucuri SiteCheck

This site provides Free website security check & malware scanner for web sites. You can enter your web site url and it scan your web site and provide report of malware it found.

sucuri online malware scanner

Google Safe Browsing

This service is used by browsers like google chrome and firefox to protect visitors from sites infected with malware.

Google Safe Browsing

You can check if your web site is blocked by google safe browsing at

More Tools

Some other sites that offer online malware scanner of web sites


Tripwire is a data integrity tool for monitoring and alerting file and directory changes.

To install, run

Generate keys


This ask you to enter password.

Creating Database

You need to edit file

customise it for your system or you may get file/directory not found errors.

Checking for changes


Install ModSecurity on Debian
Disable ModSecurity for a specific URL

ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking.

To install ModSecurity on Ubuntu/Debian with Apache, run

verify Apache module is installed with

Enable config file

Update config

Restart Apache