Name has been added to your Follow page.

My Follow Page

Name has been removed from your Follow page.

My Follow Page


Quttera Web Malware Scanner

by Quttera team.

The Quttera Web Malware Scanner plugin scans your WordPress website for known and unknown malware and other suspicious activities.

3.9 Avg. Rating
20K Installs
Tested with WordPress 6.1.1

The Quttera Web Malware Scanner plugin will scan your website for malware, trojans, backdoors, worms, viruses, shells, spyware and other threats as well as JavaScript code obfuscation, exploits, malicious iframes, malicious code injection, malicious code obfuscation, auto-generated malicious content, redirects, hidden eval code and more. Also, it will check whether your website is blacklisted by Google and other blacklisting authorities. Help yourself to protect your website, your website users and your online reputation with a free Quttera Web Malware Scanner plugin.


  • One Click Scan
  • Unknown Malware Detection
  • External Links Detection
  • Blacklist Status
  • No Signatures or Patterns Updates
  • Artificial Intelligence Scan Engine
  • Cloud Technology
  • Detailed Investigation Report
  • Investigation of WordPress files
  • Detection of files infected by PHP malware
  • Detection of injected PHP shells

If you need a hand with malware removal please do not hesitate to contact us on or sign-up to any of our annual plans which include malware cleanup and blacklist removal on .


Plugin’s other home

  1. Download the plugin.
  2. Go to the WordPress Plugin menu and activate it.
  3. That’s it!

How is this plugin different from similar plugins?

This plugin uses Quttera’s unique, patented, malware scanning and detection technology. The scanning engine employs a multi-layered, heuristic approach to gather the intelligence from the analyzed system and digest it into weighted rules to flag a piece of code as malicious. A self-learning mechanism uses Quttera’s threats intelligence database crowd-sourced from a worldwide network to update the ruleset and improve detection with each subsequent run.

What is the heuristic scan?

Standard or traditional scanning relies on the signature matching mechanisms. In which the signature of the known threat or its polymorphed variant is compared with the contents (string, e.g.) of the examined file. This technique relies on the existence of the signature in the database to enable the detection. Heuristic approach implements rules, weight-based systems, emulators, flow analyzers, statistical and mathematical methods when probing specific instructions, commands or any other portion of the software. As a result, it allows detecting the potentially malicious functionality in new (previously unknown) malware.

What to do if plugin detects something suspicious?

Quttera technology encompasses heuristic and self-learning components. The severity of the detection depends on the danger it can potentially pause. Current implementation offers four (4) severity levels: Clean, Potentially Suspicious, Suspicious and Malicious. If you are not sure whether Potentially Suspicious or Suspicious detection is an actual threat, our team will help you with that. You can contact us via any of the following: a ticket at, email to or through the Support Forum .

Where can I get support for this plugin?

You can contact us via any of the following: a ticket at, email to or through the Support Forum .

What to do in case of False-Positives?

Report False-Positive to our helpdesk, and we will review and fix it within the 3-4 working days.

How to submit samples that plugin did not detect?

Please submit any missing detection to our helpdesk.

Why when I click Start Scan the screen freezes and then goes blank?

That usually occurs when there is only one PHP worker assigned to the site. When the plugin runs, it occupies one PHP worker for the scan. Since there are no extra PHP workers available, the plugin blocks the website until the scan is finished.

Do you offer paid services?

Yes, we offer website security plans to protect the sites from malware and blacklisting, fix hacking and improve the overall cybersecurity risks management for web assets.

Why when I click Scan Now nothing happens?

A front-end code interacts with the backend code of this plugin through the HTTP request sent by loaded JavaScript functionality (code). Please verify that you have JavaScript enabled and that the firewall doesn’t block these requests.

How can I send you the investigation report?

Click “Download Report” button to generate the report, store it as a text file and send it to us via helpdesk.

Why when I run an internal scan, the scanned files count shows 0 (zero)?

The plugin scheduler invocation is based on WordPress Cron mechanism.
Some web hostings and servers do not enable the functionality required for WordPress Cron mechanism to work correctly.
There is a way to overcome this limitation by using alternative WordPress Cron. To enable alternative Cron, please add the following line to wp-config.php

define(‘ALTERNATE_WP_CRON’, true);

Questions about investigation process

For questions about investigation process please refer to or post in the Support section here.

  • Added new detection rules

  • Added capability to ignore specific files or directories

  • Added capability for high sensitive and normal scans

  • Added new detection rules

  • Fixed presentation of investigation report

  • Added new SEO/malware/ransomware detections

  • Added admin user verification on internal scan

  • Added new SEO/malware/ransomware detections

  • Fixes for 4.8.2 and new backdoor samples

  • Added new malware/shell samples

  • Added new spam samples

  • Added new spam samples

  • Added new malware shell

  • Added new malicious ads detection


  • Initial public release