WordPress Security Scanner — Auto Deteksi & Bersihkan Malware
WordPress Security Scanner — Auto Deteksi & Bersihkan Malware
Public release: April 2026
Website WordPress kamu tiba-tiba redirect ke situs judol? Atau ranking SEO mendadak jatuh tanpa sebab?
Kasus ini lebih umum dari yang kamu kira. Dan seringkali, pemiliknya nggak sadar sampai sesuatu yang parah terjadi.
Artikel ini nunjukin cara bikin WordPress Security Scanner otomatis — yang bisa deteksi malware, backdoor, redirect jahat, dan SEO spam injection dalam hitungan menit.
🎯 Apa Yang Akan Kita Bangun
Scanner yang bisa:
- 🔍 Scan otomatis seluruh WordPress installation
- 🚨 Deteksi backdoor — base64 decode, eval(), shell_exec
- 🔴 Temukan redirect — window.location, meta refresh ke situs judol
- 🟠 Identify SEO spam — link casino, slot, poker yang disisipin
- 🧹 Cleanup otomatis — quarantine + restore clean version
- 🛡️ Hardening — fix permissions, secure config
Kenapa WordPress Sering Diserang?
WordPress itu:
- 65% market share CMS globally — jadi target empuk
- Plugin & theme = attack surface yang luas
- Update yang sering diabaikan = vulnerabilitas terbuka
- Shared hosting = satu site infected = semua bisa kena
Jenis Ancaman
🏗️ Arsitektur Scanner
📝 Installation
# Clone repository
git clone https://github.com/fanani-radian/openclaw-sumopod.git
cd openclaw-sumopod
# Set executable
chmod +x skills/wordpress-security-scanner/scripts/*.sh
# Verify
ls -la skills/wordpress-security-scanner/scripts/
Output:
scan.sh # Main scanner
cleanup.sh # Auto cleanup
harden.sh # Security hardening
🚀 Cara Pakai
Basic Scan
bash skills/wordpress-security-scanner/scripts/scan.sh https://yoursite.com
Full Scan + Cleanup
bash skills/wordpress-security-scanner/scripts/scan.sh https://yoursite.com --cleanup
⚠️ Warning: Backup dulu sebelum cleanup!
Hardening Saja
bash skills/wordpress-security-scanner/scripts/harden.sh https://yoursite.com
📊 Sample Output
$ bash scan.sh https://malicious-site.com
═══════════════════════════════════════════
WordPress Security Scanner v1.0
═══════════════════════════════════════════
Target: https://malicious-site.com
[1/6] Checking robots.txt...
[2/6] Scanning WP core files...
✓ wp-config.php exists
✓ wp-login.php exists
[3/6] Checking for suspicious PHP files...
⚠️ Found: wp-content/uploads/.htaccess
[4/6] Detecting redirects...
🔴 REDIRECT DETECTED: window.location
[5/6] Checking for SEO spam...
🟠 SEO SPAM: Found 'casino' on homepage
🟠 SEO SPAM: Found 'slot' on homepage
[6/6] Checking meta tags...
🔴 META REFRESH REDIRECT detected!
═══════════════════════════════════════════
SCAN SUMMARY
═══════════════════════════════════════════
Malicious files: 3
Redirect issues: 2
SEO spam: 12
⚠️ SECURITY ISSUES DETECTED!
🎯 Detection Patterns
Backdoor Patterns (🔴 CRITICAL)
// Base64 encoded payload
base64_decode(
gzinflate(base64_decode(
// Dynamic code execution
eval($
eval(base64
// Remote command
shell_exec(
system(
passthru(
proc_open(
assert(
create_function(
Redirect Patterns (🔴 HIGH)
// JavaScript redirect
window.location
window.location.href
document.location
.href = '
setTimeout('document.location
<!-- Meta refresh redirect -->
<meta http-equiv="refresh" content="0;url=https://malicious-site.com">
SEO Spam Keywords
casino
slot online
poker
togel
judol
situs gacor
bola88
s128
cmd368
mix parlay
🛡️ Best Practices
Sebelum Scan
# 1. Backup database
wp db export backup-$(date +%Y%m%d).sql
# 2. Backup files
tar -czf wp-backup-$(date +%Y%m%d).tar.gz /var/www/html/
# 3. Catat timestamp
date -Iseconds
Checklist Keamanan WordPress
🔧 Hardening Steps
Setelah cleanup, hardening penting biar nggak kena lagi:
# 1. Fix file permissions
find /var/www/html -type f -exec chmod 644 {} \;
find /var/www/html -type d -exec chmod 755 {} \;
# 2. Secure wp-config.php
chmod 440 /var/www/html/wp-config.php
# 3. Disable XML-RPC
# Tambah di .htaccess:
<Files xmlrpc.php>
Order deny,allow
Deny from all
</Files>
# 4. Disable PHP execution di uploads
# Tambah di wp-content/uploads/.htaccess:
<FilesMatch "\.php$">
Order deny,allow
Deny from all
</FilesMatch>
# 5. scheduledscan
# Setup cron job:
0 2 * * 0 /path/to/scan.sh https://yoursite.com >> /var/log/wp-scan.log
📈 Remediation Flow
🆘 Emergency Response
Kalau site udah di-hack parah:
1. Isolasi
# Disable site immediately
mv /var/www/html /var/www/html-infected-$(date +%Y%m%d)
2. Check All Sites (kalau shared hosting)
# Scan semua site di server
for dir in /var/www/vhosts/*/httpdocs; do
echo "Scanning: $dir"
bash scan.sh "https://$(basename $(dirname $dir)).com" --quick
done
3. Change All Credentials
# DB passwords
# FTP/SFTP passwords
# WP admin passwords
# Hosting control panel
4. Notify
- Hosting provider
- Google Search Console
- Visitors (kalau perlu)
📚 Resources
🎓 Kesimpulan
WordPress security scanner ini powerful buat:
- ✅ Deteksi early sebelum masalah besar
- ✅ Automated — jalan di cron, report ke email
- ✅ Comprehensive — cover backdoor, redirect, spam
- ✅ Easy to use — satu command aja
Kombinasi scanner + Wordfence + backup regular = proteksi berlapis.
Next step: Install, scan site kamu, dan kalo ada temuan — cleanup sekarang sebelum makin parah.
🔗 Links
- Tutorial: https://blog.fanani.co/tech/wordpress-security-scanner
- Skill Code: https://github.com/fanani-radian/openclaw-sumopod/tree/main/skills/wordpress-security-scanner
- Full Tutorial: https://github.com/fanani-radian/openclaw-sumopod/blob/main/tutorials/wordpress-security-scanner-skill.md
Artikel ini bagian dari OpenClaw Sumopod Tutorial Hub — Tutorial AI agent dan automation dalam Bahasa Indonesia.
Ada Pertanyaan? Yuk Ngobrol!
Butuh bantuan setup OpenClaw, konsultasi IT, atau mau diskusi project engineering? Book a call langsung — gratis.
Book a Call — Gratisvia Cal.com • WITA (UTC+8)
📬 Subscribe Newsletter
FreeDapat alert setiap ada artikel baru langsung ke inbox kamu. Free, no spam. 🚀
👥 Join 0+ engineers & tech enthusiasts
Zainul Fanani
Founder, Radian Group. Engineering & tech enthusiast.
💬 Komentar