NinjaScanner – Virus & Malware scan


A lightweight, fast and powerful antivirus scanner for WordPress.

NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog for malware and virus.


  • File integrity checker.
  • File comparison viewer.
  • Exclusion filters.
  • File snapshot.
  • Database snapshot.
  • Anti-malware/Antivirus.
  • Sandbox for quarantined files.
  • Ignored files list.
  • Google’s Safe Browsing Lookup API.
  • Background scans.
  • Scheduled scans (Premium).
  • WP-CLI integration (Premium).
  • Debugging log.
  • Email report.
  • Integration with NinjaFirewall (WP and WP+ Edition).
  • Multi-site support.
  • Contextual help.
  • And many more…

File Integrity Checker

The File Integrity Checker will compare your WordPress core files as well as your plugin and theme files to their original package. Its File Comparison Viewer will show you the differences between any modified file and the original. You can also add your Premium themes and plugins to the File Integrity Checker. Infected or corrupted files can be easily restored with one click.

File Snapshot

The File Snapshot will show you which files were changed, added or deleted since the previous scan.

Database Snapshot

NinjaScanner will compare all published posts and pages in the database with the previous scan and will report if any of them were changed, added or deleted.

Anti-Malware Signatures

You can scan your blog for potential malware and virus using the built-in signatures. The scanning engine is compatible with Linux Malware Detect LMD (whose anti-malware signatures are included) and with some ClamAV signatures as well. You can even write your own anti-malware signatures.

NinjaFirewall Integration

If you are running our NinjaFirewall (WP or WP+ Edition) web application firewall plugin, you can use this option to integrate NinjaScanner into its menu.

Fast and Lightweight Scanner

NinjaScanner has strictly no impact on your database. It only uses it to store its configuration (less than 1Kb). It saves the scan data, report, logs etc on disk only, makes use of caching to save bandwidth and server resources. It also includes a Garbage Collector that will clean up its cache on a regular basis.

Background Scans

Another great NinjaScanner feature is that it runs in the background: start a scan, let it run and keep working on your blog as usual. You can even log out of the WordPress dashboard while a scanning process is running! You don’t have to wait patiently until the scan has finished. Additionally, a scan report can be sent to one or more email addresses.

Sandbox for quarantined files

When moving a file to the quarantine folder, NinjaScanner can use a testing environment (a.k.a. sandbox) to make sure that this action does not crash your blog with a fatal error. If it does, it will warn you and will not quarantine the file. It is possible (but not recommended) to disable the sandbox.

Advanced Settings

NinjaScanner offers many advanced settings to finely tune it, such as exclusion filters, selection of the algorithm to use, a debugging log etc.

Privacy Policy

Your website can run NinjaScanner and be 100% compliant with the General Data Protection Regulation (GDPR):

We, the authors, do not collect, share or sell personal information. We don’t track or profile you. Our software does not collect any private data from you or your visitors.

Premium Features

Check out our NinjaScanner Premium Edition

  • Scheduled Scans: Don’t leave your blog at risk. With the scheduled scan option, NinjaScanner will run automatically hourly, twice daily or daily.
  • WP-CLI Integration: Do you own several blogs and prefer to manage them from the command line? NinjaScanner can nicely integrate with WP-CLI, using the ninjascanner command. You can use it to start or stop a scanning process, view its status, its report or log from your favourite terminal, without having to log in to the WordPress Admin Dashboard.
  • Dedicated Help Desk with Priority Support


  • Summary page.
  • Basic settings.
  • Advanced settings.
  • Nerds settings.
  • WP-CLI integration.
  • Report sample.
  • Viewing differences between the modified and the original files.
  • Debugging log.
  • Integration with NinjaFirewall.


  1. Upload the ninjascanner folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ page in WordPress.
  3. Plugin settings are located in the ‘Tools > NinjaScanner’ sub-menu.


22. ágúst, 2023
The Ninja Technologies Network — are so thoughtful, unlike the other security plugin developers. Ninja team makes their free product just as equally safer as the Pro version. As for the Pro version it comes with more benefits rather than making the free version less secure. For instance, with the NinjaScanner Pro version, you get automated scans and other things. Likewise, NinjaFirewall also has a similar approach. The sites would be 100% secure using Ninja Team’s products. After a few months of thorough testing of WAF using online testers and onsite tests, I totally gave up WordFence and migrated to NinjaFirewall + NinjaScanner — it totally worth it. Ninja Team is an expert when it comes to WordPress performance and security. Love it.
21. janúar, 2023
If you are using NinjaFirewall Plugin, then you must install this one too! NinjaFirewall + NinjaScanner is a must if you are running any WP sites! 5-star for me!
14. nóvember, 2022
This plug-in is absolutely excellent. It scans my wordpress site for malware and it does so efficiently and perfectly. I was afraid that it might make my site crash, but it did NOT make my site crash. I highly recommend it. I paid for the yearly license so I can SCHEDULE a daily scan of my website. Excellent.
Skoða 26 umsagnir

Þátttakendur & höfundar

“NinjaScanner – Virus & Malware scan&#8221 er opinn hugbúnaður. Eftirfarandi aðilar hafa lagt sitt af mörkum við smíði þessarar viðbótar.


“NinjaScanner – Virus & Malware scan” has been translated into 1 locale. Thank you to the translators for their contributions.

Translate “NinjaScanner – Virus & Malware scan” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Fixed a bug where MU plugins added to the list of ignored files were still displaying a warning in the report sent by email.


  • Fixed a potential „Undefined constant NFW_ENGINE_VERSION“ fatal error.
  • Adjusted PHP max_execution_time and memory limit during a scan.


  • The „Apply the exclusion list to the file integrity checker“ feature from the „Ignore files/folders“ option will now apply to WordPress core files as well, not only to the themes and plugins files.


  • Fixed a potential „File is not in the ABSPATH or DOCUMENT_ROOT“ error message when trying to view a file.
  • Fixed an issue where it was not possible to activate or deactivate NinjaScanner from WP CLI.
  • The scanner will attempt to disable the PHP display_errors directive so that notice, warning and error messages won’t show up in the AJAX response.
  • Small fixes and adjustments.
  • Minimum PHP Version updated to 7.1.


  • Fixed a potential „Cannot use object of type WP_Error as array“ fatal error.
  • Updated „Tested up to“ to match WordPress 6.2.


  • Fix compatibility issue with PHP 8.2.
  • Fix compatibility issue with older PHP version (<7.3).
  • Updated Prism.js libraries.
  • Small fixes and adjustments.


  • On websites running PHP 7.3 or above, NinjaScanner will use the hrtime() function instead of microtime() for its metrics, because it is more reliable as it is not based on the internal system clock.
  • Fixed an issue where it was not possible to quarantine a file when running NinjaScanner on localhost over TLS because cURL rejected the self-signed certificate.
  • Fixed a bug with right-to-left (RTL) WordPress sites where the checkboxes below the log were all messed up.
  • Updated Prism.js libraries.
  • Small fixes and adjustments.


  • Fixed a potential PHP „sprintf“ fatal error that could occur if there were an error during the scanning process.
  • Fixed a regex bug when checking for a Linux or Windows absolute path.
  • Updated Prism.js libraries.
  • Added more details to the scanner’s log when a scan is cancelled because of an error.


  • If the PHP ZIP extension, which provides the ZipArchive class, is missing on the server, NinjaScanner will fall back to the built-in PclZip library instead of refusing to run.
  • When catching a PHP fatal error (E_ERROR), the scanner will write to the log the full path to the file where the error occured.
  • Small fixes and adjustments.


  • Fixed an issue during the anti-malware scan where the number of scanned items appeared to be higher than the total of files to be scanned, and returned an „Unknown Error“ message.
  • Fixed an issue where corrupted ZIP files downloaded from were not deleted.
  • The anti-malware signatures file used during the scan will be temporarily saved to the database and no longer to disk because some antivirus used on Microsoft-IIS are still flagging the file as malware and delete it.


  • Fixed a potential „Missing Lock File“ error that may occur on slow servers.
  • Added streaming to the wp_remote_get function to lower the amount of memory used during downloads (props Daniel Ruf).


  • Fixed error introduced in 3.0.3 affecting PHP versions 7.1 and below.
  • Replaced the „install_plugins“ capability with „manage_options“, to allow administrators to run the scanner even if the WordPress built-in „DISALLOW_FILE_MODS“ constant is defined.
  • Fixed a potential „Undefined variable: snapshot“ PHP notice.
  • Better detection of any potential error during the scanner initialization by using a blocking socket.
  • The temporary file used to saved malware signatures during the scanning process is now base64-encoded to prevent it form being flagged as malware by some hosting companies.
  • Updated PrismJS to the latest version.
  • Added missing description to the WP-CLI script (props Daniel Ruf).
  • Small fixes and adjustments.


  • Fixed a potential issue where the scan could not start.


  • Fixed a potential syntax error introduced in v3.0.
  • The whole scanner engine was rewritten from scratch, so that it can work on very low resource servers.
  • The scan report can be displayed on multiple pages instead of one only. This can be selected from the „Settings > Advanced Users Settings > Display report“ option.
  • It is possible to select which folders to scan in the blog directory („Settings > Blog directory“).
  • HTTP basic authentication is now supported by the WP-CRON fork method.
  • Adjustments for PHP 8.0 compatibility.
  • Updated PrismJS libraries.
  • Many small fixes and improvements.