The importance of scanning your site

Once you have verified that the update works on your test site, you can begin thinking about installing the update on your live site; however, there are a couple things you need to do first.

  1. Scan your site with a security plugin.
  2. Take a complete backup of your site.

The two most important steps that most blog owners skip are scanning their site with a security plugin and taking a complete backup of their site immediately afterwards. They simply download and install the update right away. Without scanning their site, they could be unintentionally installing a critical update on a site that is loaded with malware. You should always scan your live site prior to performing a backup so you are not backing up a WordPress installation that is loaded with viruses. There are several fantastic plugins available in the WordPress repository that allow you to scan your site for malware and to check your installed plugins and themes that need updating. If malware is found during the scan you will want to remove it as soon as possible and verify that your site is clear of viruses prior to making a clean backup.

Here are three of the most popular security plugins that feature scanning abilities;

Jetpack by WordPress.com

Wordfence Security – Firewall & Malware Scan

iThemes Security (formerly Better WP Security)

We will use Wordfence Security – Firewall & Malware Scan as our example.

How to scan your WordPress installation with Wordfence Security – Firewall & Malware Scan

  1. Log into your admin dashboard.
  2. Download and install Wordfence Security – Firewall & Malware Scan by going to Plugins -> Add New and search for Wordfence.
    1. Find Wordfence Security – Firewall & Malware Scan and select Install Now.
  3. On your left menu bar locate “Wordfence.”
  4. Select “Wordfence.”
  5. Select “Scan.”
  6. You will be directed to your Scan page where the Threat Defense Feed is located. The Threat Defense Feed provides you with vital information regarding the type of scan being performed, malware signatures detected, and reputation checks administered. Upon visiting the Scan page your scan should start automatically. If the scan doesn’t start right away, simply select “START NEW SCAN.” If you scroll down on the Scan page, you will come upon a log of your scanned results found and those that were ignored. You are also able to email the activity log if you wish to carry it with you off of your site. You should keep an eye on the activity log during the scanning process in case any new issues are found.