Title: BroodWeb Malware Scanner Author: Md Jubayer Hossain Published: 2026 年 4 月 26 日 Last modified: 2026 年 6 月 3 日 --- 搜尋外掛 ![](https://ps.w.org/broodweb-malware-scanner/assets/banner-772x250.png?rev=3515531) ![](https://ps.w.org/broodweb-malware-scanner/assets/icon-128x128.png?rev=3515528) # BroodWeb Malware Scanner 由 [Md Jubayer Hossain](https://profiles.wordpress.org/jubayerhossain/) 開發 [下載](https://downloads.wordpress.org/plugin/broodweb-malware-scanner.1.4.1.zip) * [詳細資料](https://tw.wordpress.org/plugins/broodweb-malware-scanner/#description) * [使用者評論](https://tw.wordpress.org/plugins/broodweb-malware-scanner/#reviews) * [安裝方式](https://tw.wordpress.org/plugins/broodweb-malware-scanner/#installation) * [開發資訊](https://tw.wordpress.org/plugins/broodweb-malware-scanner/#developers) [技術支援](https://wordpress.org/support/plugin/broodweb-malware-scanner/) ## 外掛說明 BroodWeb Malware Scanner helps WordPress site owners, agencies, and developers investigate suspicious files, database content, login activity, and security exposure from one admin screen. The scanner is built for careful review. It does not blindly delete files. It shows risk scores, findings, file paths, quarantine actions, whitelist controls, and exportable reports so you can inspect suspicious results before taking action. #### Key Features * Malware file scanner for WordPress core, plugins, themes, uploads, must-use plugins, and root files. * Official WordPress core checksum verification to suppress false positives on clean core files. * Detection for common malware indicators such as eval(), base64_decode(), gzinflate(), shell_exec(), obfuscated strings, suspicious filenames, disguised PHP payloads, and PHP files inside uploads. * Database scanner for suspicious content in options, posts, and users. * Quarantine, restore, delete, and whitelist tools for flagged files. * Scan history with stored reports. * Filterable scan report with filename search, risk filter, category filter, collapsible findings, and JSON/CSV export. * AJAX chunked scanning to reduce timeouts on larger websites. * Scheduled scans and email alerts. * Integrity monitor with file-change tracking and alert email support. * Login security tools, including custom login URL support. * Activity log for security events. * Vulnerability review for WordPress core, plugins, and themes. * Firewall-lite controls for basic request protection. * Go Pro information tab explaining Pro features. #### Official Core Verification WordPress core files can contain functions that look suspicious in normal malware signatures. BroodWeb Malware Scanner verifies official WordPress core files against WordPress.org checksums before content heuristics are applied. If a core file matches the official source, it is not reported as suspicious. If a core file is changed or if an unexpected file appears inside a core directory, the scanner can report that as a higher-signal issue. #### Designed For Manual Review BroodWeb Malware Scanner is an investigation and triage tool. Always review flagged files before quarantining or deleting them, and always create a full backup before cleaning an infected site. #### BroodWeb Malware Scanner Pro The free plugin includes the core protection layer: malware scanning, database checks, quarantine, whitelist, integrity monitoring, login security, vulnerability review, firewall-lite, activity log, and reporting exports. BroodWeb Malware Scanner Pro adds advanced cleanup and intelligence tools, including: * Hardening controls. * Repair tools for comparing and restoring supported official WordPress, plugin, and theme files. * AI-assisted malware triage with OpenAI-compatible providers. * Professional reporting workflows for agencies and client work. ## 安裝方式 1. Upload the plugin folder to the /wp-content/plugins/ directory, or install the ZIP file from Plugins > Add New > Upload Plugin. 2. Activate the plugin through the Plugins menu in WordPress. 3. Go to Tools > BroodWeb Malware Scanner. 4. Run a scan and review the results. 5. Configure scheduled scans, alerts, integrity monitoring, login security, vulnerability review, and firewall options as needed. ## 常見問題集 ### Does this plugin remove malware automatically? No. BroodWeb Malware Scanner helps you detect, review, quarantine, restore, or whitelist suspicious files. It keeps destructive cleanup decisions under your control. ### Why does the scanner verify WordPress core files first? Official WordPress core files can contain functions that look risky outside their original context. The scanner checks official core checksums first so clean core files are not reported as malware just because they contain normal WordPress code. ### Does it scan the database? Yes. The database scanner checks selected WordPress tables for injected scripts, suspicious URLs, spam indicators, and suspicious admin-like usernames. ### Can I export scan results? Yes. Reports can be exported as JSON or CSV. ### Can I quarantine flagged files? Yes. Suspicious files can be moved to quarantine and restored later if needed. ### Does it include login security? Yes. The free plugin includes login security tools, including custom login URL support. ### Is there a Pro version? Yes. BroodWeb Malware Scanner Pro adds hardening, repair tools, AI-assisted triage, and professional reporting workflows. ### Will it work on large sites? The scanner uses AJAX chunking to reduce timeout risk on larger sites and shared hosting environments. ## 使用者評論 ![](https://secure.gravatar.com/avatar/b63498ccbeef65b7181e8736c21f1b8405c12f2246d4fd5460ed1f572a0a0fe9? s=60&d=retro&r=g) ### 󠀁[Use with caution — caused critical error after quarantine](https://wordpress.org/support/topic/use-with-caution-caused-critical-error-after-quarantine/)󠁿 [kamruldev](https://profiles.wordpress.org/kamruldev/) 2026 年 4 月 28 日 1 則留言 I recently tried this plugin because it offers a lot of useful features and seems promising for checking potential malware. It looks like the developer put real effort into building something helpful. However, during my testing, I ran into a serious issue. The plugin flagged some files and gave me a “quarantine” option. When I applied that action to one of the files, my website immediately went into a critical error state. It appears that the file might have been essential, and removing or isolating it broke the site. I don’t think this is necessarily a bad plugin, and I understand the developer is still growing, so I don’t want to discourage them. But I do want other users to be careful. My advice: Always take a full backup before using this plugin Double-check flagged files before quarantining them Be cautious when applying automatic fixes With some improvements and clearer safeguards, this plugin could be very useful. For now, use it carefully and at your own risk. [ 閱讀全部 1 則使用者評論 ](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/) ## 參與者及開發者 以下人員參與了開源軟體〈BroodWeb Malware Scanner〉的開發相關工作。 參與者 * [ Md Jubayer Hossain ](https://profiles.wordpress.org/jubayerhossain/) [將〈BroodWeb Malware Scanner〉外掛本地化為台灣繁體中文版](https://translate.wordpress.org/projects/wp-plugins/broodweb-malware-scanner) ### 對開發相關資訊感興趣? 任何人均可[瀏覽程式碼](https://plugins.trac.wordpress.org/browser/broodweb-malware-scanner/)、 查看 [SVN 存放庫](https://plugins.svn.wordpress.org/broodweb-malware-scanner/), 或透過 [RSS](https://plugins.trac.wordpress.org/log/broodweb-malware-scanner/?limit=100&mode=stop_on_copy&format=rss) 訂閱[開發記錄](https://plugins.trac.wordpress.org/log/broodweb-malware-scanner/)。 ## 變更記錄 #### 1.4.1 * Added a private emergency recovery link for restoring quarantined files if wp- admin access is broken. * Added recovery-link storage in quarantine metadata and optional admin email notification after quarantine. #### 1.4.0 * Added integrity monitor, login security, activity log, vulnerability review, and firewall-lite modules to the free plugin. * Added a Go Pro information tab that explains Pro features from inside the free plugin. * Moved custom login URL controls into the Login Security tab. * Removed integrity-monitor settings from the general Settings tab now that Integrity has its own dedicated feature area. * Improved WordPress core scanning so official core files are verified against WordPress.org checksums before content heuristics run. * Suppressed false positives for official WordPress core files that match the official source. * Added stronger findings for changed core files and unexpected files inside WordPress core directories. * Improved scan report filtering and preserved JSON/CSV export workflows. * Added spacing around the WordPress Core Restore card for a cleaner scan results layout. #### 1.3.2 * Version bump to stay in sync with BroodWeb Malware Scanner Pro 1.3.2. #### 1.3.1 * Version bump to stay in sync with BroodWeb Malware Scanner Pro 1.3.1. #### 1.3.0 * Fixed the plugin textdomain loading path for packaged installs. * Fixed integrity monitor scheduling so the active cron hook is not cleared on every request. * Cleaned the release package for WordPress.org submission. * Polished admin text and packaging metadata. #### 1.2.0 * Complete rewrite with tabbed interface and dark admin UI. * AJAX chunked scanning with real-time progress bar. * Quarantine system with restore and delete. * Scan history and per-scan diff. * Inline file viewer with highlighted suspicious patterns. * Filterable and sortable results table with CSV and JSON export. * False-positive whitelist with manual entry. * Database scanner. * Scheduled scans via WP-Cron. * Email alerts with configurable threshold. * Added sticky table headers. * Added collapsible findings. * Improved mobile spacing. * Added category counts in dropdowns. * Rebranded plugin as BroodWeb Malware Scanner by BroodWeb. * Added uninstall cleanup support. ## 中繼資料 * 版本 **1.4.1** * 最後更新 **7 天前** * 啟用安裝數 **少於 10 次** * WordPress 版本需求 ** 5.8 或更新版本 ** * 已測試相容的 WordPress 版本 **6.9.4** * PHP 版本需求 ** 7.4 或更新版本 ** * 語言 * [English (US)](https://wordpress.org/plugins/broodweb-malware-scanner/) * 標籤: * [file scanner](https://tw.wordpress.org/plugins/tags/file-scanner/)[login security](https://tw.wordpress.org/plugins/tags/login-security/) [malware scanner](https://tw.wordpress.org/plugins/tags/malware-scanner/)[security](https://tw.wordpress.org/plugins/tags/security/) * [進階檢視](https://tw.wordpress.org/plugins/broodweb-malware-scanner/advanced/) ## 評分 4 星,滿分為 5 星 * [ 0 個 5 星使用者評論 ](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/?filter=5) * [ 1 個 4 星使用者評論 ](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/?filter=4) * [ 0 個 3 星使用者評論 ](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/?filter=3) * [ 0 個 2 星使用者評論 ](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/?filter=2) * [ 0 個 1 星使用者評論 ](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/#new-post) [查看全部使用者評論](https://wordpress.org/support/plugin/broodweb-malware-scanner/reviews/) ## 參與者 * [ Md Jubayer Hossain ](https://profiles.wordpress.org/jubayerhossain/) ## 技術支援 使用者可在技術支援論壇提出意見反應或使用問題。 [檢視技術支援論壇](https://wordpress.org/support/plugin/broodweb-malware-scanner/)