Malcure WP CLI Integration & Cheatsheet

malcure malware removal documentation

MalCure WordPress plugin comes with some serious powers under the hood. With such tremendous feature-set and agility it’s only reasonable that you take a minute to read what’s available and how to use it. Here’s the information you need to get started with it.

Table of Contents

  1. Malcure WP CLI Integration
    1. Getting ready to scan with Malcure WP CLI
    2. Basic Malcure Malware Scanner WP CLI Commands
    3. Managing License & premium features
    4. Malcure scan from WP CLI
  2. Extra Commands That Come In Handy
    1. Legacy Commands
  3. Summary

Malcure WP CLI Integration

Malcure Advanced Edition integrates excellently with WP CLI and comes in handy on broken WordPress installs or in case where the website is disabled by the webhost or even large sites where the web-interface could take exceptionally long or simply terminate because of the website firewall etc. Here are some commands to get you started.

Documentation valid as of Malcure Malware Scanner v 15.2



Getting ready to scan with Malcure WP CLI


Using Malcure with WP CLI is a premium feature. It allows comprehensive automation and large-scale / enterprise deployment.


In order to use Malcure with WP CLI, you first need to activate Malcure with premium features.


wp malcure activate licensekeyhere


Basic Malcure Malware Scanner WP CLI Commands


Show Malcure command-line help.


wp malcure help


Show WordPress system information.


wp malcure info


List hidden files and directories.


wp malcure hidden


Managing License & premium features




Activate Malcure with premium features.


wp malcure activate licensekeyhere


Display license status.


wp malcure status


Deactivate your license key. If no license key is provided, attempts to deactivate the saved one.


wp malcure deactivate


Malcure scan from WP CLI


To be able to run a proper scan, you need to have the latest malware signatures. Please run the previous command first. Definition updates are only available to registered users.


wp malcure sync


Force a sync.


wp malcure sync --mcforce


Start malware scan.


wp malcure scan


Set how many files to scan per batch. Default is 50.


wp malcure scan --mcbatchsize=10


Skip database scan.


wp malcure scan --mcskipdb


Skip file-scan.


wp malcure scan --mcskipfiles


Skip scanning for redirects.


wp malcure scan --mcskipredirects


Don’t show suspicious files. Shows suspicious files by default. Equivalent to the “paranoia” mode in the web GUI.


wp malcure scan --mcsuspicious=false


Skip all directories with the name mu-plugins and backups


wp malcure scan --mcskipdirs="mu-plugins,backups"


Match for custom regex pattern in files. (Files with correct checksum are never match against any signatures).


wp malcure scan --mcregex="/find_.*_me/is"


Match for custom regex pattern in database. The following example queries the database for all posts, post_meta, options table for %script% sql query and matches the string href=malware


wp malcure scan --mcdbquery="%script%" --mcdbregex="/href=\/malware/"


Create a JSON scan-log and save it to file. For security reasons, .php will be added to the file extension.


wp malcure scan --log=


Extract a log file.


wp malcure extractlog --from=source_file --to=target_file


Scan some specific file.


wp malcure scan --mcfiles=<absolute_path_to_file>


Scan some specific directory.


wp malcure scan --mcscanonlydirs=<relative_path_to_the_specific_directory>


Extra Commands That Come In Handy


Reset the plugin.


wp malcure reset


Reset plugin as well as logs.


wp malcure reset --mcresetlogs


Force reset without confirmation.


wp malcure reset --mcforce


Show status of each file.


wp malcure scan --mcdebug=true


Save scan output to a log file. Requires the expect package


unbuffer wp malcure scan |& tee rootedts.log


Download file to local directory over ssh


scp your_username@example.com:foobar.txt /local/dir


Legacy Commands


Register Malcure Malware Scanner for free to get definition updates.


wp malcure register --mc-email=myemail@example.com --mc-fname="Firstname" --mc-lname="Lastname"


Summary


Malcure malware scanner is a free toolset for WordPress malware removal. It is a robust WordPress plugin which detects infections, security threats and vulnerabilities. Malcure Advanced Edition is a pro version of the plugin with the following premium features:


    

  • Single click repair, clean and whitelisting of files.
    • 

  • Real-time malware definition updates.
    • 

  • WP CLI support for scanning via command line.
    • 

  • Use custom definitions and patterns to scan for new virus strains.
    • 

  • Skip / Scan specific files and directories to save time.
    • 

  • Automatic periodic scan via WP CLI
    • 



Note: WP CLI support is available in Malcure Advanced Edition only. Upgrade Malcure Malware Scanner to pro version to detect and remove malware like a pro!






This article is written by Evelyn Allison. Evelyn has over two decades of experience with the big-tech corporate giants. Starting in 2002 with consumer IT remote support, he transitioned into IT enterprise support and systems provisioning for Windows and Linux servers. Her prowess spans her expertise in network security, security audit and scripting-based-automation. Actively involved in web security since 2017, Evelyn has worked with various technologies to secure the web, leveraging tech like Nginx, modsecurity, reverse-proxies, developing web-application-firewalls, on-the-fly asset optimization using Google’s PageSpeed Module and more. Her expertise is reflected in the top-tier plugins and comprehensive consulting-services she offers in the domain of web-security.