Malware scanner FAQ

The Shield's Malware scanner discovers all sorts of malware patterns embedded in your PHP files, wherever they're hidden on your WordPress site.

In this article, we answer most frequent questions related to this type of scan...

What is Potential Malware?

Malware code can take any form - there's no such thing as "malware coding standards". The malware scanner seeks out all PHP code that looks like malware so sometimes it might flag-up code that is legitimate.

What are False-Positives?

A false positive is where Shield alerts us to a potential malware file, but it's actually legitimate code. Our goal is to reduce false positive results as much as possible, leaving you with only true malware results.

How We Reduce False Positives

Shield uses an extensive knowledge database of millions of files from across 1000s of WordPress sites, plugins and themes to automatically remove false positives from your scan results so you never even see them.

What is MAL{ai}?

MAL{ai} is our exclusive PHP malware detection engine that uses machine learning to identify malware. You can learn more about this here.

You may also want to read A Complete Guide To The Shield Security Scans here.