There are 1001 ways to hack a WordPress site, and yours may already be infected.


Those infected/malware files could be anywhere… in our themes, plugins and WordPress core. To eliminate these files and prevent future hacks, we must do 4 things:

  1. Scan and detect infected files; then
  2. Eliminate any infection; and
  3. Repeat this process at least once a day.
  4. Ideally run scans more often than once a day


Shield Security helps you do all this completely automatically, using its Hack Guard module. This module is available from within Shield's main menu, under the Settings tab:

Hack Guard module is composed of various components designed to notify you of existing vulnerabilities on your WordPress site, or of hack liabilities. Depending on the component, an automatic repair feature may or may not be available, but you will be notified by email where appropriate.


The components available are as follows:

Note: There's a dedicated section for scans. You may find it under the Security Dashboard => Scans:

To learn more about the Hack Guard module, read the blog article here.


Please note that

  • Scan Schedule;
  • Abandoned Plugin Scanner;
  • Plugins and Themes Guard;and
  • Vulnerabilities Scanner

are premium features and only available to Pro subscribers. To find out what the extra features for Shield Pro are, read the article here.