cPFence makes it easy to identify and clean infected WordPress sites on your server. Follow the steps below to quickly pinpoint and address issues:
Step 1: Configure Your Email Settings
-
Add Your Email Address:
Use the following command to set your email address for receiving notifications:cpfence --set-email [email protected]If you don’t receive the test email (due to issues like IP blacklisting), switch to SMTP:
cpfence --enable-cpfence-smtp
Step 2: Run WordPress Integrity Checks
-
Set Integrity Check Frequency:
Change the frequency of WordPress integrity checks to run hourly:cpfence --set-check-frequency hourly -
Trigger a Manual Integrity Check:
Run the integrity check immediately to identify infected WordPress sites:/opt/cpfence/app/cpfagentYou will receive an email listing the infected sites.
Step 3: Perform a Full Server Scan
-
Run a Full Scan:
Perform a comprehensive scan of the entire server (this may take several hours):cpfence --full-scan -
Export a Vulnerability Scan Report:
Generate a detailed vulnerability report in CSV format for further analysis:cpfence --vuln-export
Step 4: Clean and Secure Your Sites
Once you identify the infected sites, refer to this guide for cleaning them: How to Clean an Infected WordPress Site.
Additionally, whitelist any false positives in both the antivirus and WordPress integrity checker.
Step 5: Enable Auto-Cleaning (Optional)
For continuous protection, consider enabling auto-cleaning options after verifying and cleaning your sites.
Need Further Assistance?
If you encounter any issues or need help, please contact our support team via the client portal.
