Best WordPress Antivirus Plugins 2020 (Free & Paid)

Keeping a WordPress installation safe is a lot like a normal computer, you need to keep the system, plugins and themes up to date to avoid security risks, and you can and should add an extra layer of security, an antivirus.

On average, 30,000 new websites are hacked each day and likely many of you arrived at this article after having noticed strange behavior on your website, possibly caused by an attacker, hacker, virus or malware.

If that's the case for you, you should definitely install an antivirus on your WordPress, and also even if you haven't suffered an attack, prevention is better than cure. These programs can stop and remove malicious elements and files that can tremendously damage your WordPress website.

1. All In One WP Security & Firewall (Free)

A comprehensive, easy to use, stable and well supported wordpress security plugin.

Active Installations: 800,000+
Rating: ⭐⭐⭐⭐⭐(997)
Portuguese translation

The All In One WordPress Security plugin is one of the most popular and free plugins available, it will take your website security to a whole new level.

This plugin is designed and written by experts and is easy to use and understand.

It reduces security risk by scanning for vulnerabilities and implementing and enforcing the latest WordPress security best practices and techniques.

Some of the many features available in this plugin are:

USER ACCOUNT SECURITY
USER LOGIN SECURITY
USER REGISTRATION SECURITY
DATABASE SECURITY
FILE SYSTEM SECURITY
BACKUP KEY FILES AND RESTORE FILES
BLOCKED MALICIOUS IPS LIST FUNCTIONALITY
FIREWALL FUNCTIONALITY
LOGIN BRUDE ATTACK PREVENTION
SECURITY SCAN
SPAM SECURITY IN COMMENT

two. Wordfence Security – Firewall & Malware Scan (Free and Paid)

Active Installations: 3+ million
Rating: ⭐⭐⭐⭐⭐(3573)
Portuguese translation

Wordfence is the most popular WordPress antivirus plugin, it makes securing your website a very easy task. It continuously analyzes recent threats and viruses on your website. After performing this step, it creates sets of protection and detection protocols to deal with viruses and threats. Basically, it detects and removes any kind of virus, threats, malware that can extensively damage your WordPress website.

This antivirus plugin detects and removes threats in real time. That way, you don't have to stop your work if your site is attacked by them. You can filter and remove spam comments, emails and IP addresses that may be trying to attack your website.

WORDPRESS FIREWALL
WORDPRESS SECURITY SCAN
LOGIN SECURITY
WORDFENCE CENTRAL
SAFETY TOOLS

Wordfence has a free version of its plugin, which is enough for most cases, but if you wanted premium features and support, you can purchase a license for $99.

3. iThemes Security (Free and Paid)

itthemes security is wordpress security plug-in #1.

Active Installations: 900,000+
Rating: ⭐⭐⭐⭐⭐ (3831)
Portuguese translation

iThemes Security offers over 30 ways to protect and secure your WordPress site. Maintained by iThemes, which has been building and supporting WordPress tools since 2008, such as BackupBuddy, a popular backup plugin.

iThemes Security takes protection from brute force attacks to the next level by prohibiting users who have tried to hack other sites from hacking yours. iThemes' brute force attack protection network will automatically report the IP addresses of failed login attempts and block them for as long as necessary to protect your website based on the number of websites that have seen a similar attack.

In addition, it offers several other features such as:

Scan your site to instantly report where vulnerabilities exist and fix them in seconds
Enforces strong passwords for all accounts with a minimal configurable role
Disable file editing in WordPress admin area
Detects and blocks various attacks to your file system and database

Detects bots and other attempts to look for vulnerabilities.
Monitors the file system for unauthorized changes.
Run a malware and blacklist scan on your website's home page.
Receive email notifications when someone gets blocked after too many failed login attempts or when a file on your site changes.

Change URLs for WordPress dashboard areas including login, administrator and more
Changes WordPress Database Table Prefix
Change the wp content path
Remove login error messages

Makes it easy for users not familiar with WordPress to remember login and admin URLs by customizing default admin URLs
Detects hidden 404 errors on your site that can affect your SEO, such as bad links and missing images

4. Cerber Security, Anti-spam & Malware Scan (Free)

Defends WordPress against hacker attacks, spam, trojans and malware.

Active Installations: 100,000+
Rating: ⭐⭐⭐⭐⭐(469)
Portuguese translation

This plugin prevents brute force attacks by limiting the number of login attempts via the login form, malicious requests or using authentication cookies. Track user and malicious agent activity with flexible email, mobile and desktop notifications.

MALWARE VERIFIER
INTEGRITY VERIFIER
SCHEDULED CHECKS WITH AUTOMATIC FILE RECOVERY
TWO-FACTOR AUTHENTICATION
REGISTER, FILTER AND EXPORT ACTIVITIES
LIMIT REINVENTED LOGIN ATTEMPTS
CERBER ANTI-SPAM ENGINE
ANTI-SPAM PROTECTION: INVISIBLE RECAPTCHA FOR WOOCOMMERCE
ANTI-SPAM PROTECTION: INVISIBLE RECAPTCHA FOR WORDPRESS

5. Jetpack by WordPress (Freemium)

Website security, performance and management: The best way to use WordPress is with Jetpack.

Active Installations: 5+ Million
Rating: ⭐⭐⭐⭐(1529)
Portuguese translation

Jetpack is not really an antivirus plugin, it is more focused on making your installation easier to manage and per table adds some security features, such as: