WPress Cleaner
Clean backups. Zero compromises.
Automated security analysis and sanitisation tool for WordPress .wpress backup files. Upload a backup, WPress Cleaner scans every file across 8 threat categories — malware, backdoors, SEO spam injections, suspicious scripts, and more — then produces a clean, verified backup ready for safe restoration.
At a Glance
The Problem
WordPress backup files are a blind spot. When a site is compromised, the infection often hides inside backup archives — waiting to reinfect the moment you restore. Manual inspection of thousands of files is impractical. Existing scanners focus on live sites, not offline backups.
Hidden Infections
Malware, backdoors, and SEO spam injections survive inside .wpress backup files. Restoring an infected backup reinfects the site — often without any visible symptoms until the damage is done.
Manual Review Impossible
A typical WordPress backup contains thousands of files across plugins, themes, uploads, and core. Manually checking each file for malicious code isn't feasible for most teams.
Scanner Gap
Most security scanners work on live WordPress installations. They can't process offline .wpress archive files, leaving backup security as an unaddressed vulnerability in recovery workflows.
Detection Capabilities
WPress Cleaner analyses every file in a .wpress backup archive against 8 distinct threat categories, using pattern matching, heuristic analysis, and contextual evaluation.
Malware & Backdoors
Detects known malware signatures, PHP backdoors, web shells, encoded payloads, and remote code execution vectors hidden in theme and plugin files.
SEO Spam Injections
Identifies pharma spam, casino links, hidden redirect scripts, cloaked content, and link injection code that damages search rankings and user trust.
Suspicious Scripts
Flags obfuscated JavaScript, encoded PHP functions (eval, base64_decode, gzinflate chains), and dynamically generated code patterns commonly used in exploits.
File Integrity
Compares WordPress core files and popular plugin/theme files against known-good checksums to detect unauthorised modifications.
Upload Directory Threats
Scans the wp-content/uploads directory for executable files disguised as images, PHP files hidden in media folders, and other upload-based attack vectors.
Database Content Analysis
Examines serialised data and database exports within the backup for injected scripts, spam links, and malicious redirects stored in post content or options.
Configuration Exposure
Checks wp-config.php and other configuration files for exposed credentials, debug settings left enabled, and security misconfigurations.
Suspicious Patterns
Catches anomalous file permissions, recently modified core files, files in unexpected locations, and other indicators of compromise that don't fit standard categories.
How It Works
A structured four-step process from upload to clean backup — automated, thorough, and transparent.
Upload
Upload your .wpress backup file through the secure web interface. Files are processed locally and never transmitted to external servers.
Scan
Every file in the archive is extracted and analysed against 8 threat categories. Pattern matching, heuristic analysis, and integrity checks run in parallel.
Review
Results are presented in a detailed report with severity ratings, file locations, and threat descriptions. Smart filtering reduces false positives from legitimate code.
Export
Download a sanitised backup with threats removed, or export the original with a detailed findings report for manual remediation.
Smart Filtering
Not every flagged file is a threat. WPress Cleaner's intelligent filtering system reduces false positives by understanding the context of detected patterns.
Intelligence
Context-Aware Analysis
The scanner understands that security plugins legitimately contain malware signatures, that minified JavaScript isn't inherently suspicious, and that base64 encoding has valid uses. Context matters.
- Security plugin whitelisting
- Minified code recognition
- Known framework pattern exclusion
- Legitimate encoding detection
- Severity-based prioritisation
Transparency
Full Audit Trail
Every finding is documented with file path, line number, matched pattern, threat category, and severity level. Nothing is hidden — you see exactly what was found and why it was flagged.
- Detailed per-file findings
- Pattern match explanations
- Severity classifications
- Exportable reports
- Before/after comparison
Technical Foundation
Built on modern, proven technologies. Clean architecture designed for security analysis workloads.
FastAPI
Backend API
React
Frontend UI
Docker
Containerisation
Nginx
Reverse Proxy
Tailwind CSS
UI Framework
Availability
WPress Cleaner is currently in active development and testing. The tool is being refined through internal use on real-world WordPress backup files to ensure detection accuracy and minimise false positives.
We'll notify you when WPress Cleaner is available for early access.
Concerned about your WordPress backups?
If you're restoring WordPress sites from backups without scanning them first, you may be reintroducing the very threats you're trying to eliminate. Register your interest in WPress Cleaner and be first to know when it's ready.