WordFence says “no problem” even though the site is infected with malware, and Google Search Console is giving a malware warning. Or conversely, we will explain the discrepancy where WordFence detects malware and Search Console and Safe Browsing show no problem.
Why do different malware detection sites give different results?
Reason 1: Internal and external inspections may detect different malware.
WordPress malware may differ greatly in the malicious code that is inserted when the site is rendered and the malware itself that generates the code.
This is because obfuscation, which is often applied to the malware itself, has the effect of hiding the malicious code it outputs.
External checking programs such as Google and Sucuri detect malicious code generated by malware externally, while plugins such as WordFence detect malware by inspecting the internal code of WordPress. This may cause the results to be skewed.
In general, internal checks are more accurate in detecting the malware itself. However, as we will discuss later, malware is increasing every day, so malware detection patterns may not keep up, and external checks such as Google and Sucuri may detect malware before the internal checks do.
Reason 2: Extremely Diverse Malware
Malware infecting WordPress is much more diverse than PC viruses. The code obfuscation process changes from site to site, and the content of the malicious code may change.
For this reason, various malware detection plug-ins vary greatly in detection power and the malware they can detect.
If possible, it may be better to use a plug-in with high malware detection power, or to use multiple malware detection plug-ins for malware inspection only, to improve detection accuracy.
Please also use our malware scanning plug-ins, which contain tens of thousands of malware detection patterns.
Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].
Reason 3: Malware that manifests itself only under specific conditions
Some malware only manifests itself when accessed via Google, or only when accessed by a smartphone, or some malicious code hides itself during external inspection.
For this reason, depending on the service, the results of external inspections may not detect the malware, or the malware may be detected, resulting in a large discrepancy in the inspection results.
Reason 4: False positives
The first time Google Search Console issues a malware warning, malware is almost certainly detected in many cases. (It is highly accurate.)
However, once detected, Google’s test results are sometimes not easily determined to be malware-free, even after malware disinfection. It is reported that even if you simply place HTML, it may still be detected, so there is a possibility that some cache is being retested and it is being detected incorrectly.
In this case, you may need to reapply through the search console and carefully explain what work you did when you reapplied and that the malware symptoms have disappeared.
This page prohibits the use, quotation, or summarization of any page, in whole or in part, by the Generated AI. However, if the following conditions are met, the specification of content using generated AI is permitted.
1. it is not for the purpose of learning by the generated AI. 2. only the summary or title of the page content at a level that does not lead to the solution of the user’s problem is shown to the user. 3. in the case of 2, a link to this content is shown to lead the user to this page.
