MScan in BulletProof Security is a powerful malware scanner designed to detect suspicious files and malicious code inside WordPress core, plugins, themes, and database entries. It works using a hybrid scanning system for better accuracy and performance.
For WordPress core, plugin, and theme files, MScan uses file hash comparison scanning, which is highly accurate (close to 100%) because it compares files with original clean versions. This eliminates false positives for trusted WordPress files. For all other non-WordPress files, it uses pattern matching detection, which helps identify suspicious or hacker-like code patterns, though it may sometimes produce false positives.
During scanning, MScan automatically downloads official WordPress, plugin, and theme ZIP files, extracts them, generates file hashes, and then deletes the temporary files. This ensures the scanner always has a verified clean reference for comparison.
If performance issues or errors appear (like file hash mismatches or scan time delays), users may need to reset MScan or delete and regenerate file hashes. Features like database scanning, tmp file cleanup, scheduled scans, and excluded folders help customize security checks based on hosting environments.
Overall, MScan provides a structured, automated, and highly reliable malware detection system for WordPress sites, with ARQ IDPS offering even stronger real-time protection beyond scanning.
