Wordfence CLI is an open source, high performance, multi-process security scanner, written in Python, that quickly scans network filesystems to detect PHP/other malware and WordPress vulnerabilities. CLI is parallelizable, can be scheduled, can accept input via pipe, and can pipe output to other commands.

We have a number of installation methods to install Wordfence CLI in our installation documentation which we'd recommend reviewing to get you scanning for malware in as few steps as possible.

We recommend installing using pip:

pip install wordfence

If you'd like to install Wordfence CLI manually or use CLI for development, you can clone the GitHub repo to your local environment:

git clone [email protected]:wordfence/wordfence-cli.git
cd ./wordfence-cli
pip install .
python main.py --version

• Python >= 3.8
• The C library libpcre >= 8.38
• Python packages:
  • packaging >= 21.0
  • requests >= 2.3

Visit https://www.wordfence.com/products/wordfence-cli/ to obtain a license to download our signature set.

You can run wordfence help for a full list of options that can be passed to Wordfence CLI. Read more about the configuration options that can be passed to Wordfence CLI.

Recursively scanning the /var/www directory for malware:

wordfence malware-scan /var/www

A full list of examples for the malware scan is included in our documentation.

Scanning the /var/www/wordpress directory for vulnerabilities.

wordfence vuln-scan /var/www/wordpress

A full list of examples for the vulnerability scan is included in our documentation.

The full documentation for Wordfence CLI can be found here which includes installation instructions, configuration options, detailed examples, and frequently asked questions.

Wordfence CLI is open source, licensed under GPLv3. The license can be found here.