Best shared hosting with free malware scans and clean-up
Rank | Provider | Compare | Starting price | Money-back | Disk Space | Action |
---|---|---|---|---|---|---|
1 | Review soon | $1.30/mo | 30 days | 20 GB | Visit Host | |
2 | Read Review | $2.35/mo | 60 days | Unlimited | Visit Host |
Disclosure: if you purchase through any links on this web page, I earn referral fees from partners. These fees do not influence my recommendations.
#1: Namecheap
Scanning software: ClamAV
Scanning frequency: a few times a week
Namecheap is one of only a few shared hosting providers that offer not only free scans but also free malware clean-up in case they detect an infection.
If they find a virus, they’ll send you an email with a list of the infected files. You can then reach out to them via live chat and ask them to fix the problem.
They have one of the cheapest annual hosting plans around, making them a great choice for beginners. Even advanced users may find value at Namecheap, as they are on our list of most affordable hosts with unlimited websites.
Namecheap basic plan highlights:
- Starting price: $1.30/mo.
- Websites allowed: three
- Storage: 20 GB
- Bandwidth: Unlimited
- Control panel: cPanel
- Email accounts: yes
- Money-back guarantee: 30 days
- Support: 24/7 Live Chat
#2: Hostwinds
Scanning software: ClamAV
Scanning frequency: twice a month
Hostwinds’ servers exhibit excellent performance, as you can see in our HostWinds review.
They are also very affordable, with prices starting at $2.35/month. They are also one of the hosts with the longest money-back guarantees in the business. The free domain and free SSL certificates are also big pluses.
Hostwinds basic plan highlights:
- Starting price: $2.35/mo.
- Websites allowed: one
- Storage: unlimited
- Bandwidth: unlimited
- Control panel: cPanel
- Email accounts: yes
- Money-back guarantee: 60 days
- Support: 24/7 Live Chat
Best WordPress hosting with free malware scans and clean-up
Rank | Provider | Compare | Starting price | Money-back | Disk Space | Action |
---|---|---|---|---|---|---|
1 | Read Review | $20.83/mo | 30 days | 10 GB | Visit Host | |
2 | Read Review | $29.16/mo | 60 days | 10 GB | Visit Host |
#1: WPX hosting
Scanning software: ClamAV
Scanning frequency: undisclosed
WPX is one of the top WordPress hosting providers for webmasters looking to host multiple websites – their Business Plan starts at $20.83/mo. and allows you to host five websites, translating to an average of $4.16 per site.
Their customer service is exceptional, and their pricing structure is refreshingly transparent. They are also one of a handful of hosts with pro-rated refunds.
WPX basic plan highlights:
- Starting price: $20.83/mo.
- Websites allowed: five
- Storage: 10 GB
- Bandwidth: 100 GB / month
- Control panel: custom-built
- Email accounts: yes
- Money-back guarantee: 30 days
- Support: 24/7 Live Chat
- WPX hosting review
#2: WP Engine
Scanning software: Proprietary
Scanning frequency: on-demand
Their servers perform well and provide generous storage for a WP host. The quality of their live chat is a bit hit and miss, depending on the agent you are connected with. See our WP Engine review for more.
Overall, we probably wouldn’t recommend WP Engine on account of their price, but they do offer free malware scans and removals, along with unlimited Inodes, so we decided to list them.
WP Engine basic plan highlights:
- Starting price: $29.16/mo.
- Websites allowed: one
- Storage: 10 GB
- Bandwidth: 50 GB / month
- Control panel: custom-built
- Email accounts: no
- Money-back guarantee: 60 days
- Support: 24/7 Live Chat
Do all hosting companies offer free malware scans?
Unfortunately, no. Quite a few hosts, even some high-end ones, do not offer free scans.
If that’s the case, you’ll usually have two options:
- Install a security plugin for your content management system (such as WordPress or Drupal)
- Buy a premium anti-malware package
What software do hosts use to perform virus scans?
Usually, they use ClamAV – a free cross-platform antivirus toolkit popular in the hosting industry.
However, some hosts use their own custom-built proprietary security software.
What happens if a free malware scan detects an infection?
Most hosts will email you a list of the infected files, and that’s it.
From there, it will be your responsibility to delete the files and replace them with uninfected versions, or otherwise remove the infection. You can do that yourself or hire a security company to do it for you.
In fact, some hosts will take your website offline if they detect infection and only bring it back online after you resolve the issue.
Luckily, some hosts do offer free malware removal along with free scans – see our rankings above to find out which ones.
Do I have to request a free scan or are they automatic?
Most hosts carry out free malware scans of your website as part of a schedule – e.g. daily, every other day, or weekly.
However, a few hosting providers require you to contact them( via live chat or email) and request a scan. Examples of such hosts include InMotion, WP Engine, and Bluehost.
Do hosting companies offer premium (paid) malware scanning?
The majority of them do, even if they also offer free scans.
Premium anti-malware add-ons usually cost around $25 per year and employ one of the following scanning software:
- Sucuri (owned by GoDaddy)
- SiteLock
- Proprietary software
What is the advantage of paid vs. free malware scans?
With paid scans, detected malware is automatically removed or quarantined so that it doesn’t cause damage to your website.
Additionally, premium malware-detection packages are usually more robust and able to detect – and deal with – a larger variety of viruses and malicious programs.
Why won’t some hosts disclose the name of their malware-detecting software?
Most likely for security reasons.
The less information attackers/hackers have about the security measures employed by a hosting company, the more difficult it is for them to find a loophole and infect websites hosted on their servers.
What options do I have if my host doesn’t remove detected malware for free?
Usually, you have four choices:
- Remove the malware yourself
- Hire a website security specialist to clean up your website
- Pay for a premium malware detection package, which almost all hosts sell nowadays.
- Install a free malware-detection plugin (for WordPress and other CMS users)
If malware is detected but not removed, what happens to my site?
Most hosts will just leave your website up and give you a deadline – usually 3-7 days – to solve the issue. If your site is still infected past the deadline, the site will be taken down until it is fixed.
However, some hosting providers, such as BlueHost, will take down your website instantly without prior notice.