Close-up of site cleaning status

Wordfence CLI is an open source, high performance, multi-process security scanner, written in Python, that quickly scans local and network filesystems to detect PHP malware and WordPress vulnerabilities. Wordfence CLI is open source under GPLv3. We offer both Free and Premium CLI license options. CLI Premium detects all known PHP malware - over 14 million malware variants. CLI Free has a 30 day delay for malware detection. CLI also detects over 11,800 WordPress vulnerabilities, including the very newest vulnerabilities, using our open and continuously updated vulnerability database. Vulnerability scanning is free for all license types.

Buy Now

Jump to Installation Instructions to get started.

  • Free vs Paid CLI Licenses

    CLI Free CLI Premium
    High performance using multiple CPU cores High performance using multiple CPU cores
    Configurable resource usage Configurable resource usage
    Comprehensive WP Vulnerability Scanning Comprehensive WP Vulnerability Scanning
    Detects all known WordPress vulnerabilities Detects all known WordPress vulnerabilities
    Signatures delayed 30 days Real-time malware signatures
    No signup required, download and run API key enables real-time data feeds
    Documentation and issue reporting via GitHub Access to Premium Customer Support

    The free version of Wordfence CLI has a 30-day delay on malware signatures. The premium version of Wordfence CLI has access to the complete, real-time malware signatures for more demanding environments. Real-time signatures are used by both the paid version of the Wordfence Plugin and the paid version of Wordfence CLI. We add approximately 30 to 70 new signatures every month. Wordfence's vulnerability scanning is free for everyone.

    Wordfence CLI Premium pricing is based on the number of sites being scanned. Starting with a base price of $119 for the first 100 sites, add on additional sites at increments of 100 with pricing dependent on the total number of sites (see Site Pricing above). The number of sites is self-reported, however, we've included a <count-sites> subcommand that automatically detects WordPress sites to help you determine the number of sites to include for your license. CLI Premium includes access to Wordfence's industry leading Customer Support Team.

    Enterprise CLI is designed for very large hosts with more than 100,000 customers. For example, if you are hosting several million WordPress sites and would like to conduct daily or even hourly high performance scans across your entire fleet, we'd love to chat with you. Please contact our team for a quote.

  • Access Wordfence's Real-Time Malware Signatures

    Purchase a Wordfence CLI Premium license for access to real-time malware signatures. Licensing is based on how many websites are being scanned and includes support from our Team. We recommend real-time malware signatures for hosting providers and other production environments. Wordfence CLI's <remediate> sub-command allows you to automatically restore known files from WordPress Core, plugins and themes.

    Wordfence's Industry Leading Vulnerability Scanning

    Wordfence CLI includes industry leading vulnerability scanning which is completely free for all license types. CLI's vulnerability scanner uses our open vulnerability database which is continually updated by our team using our own research, and by triaging external research into the database as quickly as it is published.

    What is the difference between the Wordfence Plugin and Wordfence CLI?

    The Wordfence Plugin is an excellent overall security solution for WordPress and includes a firewall, two-factor authentication, brute force protection, and IP blocklist with many other features in addition to a malware scanner. Wordfence CLI provides more technical server administrators and operations teams with high performance malware and vulnerability scanning capability.

    CLI's malware-scan is parallelizable, meaning that it can take advantage of all your CPU cores when scanning, providing very high performance. CLI is also able to execute at a higher permissions level than your web server and website, giving it an additional layer of protection against compromise. CLI is also incredibly flexible and can be scheduled using cron and combined with other command line tools.

How To Install Wordfence CLI

We've drastically improved the installation process starting with CLI version 2.0.1. Simply install the package, run 'wordfence configure' for the first time to configure CLI, and then start scanning. You can install CLI using Python's pip, your Debian based package manager, or your RedHat style package manager. Instructions for each method are below, along with a few alternative methods of installation for Wordfence CLI. Happy scanning!!

If installing Wordfence CLI 1.1.0 or earlier, click here to request a free license key.

Installation Options

Install Wordfence CLI using one of the commands below depending on your operating system. Debian and RPM packages require the package downloaded prior to install. Click here for additional installation help.

Python Package

Python 3 is required. Install commands below are dependent upon operating system.

pip install wordfence
pip3 install wordfence

Debian Package

Debian based linux operating systems Ubuntu, Debian, Mint, Kali


sudo apt install ./wordfence.deb

RPM Package

Red Hat Linux based operating systems RHEL, CentOS, Fedora


sudo dnf install ./wordfence-el9.rpm

Alternative Installation Methods

CLI License Terms and Conditions

Wordfence CLI License Terms and Conditions

Register below to receive email notifications about updates to Wordfence CLI License Terms and Conditions.