To ensure our Threat Research Analysts can successfully perform a manual cleanup of your WordPress site, several technical conditions must be met. Our remediation process relies on a secure connection between our analyst tools and a "thin client" (monarx-analyzer.php) that we deploy to your site during the request.
If any of the following requirements are not met, our tools will be unable to communicate with the site environment, preventing a full cleanup.
1. Public Website Availability
Your website must be publicly accessible and "online." If a site is behind an "Under Construction" page, returns a 403 Forbidden error, or is otherwise blocked from public view, our system cannot reach the thin client to perform the necessary analysis.
2. Working DNS Configuration
The domain name for the site must be in a working state and correctly pointed to the IP address of the server where the Monarx agent is running. If the DNS is pointed to a different server (such as a staging environment or a previous hosting provider), our remediation tools will not be able to find the files on the server we are attempting to clean.
3. Valid SSL Certificate
Monarx requires a secure connection to process remediation requests. Your site must have a valid, non-expired SSL certificate. Because we connect exclusively via HTTPS, any certificate errors or "Insecure" warnings will cause the connection to the analyzer file to fail.
4. WAF & Firewall Whitelisting
If you utilize a Web Application Firewall (WAF) or an edge security service (such as Cloudflare, Sucuri, or a hardware firewall), our connection attempts may be flagged as suspicious. To prevent this, please ensure that you have whitelisted the Monarx IP addresses.
5. Third-Party Security Software
Local security plugins or server-side security software can sometimes block the execution of the monarx-analyzer.php file. Please ensure that no third-party security products are configured to block access to this specific file, as it is the primary gateway our analysts use to investigate and remove malware.
6. Supported CMS & Installation Type
The Monarx site cleanup service is designed exclusively for Single Site WordPress installations. We do not currently support the following:
WordPress Multisite (WPMU): Installations where multiple sites share a single WordPress core.
Alternative Frameworks: Non-standard structures like Bedrock.
Other CMS/Platforms: We do not support cleanups for Magento, Joomla, PrestaShop, or custom-built frameworks.
β οΈ Important Note on Rejections
If any of the conditions mentioned above are missing at the time of the request, our analysts will only be able to review the on-disk files detected by the agent. In these cases, we will be forced to reject the request and provide feedback regarding the specific technical blocker.
π‘ You are welcome to re-submit your cleanup request once the identified problems have been fixed. If you need further assistance or clarification on a rejection, please open a new support ticket using the support widget inside our WebApp at https://app.monarx.com.