ຄຳອະທິບາຍ
Your file scanner says “all clear” — but Google just flagged your site for spam.
Attackers don’t always hide in files. They inject spam links directly into your Gutenberg blocks, bury SEO poison in postmeta, and hide obfuscated scripts in custom fields. Traditional security plugins don’t scan there. Content Guard Pro does.
Content Guard Pro is a database-first malware scanner that finds hidden threats in your WordPress content — the blind spot in your current security stack.
The Gap in Your WordPress Security
Most security plugins scan files. That’s essential — but it’s only half the picture.
Malware and spam increasingly bypass file scanners by injecting directly into your database:
- Post content — Hidden pharma links and casino spam inside nested Gutenberg blocks
- Custom fields (postmeta) — SEO spam and malicious redirects buried in metadata
- Widget areas — Injected scripts that survive every file scan
- Options table — Persistent backdoors and cloaked content
If you’ve ever cleaned a hacked site only to have Google flag it again weeks later, database-resident threats are likely the reason. Content Guard Pro finds them.
How Content Guard Pro Protects Your Site
Find what other security plugins miss. Content Guard Pro scans your posts, pages, custom post types, and metadata — the places where WordPress actually stores your content.
Know exactly what to fix first. Every finding gets a confidence score from 0 to 100 and a severity level (Critical, Suspicious, or Review). No guesswork, no alert fatigue.
Scan without slowing down your site. Background batch processing with auto-throttling means scans run smoothly even on shared hosting. Your visitors never notice.
Keep false positives low. Accessibility-aware detection respects screen reader classes. Configurable allowlists let you whitelist trusted domains and patterns.
Maintain a complete audit trail. Every scan, every finding, every action — tracked and timestamped for forensics and compliance.
What the Malware Scanner Detects
Content Guard Pro catches a wide range of database-resident threats:
- Hidden spam links — Cloaked content using
display:none,visibility:hidden,opacity:0,font-size:0, and other CSS tricks - Suspicious external resources — Unknown
<iframe>and<script>tags loading remote content - SEO spam injections — Pharma, casino, crypto, and gambling keyword stuffing
- URL shorteners and redirectors — bit.ly, t.co, cutt.ly, and other redirect services hiding malicious destinations
- Obfuscated JavaScript —
eval(),fromCharCode(), Base64-encoded scripts, anddata:URIs - Serialized PHP malware — Threats hidden inside PHP arrays in postmeta, options, and page builder data
- Cryptocurrency miners — Coinhive, CryptoLoot, JSEcoin, and similar scripts
- Multi-layer encoded attacks — Automatically peels back up to 3 layers of obfuscation: Base64 URL encoding ROT13 hex octal
Works Alongside Your Existing Security Plugins
Content Guard Pro is designed to complement file-based security, not replace it.
Already using Wordfence, Sucuri, iThemes Security, All-In-One Security, or MalCare? Great — those tools protect your files. Content Guard Pro covers the database layer they don’t scan. Together, you get complete WordPress security coverage.
Built for WordPress Professionals
- Agencies managing client sites — Find database threats before clients or Google discover them. Use findings to demonstrate the value of your security retainer.
- Freelancers and consultants — Add content-layer scanning to your cleanup and maintenance workflow. Catch what file scanners leave behind.
- E-commerce site owners — Protect product descriptions and category pages from SEO spam that damages your search rankings and revenue.
- Security professionals — Fill the database gap in your security stack with specialized content-layer analysis.
Gutenberg Block Editor Security
WordPress stores content as nested blocks — and attackers exploit this. Content Guard Pro includes a recursive Gutenberg block parser that inspects every layer of nested blocks, including reusable blocks and block patterns. It also scans content in the Classic Editor with a dedicated meta box for findings.
Serialized Data Inspector
Page builders like Elementor, Beaver Builder, and Divi store data as serialized PHP arrays. Content Guard Pro safely unserializes and recursively inspects these structures up to 10 levels deep, detecting malware hidden in keys like custom_css, custom_js, callback, raw_html, and more.
Performance You Can Trust
- Scans approximately 100 posts in 30–60 seconds on shared hosting
- Auto-throttling prevents timeouts and resource exhaustion
- Resumable scans survive server restarts
- Safe Mode activates automatically for large sites (over 2 million rows)
Developer-Friendly
Content Guard Pro provides hooks and filters for customization:
content_guard_pro_loaded— Plugin initializationcontent_guard_pro_finding_saved— After a finding is storedcontent_guard_pro_detection_patterns— Modify or add detection rulescontent_guard_pro_allowlist_domains— Programmatic domain allowlisting
REST API available at /wp-json/content-guard-pro/v1/findings for programmatic access (Premium Agency+ tiers).
External Services & Privacy
API Connection:
This plugin connects to Content Guard Pro API (api.contentguardpro.com) for:
- Free tier activation tracking (site URL, WP version, PHP version, plugin version)
- License validation when a paid license key is entered
What is sent: Site URL, site name, WordPress version, PHP version, plugin version, and admin email (free tier only). Sent once on activation via asynchronous, non-blocking request.
Privacy: All data sent over HTTPS. No post content or scan data is ever transmitted. All scanning happens locally on your server.
Service provider: Content Guard Pro Team
Terms: https://contentguardpro.com/terms
Privacy Policy: https://contentguardpro.com/privacy
Documentation & Support
- Documentation: https://contentguardpro.com/docs
- Support Forum: https://wordpress.org/support/plugin/content-guard-pro/
- Bug Reports: WordPress.org support forum
ພາບໜ້າຈໍ
Security Dashboard — Overview of your site’s security health showing active threats, recent scan activity, and overall content security status. 
Database Malware Scanner — Run comprehensive scans of your WordPress database or configure real-time scanning when posts are saved. 
Scan History & Audit Trail — Complete record of all security scans with status, duration, and findings count for compliance tracking. 
Finding Details with Confidence Scoring — Deep analysis of each detected threat including severity level, confidence score (0-100), exact location, and remediation steps. 
Security Reports & Analytics — Visual breakdown of threat trends, severity distribution, and scan metrics over time. 
Detection Patterns & Allowlist Management — Configure detection rules and allowlist trusted domains to prevent false positives. 
Pattern Tester — Test custom detection rules against sample content before deploying them to production. 
Scanner Settings & Configuration — Customize scan performance, notification preferences, and system settings for your hosting environment. 
System Diagnostics — Monitor plugin health, memory usage, and background worker status for optimal scanner performance. 
Help Center — Access documentation, support forums, and troubleshooting guides directly from your WordPress dashboard. 
Admin Bar Security Alerts — Unobtrusive notification badge showing critical findings count so you can take immediate action. 
Gutenberg Block Editor Integration — Real-time malware scanning directly within the Block Editor as you create and edit content. 
Classic Editor Security Panel — Full scanning support for the Classic Editor with a dedicated meta box displaying findings. 
Contextual Threat Explanation — Understand exactly why content was flagged with detailed analysis of the detected threat vector.
ການຕິດຕັ້ງ
Automatic Installation (Recommended)
- In your WordPress admin, go to Plugins Add New
- Search for “Content Guard Pro”
- Click “Install Now” and then “Activate”
- The setup wizard will guide you through initial configuration
Manual Installation
- Download the plugin ZIP file
- Go to Plugins Add New Upload Plugin
- Upload the ZIP file and click “Install Now”
- Activate the plugin
After Activation
- Follow the setup wizard to configure scanning preferences
- Enable admin alerts for Critical findings (recommended)
- Run your first scan to establish a security baseline
ຄຳຖາມທີ່ພົບເລື້ອຍ
-
Does this replace Wordfence or Sucuri?
-
No — and it’s not meant to. Wordfence, Sucuri, and similar plugins are excellent at scanning files. Content Guard Pro scans your WordPress database, which file-based plugins don’t inspect. Use them together for complete coverage. Think of it as adding database forensics to your existing security toolkit.
-
Will running a malware scan slow down my site?
-
No. Scans run in background batches with auto-throttling to prevent performance impact. On-save scans complete in under 5 seconds. Your site stays fast for visitors while the scanner works behind the scenes.
-
What kind of malware and spam does it detect in the database?
-
Content Guard Pro detects hidden spam links, SEO injections (pharma, casino, crypto keywords), obfuscated JavaScript, suspicious iframes and external scripts, URL shortener redirects, serialized PHP malware in postmeta, cryptocurrency miners, and multi-layer encoded attacks using Base64, ROT13, hex, and other obfuscation techniques.
-
Does it scan Gutenberg blocks and page builder content?
-
Yes. Content Guard Pro includes a recursive Gutenberg block parser that inspects nested blocks where malware often hides. It also safely inspects serialized data from page builders like Elementor. Classic Editor content is fully supported too.
-
What is the difference between Quick Scan and Standard Scan?
-
Quick Scan (Free) scans the wp_posts table covering posts, pages, and custom post types. Standard Scan (Premium) adds postmeta and options table scanning for deeper database malware detection.
-
How does it handle false positives?
-
Content Guard Pro uses accessibility-aware detection rules that respect screen reader classes like
.sr-only. You can configure domain allowlists and mark any finding as “Ignore.” Each finding includes a confidence score (0–100) so you can quickly distinguish real threats from noise. -
Does it automatically delete content from my database?
-
Never. Content Guard Pro is non-destructive by design. You review findings and decide what action to take. Premium users get quarantine functionality that neutralizes threats without deleting content.
-
Can I use this for cleaning a hacked WordPress site?
-
Yes. Content Guard Pro is specifically useful for post-hack cleanup because it finds database-resident malware that file scanners miss. Run a scan after cleaning files to make sure no hidden spam links or injected content remain in your posts and metadata.
-
Hidden spam links and SEO injections in your database content are a common cause of Google penalties and search ranking drops. Content Guard Pro detects these threats so you can remove them before they damage your SEO or trigger manual actions from Google.
-
Does it work on WordPress multisite?
-
Yes. Content Guard Pro works on multisite installations with each subsite scanned independently. Network-wide administration is on the roadmap.
-
What PHP and WordPress versions are required?
-
WordPress 6.1+ and PHP 8.0+. We recommend keeping both up to date for best security and performance.
-
Does it create database tables?
-
Content Guard Pro creates three custom tables:
{prefix}content_guard_pro_findingsfor security findings,{prefix}content_guard_pro_scansfor scan history, and{prefix}content_guard_pro_audit_logfor activity tracking. All tables are removed on uninstall unless you enable “Preserve Data” in settings. -
Are there hooks and filters for developers?
-
Yes. Key hooks include
content_guard_pro_loaded,content_guard_pro_finding_saved,content_guard_pro_detection_patterns, andcontent_guard_pro_allowlist_domains. Full documentation at contentguardpro.com/docs. -
Where can I get support?
-
Free support is available through the WordPress.org support forum. Documentation is at contentguardpro.com/docs. Premium users get email support with priority response times.
ການຣີວິວ
ບໍ່ມີການຣີວິວສຳລັບປລັກອິນນີ້.
ຜູ້ຮ່ວມພັດທະນາ ແລະ ຜູ້ພັດທະນາ
“Content Guard Pro – Database Malware Scanner & Spam Detector” ແມ່ນຊອຟແວໂອເພັນຊອດ (Open Source). ບຸກຄົນຕໍ່ໄປນີ້ໄດ້ມີສ່ວນຮ່ວມໃນການພັດທະນາປລັກອິນນີ້.
ຜູ້ຮ່ວມພັດທະນາ
ແປ “Content Guard Pro – Database Malware Scanner & Spam Detector” ເປັນພາສາຂອງເຈົ້າ.
ສົນໃຈຮ່ວມພັດທະນາບໍ່?
ເບິ່ງລະຫັດ, ກວດເບິ່ງ ຄັງເກັບ SVN, ຫຼື ຕິດຕາມ ບັນທຶກການພັດທະນາ ຜ່ານ RSS.
ບັນທຶກການປ່ຽນແປງ
1.0.6
- Minor fixes to scan functionality.
1.0.5
- Minor fixes to scan functionality.
1.0.4
- Minor fixes to scan functionality (removed duplicated scans).
1.0.3
- NEW: Serialized Data Inspector — Detects malware hidden in serialized PHP arrays (postmeta, options, Elementor data) with safe unserialization, recursive traversal up to 10 levels deep, and dangerous key detection.
- NEW: Multi-Layer Malware Decoder — Automatically peels back up to 3 layers of obfuscation across 6 encoding types: Base64, URL encoding, HTML entities, ROT13, hex, and octal strings.
- NEW: Advanced Obfuscation Detection — Detects chained dangerous functions, triple nested decoding, ROT13+Base64 chains, hex/octal in eval(), and gzinflate+Base64 attacks.
- ENHANCED: Detection Engine — Scans both original and decoded content for significantly improved malware detection.
1.0.2
- Minor fixes.
1.0.1
- Minor fixes.
1.0.0
- Initial release — Database malware scanning, Gutenberg block parsing, real-time on-save scanning, confidence scoring, admin alerts, REST API, auto-throttling, audit trail, setup wizard, allowlist/denylist management, and 20+ detection patterns.