Beschrijving
Content Guard Pro
Beschrijving
Protect your WordPress content where traditional scanners fail.
Content Guard Pro is the database-first security scanner designed to detect malicious content, spam links, and SEO injections that hide inside your posts, pages, and blocks.
While file scanners protect your code, Content Guard Pro protects your content. Attackers increasingly target the database—injecting spam into Gutenberg blocks, hiding SEO links in post meta, and burying obfuscated scripts in custom fields. Content Guard Pro finds and neutralizes these threats.
Why Content Guard Pro?
Many site owners discover that spam and malware bypass file scanners by injecting directly into:
* Post content (especially nested Gutenberg blocks)
* Custom field metadata (hidden SEO spam)
* Widget content (malicious scripts)
* Options table entries (persistent injections)
Content Guard Pro is built to find these database-resident threats that other tools miss.
External Services
This plugin connects to the Content Guard Pro API service (api.contentguardpro.com) for free tier activation tracking.
What the service is used for:
* Free tier activation registration (for tracking plugin installations and statistics)
What data is sent and when:
* On plugin activation (free tier): Site URL, site name, WordPress version, PHP version, plugin version, and admin email address are sent once to register the installation. This registration is asynchronous (5-second delay) and non-blocking—plugin activation succeeds even if the API call fails.
Data transmission:
* All data is sent over HTTPS (encrypted connection)
* Registration occurs automatically on plugin activation
* License validation occurs when a license key is entered in settings
* No content or post data is ever transmitted to the API
Service provider:
* Content Guard Pro API service provided by Content Guard Pro Team
* Terms of Service: https://contentguardpro.com/terms
* Privacy Policy: https://contentguardpro.com/privacy
Privacy Policy
Content Guard Pro is designed with privacy in mind:
Data Collection:
– The plugin does NOT collect or transmit any data by default
– All scanning happens locally on your WordPress server
– No external API calls unless you explicitly enable optional integrations
Data Storage:
– Findings and scan history stored in your WordPress database
– Audit logs retained for 365 days (configurable)
Technical Specifications
Database Tables:
– {prefix}content_guard_pro__findings – Security findings with confidence scores
– {prefix}content_guard_pro__scans – Scan history and performance metrics
– {prefix}content_guard_pro__audit_log – Activity tracking for forensics and rollback
Hooks & Filters:
– content_guard_pro_loaded – Fires when plugin is fully initialized
– content_guard_pro_finding_saved – Fires when a new finding is saved
– content_guard_pro_detection_patterns – Filter or extend detection rules
– content_guard_pro_allowlist_domains – Filter allowlist domains
REST API:
– GET /wp-json/content-guard-pro/v1/findings – Query findings with filters and pagination
WP-CLI Commands:
– Coming in future release
Action Scheduler:
– Uses Action Scheduler for reliable background job processing
– Resumable scans survive server timeouts
– Configurable batch size and delay
Credits
Development Team:
– Content Guard Pro Team
Built With:
– WordPress Core APIs
– Action Scheduler
Special Thanks:
– WordPress community for feedback and testing
– Security researchers who contributed detection patterns
– Beta testers who helped refine the plugin
Support
Need help? We’re here for you:
- Documentation: https://contentguardpro.com/docs
- Support Forum: https://wordpress.org/support/plugin/content-guard-pro/
- Bug Reports: Use the support forum or GitHub issues
- Feature Requests: We’d love to hear your ideas!
Roadmap
Upcoming Features:
– Additional page builder support (Divi, Beaver Builder)
– Advanced Custom Fields (ACF) deep scanning
– WooCommerce product content scanning
– Comments and user meta scanning
– Custom table scanning
– WP-CLI interface
– PDF report generation
– Advanced pattern editor with YAML/JSON
– Network-wide multisite administration
– Community pattern sharing
– Automated pattern updates
Want to influence our roadmap? Let us know what features matter most to you!
Schermafbeeldingen
Dashboard – Security Overview – Real-time view of your site’s security health, active threats, and recent scan activity. 
Scan Center – Run comprehensive manual scans or configure real-time protection settings for your content. 
Scan History – Complete audit trail of all scan operations with detailed status, duration, and findings summary. 
Finding Details – Deep dive into detected threats with confidence scoring, threat location, and specific remediation steps. 
Security Reports – Visual analytics of your security posture, showing threat trends, severity distribution, and scan metrics. 
Patterns & Allowlist – Manage detection rules and configure allowlists to prevent false positives for trusted domains. 
Pattern Tester – Verify your custom detection rules against sample content to verify accuracy before deployment. 
Settings & Configuration – Customize scanner performance, notification channels, and system preferences to match your hosting environment. 
System Diagnostics – Monitor plugin health, memory usage, and background worker status for optimal performance. 
Help Center – Access comprehensive documentation, support forums, and troubleshooting guides directly from your dashboard. 
Smart Admin Alerts – Get unobtrusive notifications for critical findings so you can take immediate action. 
Gutenberg Integration – Real-time content scanning directly within the Block Editor. 
Classic Editor Support – Full security scanning support for the Classic Editor with a dedicated meta box for findings. 
Contextual Threat Analysis – Understand why content was flagged with detailed explanations of the detected threat vectors.
Installatie
Automatic Installation
- Log in to your WordPress admin panel
- Navigate to Plugins Add New
- Search for “Content Guard Pro”
- Click “Install Now” and then “Activate”
- Follow the setup wizard to configure your preferences
Manual Installation
- Download the plugin ZIP file
- Log in to your WordPress admin panel
- Navigate to Plugins Add New Upload Plugin
- Choose the downloaded ZIP file and click “Install Now”
- Click “Activate Plugin”
- Follow the setup wizard to configure your preferences
After Activation
- The setup wizard will guide you through initial configuration
- Configure alert preferences (admin notices)
- Run your first scan to establish a baseline
FAQ
Does this plugin scan files?
No. Content Guard Pro is specifically designed to scan database content where traditional file scanners don’t look. It complements (not replaces) file-based security plugins like Wordfence or Sucuri.
Will it slow down my site?
No. Scans run in the background using WordPress’s Action Scheduler. The auto-throttling system ensures scans never impact your site’s performance. Real-time on-save scans complete in under 5 seconds.
How do I handle detected threats?
When threats are detected, you can:
– Review findings with detailed information and confidence scores
– Edit posts directly to remove malicious content
– Ignore findings if they are false positives
– Use WordPress’s built-in revision system to restore previous versionsDoes it work with Gutenberg?
Yes! Content Guard Pro has deep Gutenberg integration. It recursively parses and scans all block content, including innerHTML, attributes, and nested blocks.
Does it work with page builders?
Content Guard Pro scans post content including Gutenberg blocks. Support for page builders like Elementor, Divi, and Beaver Builder is planned for future releases.
What about false positives?
Content Guard Pro uses accessibility-aware rules and respects allowlists to minimize false positives. You can:
– Add trusted domains to the allowlist
– Ignore individual findings
– Adjust detection sensitivity
– Review confidence scores before taking actionCan I scan custom post types?
Yes. Content Guard Pro scans all post types by default (posts, pages, and custom post types).
Does it scan comments or user profiles?
Not in the current version. Content Guard Pro focuses on posts, pages, custom fields, and selected options. Comment and user profile scanning may be added in future versions.
What are the system requirements?
- WordPress 6.1 or higher
- PHP 8.0 or higher
- MySQL 5.6 or higher (or MariaDB equivalent)
- Recommended: 64MB+ PHP memory limit
Yes! Content Guard Pro is specifically designed to work reliably on shared hosting. The auto-throttling system adapts to your server’s capabilities.
Does it work on multisite?
Yes. Each site in a multisite network can be scanned independently. Network-wide administration features may be added in future versions.
How do I get support?
- Documentation: Visit https://contentguardpro.com/docs
- Support Forum: Use the WordPress.org support forum
Can I contribute?
Yes! Content Guard Pro welcomes community contributions:
– Report bugs via the support forum
– Suggest features and improvements
– Share custom detection patterns
– Help with translations
Beoordelingen
Er zijn geen beoordelingen voor deze plugin.
Bijdragers & ontwikkelaars
“Content Guard Pro” is open source software. De volgende personen hebben bijgedragen aan deze plugin.
Bijdragers
Vertaal “Content Guard Pro” in je eigen taal.
Interesse in ontwikkeling?
Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.
Changelog
1.0.3
- NEW: Serialized Data Inspector – Advanced serialized array scanning to detect malware hidden in wp_postmeta, wp_options, and Elementor data
- Safe unserialization with error handling to prevent PHP crashes
- Recursive array traversal up to 10 levels deep with path tracking
- Dangerous key detection: custom_css, custom_js, callback, eval, exec, raw_html, and 20+ others
- Automatic confidence boost (+15) for findings in high-risk array keys
- Nested JSON decoding for Elementor widget structures
- Graceful handling of invalid/corrupted serialized data
- Full integration with multi-layer decoder (scans all string values)
- NEW: Multi-Layer Malware Decoder – Advanced recursive decoding system that automatically peels back multiple layers of obfuscation to reveal hidden threats
- Supports 6 encoding types: Base64, URL encoding (%XX), HTML entities (&xxx;), ROT13, hex strings (\xXX), and octal strings (\XXX)
- Recursively decodes through up to 3 layers with safety protections (max depth, size limits, timeout protection)
- Entropy analysis and validation to reduce false positives
- Automatic confidence boost (+20) for findings in multi-layer encoded content
- NEW: Advanced Obfuscation Detection Patterns:
- Chained dangerous functions:
eval(base64_decode(...)) - Triple nested decoding:
eval(base64_decode(str_rot13(...))) - ROT13 + Base64 chains
- Hex/octal strings in eval()
- Double Base64 decoding
- gzinflate + Base64 compression attacks
- preg_replace with /e modifier (code execution via regex)
- Chained dangerous functions:
- ENHANCED: Detection Engine – Scans both original and decoded content, significantly improving detection of sophisticated WordPress malware
- ENHANCED: Finding Metadata – Findings now include encoding layer information (layers, depth, suspicious flag) for better threat analysis
- ENHANCED: Scanner Integration – Serialized data inspection now automatic for all postmeta and options scanning
- ENHANCED: Threat Context – Findings include serialized_path metadata showing exact location in nested arrays
1.0.2
- Minor fixes
1.0.1
- Minor fixes
1.0.0
- Initial release
- Database scanning engine with Quick Scan mode (posts scanning)
- Gutenberg block parsing and analysis
- Real-time on-save scanning
- Manual scan initiation
- Admin notices for Critical findings
- Admin bar badge with critical count
- Dashboard widget
- Comprehensive findings reporting
- REST API for findings
- Auto-throttling and Safe Mode
- Audit trail for activity tracking
- Setup wizard with sensible defaults
- Bulk operations (Ignore, Delete)
- Allow/Deny list management
- Diagnostics and system checks
- Help documentation and FAQ
- Detection Patterns:
- External scripts/iframes with domain allowlist
- Hidden/cloaked content with CSS detection
- URL shorteners and redirectors
- SEO spam keywords with word boundary matching
- Obfuscated JavaScript (fromCharCode, base64, eval)
- Anomalous link profiles
- Inline event handlers (onclick, onerror, onload, etc.)
- document.write() injection
- javascript: URI detection
- Object/Embed/Applet tag scanning
- Meta refresh redirect detection
- PHP dangerous function patterns
- Extended CSS cloaking (opacity, font-size, clip, z-index)
- SVG with embedded scripts
- Cryptocurrency miner detection
- JavaScript redirect detection
- HTML entity decoding for encoded attacks
- Multi-layer obfuscation decoding (Base64, ROT13, hex, octal – up to 3 layers)
- Chained encoding patterns (eval+base64_decode, triple nesting, compression attacks)
