Content Guard Pro – Database Malware Scanner, Spam Scanner & Security

by contentguardpro

Description

Content Guard Pro is a database malware scanner and WordPress security plugin built for threats hiding in database content. It scans posts, pages, custom post types, and Gutenberg blocks for hidden SEO spam, malicious scripts, suspicious iframes, encoded payloads, and spam links that file-only scanners can miss.

Use it to find database malware after a hacked-site cleanup, catch cloaked spam before Google does, and review suspicious content before or after publishing. Content Guard Pro is built for agencies, site owners, and WordPress professionals who need visibility into the content layer of WordPress security.

What this WordPress malware scanner detects

Hidden spam links and cloaked content using CSS tricks such as display:none, visibility:hidden, opacity:0, and font-size:0
SEO spam injections including pharma, casino, crypto, gambling, and redirect spam
Suspicious external scripts, iframes, and links in posts and blocks
Obfuscated JavaScript such as eval(), fromCharCode(), Base64-encoded payloads, and data: URIs
URL shorteners and redirectors hiding final destinations
Cryptocurrency miner patterns
Multi-layer encoded content that needs decoding before review
Serialized malware in postmeta, selected options, and Elementor data when Standard Scan is enabled

Why Content Guard Pro is different

Most WordPress security plugins focus on files, login protection, firewalls, or vulnerability checks. Content Guard Pro adds database-first scanning for the places where attackers often hide content spam and SEO malware: post content, Gutenberg blocks, and deeper WordPress database fields.

It is designed to complement file scanning, not replace it.

Free plugin features

Quick Scan for wp_posts content, including posts, pages, and custom post types
Gutenberg-aware scanning with recursive block parsing
Classic Editor and Block Editor single post scanning on save
Confidence scores and severity labels to help prioritize review
Admin notices, admin bar alerts, and dashboard summary
30-day scan history
Allowlist and denylist controls to reduce false positives
Unlimited manual scans

Premium adds deeper WordPress security scanning

Standard Scan for postmeta and selected options data
Elementor and deeper database scanning beyond wp_posts
Scheduled daily scans
Non-destructive quarantine
Email alerts and webhooks
Reputation checking and faster rule updates
CSV/JSON export and REST API access on higher tiers

Built for real WordPress cleanup work

Content Guard Pro is useful when:
* Google flags hidden spam or SEO injections but file scans look clean
* A hacked site is cleaned and you want to verify nothing malicious remains inside posts or metadata
* You manage client sites and need a database malware scanner alongside your existing WordPress security stack
* You want to review risky content in Gutenberg before publishing

Low-noise findings

Content Guard Pro uses confidence scoring, accessibility-aware rules, and allowlists so you can review suspicious content faster and spend less time on obvious false positives.

External services & privacy

This plugin can optionally connect to the Content Guard Pro cloud service for detection rule updates and security advisories. The plugin also supports anonymous telemetry only if you explicitly opt in. The plugin works fully offline with bundled rules.

When you opt in, the service may receive site URL, site name, WordPress version, PHP version, plugin version, and optional email preferences you explicitly submit. Anonymous telemetry may include scan counts and duration. Post content, scan results, database contents, passwords, and visitor data are never sent.

Scanning runs locally on your server.

Terms: https://contentguardpro.com/terms
Privacy Policy: https://contentguardpro.com/privacy

Documentation & support

Documentation: https://contentguardpro.com/docs
Support forum: https://wordpress.org/support/plugin/content-guard-pro/

Installation

Automatic Installation (Recommended)

In your WordPress admin, go to Plugins Add New
Search for “Content Guard Pro”
Click “Install Now” and then “Activate”
The setup wizard will guide you through initial configuration

Manual Installation

Download the plugin ZIP file
Go to Plugins Add New Upload Plugin
Upload the ZIP file and click “Install Now”
Activate the plugin

After Activation

Follow the setup wizard to configure scanning preferences
Enable admin alerts for Critical findings (recommended)
Run your first scan to establish a security baseline

Screenshots

Security Dashboard — Overview of your site's security health showing active threats, recent scan activity, and overall content security status.
Database Malware Scanner — Run comprehensive scans of your WordPress database or configure real-time scanning when posts are saved.
Scan History & Audit Trail — Complete record of all security scans with status, duration, and findings count for compliance tracking.
Finding Details with Confidence Scoring — Deep analysis of each detected threat including severity level, confidence score (0-100), exact location, and remediation steps.
Security Reports & Analytics — Visual breakdown of threat trends, severity distribution, and scan metrics over time.
Detection Patterns & Allowlist Management — Configure detection rules and allowlist trusted domains to prevent false positives.
Pattern Tester — Test custom detection rules against sample content before deploying them to production.
Scanner Settings & Configuration — Customize scan performance, notification preferences, and system settings for your hosting environment.
System Diagnostics — Monitor plugin health, memory usage, and background worker status for optimal scanner performance.
Help Center — Access documentation, support forums, and troubleshooting guides directly from your WordPress dashboard.
Admin Bar Security Alerts — Unobtrusive notification badge showing critical findings count so you can take immediate action.
Gutenberg Block Editor Integration — Real-time malware scanning directly within the Block Editor as you create and edit content.
Classic Editor Security Panel — Full scanning support for the Classic Editor with a dedicated meta box displaying findings.
Contextual Threat Explanation — Understand exactly why content was flagged with detailed analysis of the detected threat vector.

Faq

What does this WordPress malware scanner scan in the free version?

The free WordPress.org version includes Quick Scan for wp_posts. That covers posts, pages, and custom post types, including Gutenberg block content. It also includes on-save single post scans.

What does Standard Scan add?

Standard Scan adds deeper database scanning for postmeta and selected options data. This helps find malware and spam hidden outside the main post content.

Can it find hidden SEO spam in WordPress posts and pages?

Yes. Content Guard Pro is built to detect hidden links, cloaked content, spam keywords, redirects, and malicious scripts stored in WordPress content.

Does it scan Gutenberg blocks?

Yes. Content Guard Pro parses nested Gutenberg blocks and scans the rendered content structure for suspicious links, scripts, spam, and encoded payloads.

Does it scan Classic Editor or page builder data?

Yes. Single post scanning supports the Classic Editor and Block Editor. Standard Scan also inspects deeper database fields such as postmeta and selected options, including Elementor data.

Does it replace my firewall or file scanner?

No. Content Guard Pro is a database-first WordPress security scanner. It works best alongside file scanners, firewalls, login protection, and vulnerability scanners.

How does it reduce false positives?

Content Guard Pro uses confidence scoring, allowlists, and accessibility-aware detection rules so trusted content is less likely to be flagged.

Will scans slow down my site?

Scans run in background batches with auto-throttling. On-save scans are designed for quick feedback, while full scans are tuned to work on typical WordPress hosting.

Does it delete content automatically?

No. Content Guard Pro is non-destructive by design. You review findings first. Premium plans add quarantine tools that neutralize risky content without deleting it from the database.

Can I use it after cleaning a hacked WordPress site?

Yes. This is one of the main use cases. After file cleanup, run a Content Guard Pro scan to look for database malware, SEO spam, hidden links, and injected scripts that may still remain in WordPress content.

Does it work with multisite?

Yes. Sites in a multisite environment can be scanned individually.

Does this replace Wordfence or Sucuri?

No — and it’s not meant to. Wordfence, Sucuri, and similar plugins are excellent at scanning files. Content Guard Pro scans your WordPress database, which file-based plugins don’t inspect. Use them together for complete coverage. Think of it as adding database forensics to your existing security toolkit.

Reviews

Changelog

1.1.0

Preventing scan duplication.
Cloud Security (optional) integration

1.0.6

Minor fixes to scan functionality.

1.0.5

Minor fixes to scan functionality.

1.0.4

Minor fixes to scan functionality (removed duplicated scans).

1.0.3

NEW: Serialized Data Inspector — Detects malware hidden in serialized PHP arrays (postmeta, options, Elementor data) with safe unserialization, recursive traversal up to 10 levels deep, and dangerous key detection.
NEW: Multi-Layer Malware Decoder — Automatically peels back up to 3 layers of obfuscation across 6 encoding types: Base64, URL encoding, HTML entities, ROT13, hex, and octal strings.
NEW: Advanced Obfuscation Detection — Detects chained dangerous functions, triple nested decoding, ROT13+Base64 chains, hex/octal in eval(), and gzinflate+Base64 attacks.
ENHANCED: Detection Engine — Scans both original and decoded content for significantly improved malware detection.

1.0.2

Minor fixes.

1.0.1

Minor fixes.

1.0.0

Initial release — Database malware scanning, Gutenberg block parsing, real-time on-save scanning, confidence scoring, admin alerts, REST API, auto-throttling, audit trail, setup wizard, allowlist/denylist management, and 20+ detection patterns.