Content Guard Pro – Database Malware Scanner & SEO Spam Detection for WordPress
| 开发者 | contentguardpro |
|---|---|
| 更新时间 | 2026年4月20日 05:40 |
| PHP版本: | 8.0 及以上 |
| WordPress版本: | 6.9 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
- Hidden spam links and cloaked content using CSS tricks such as display:none, visibility:hidden, opacity:0, and font-size:0
- SEO spam injections including pharma, casino, crypto, gambling, and redirect spam
- Japanese keyword hack content and cloaked search-result spam
- Suspicious external scripts, iframes, and links in posts and blocks
- Obfuscated JavaScript such as eval(), fromCharCode(), Base64-encoded payloads, and data: URIs
- URL shorteners and redirectors hiding final destinations
- Cryptocurrency miner patterns
- Multi-layer encoded content that needs decoding before review
- Serialized malware in postmeta, selected options, and Elementor data when Standard Scan is enabled
- Quick Scan for wp_posts content, including posts, pages, and custom post types
- WordPress malware removal workflow with review-first, non-destructive handling
- Gutenberg-aware scanning with recursive block parsing
- Classic Editor and Block Editor single post scanning on save
- Confidence scores and severity labels to help prioritize review
- Admin notices, admin bar alerts, and dashboard summary
- 30-day scan history
- Allowlist and denylist controls to reduce false positives
- Unlimited manual scans
- Standard Scan for postmeta and selected options data
- Elementor and deeper database scanning beyond wp_posts
- Scheduled daily scans
- Non-destructive quarantine
- Email alerts and webhooks
- Reputation checking and faster rule updates
- CSV/JSON export and REST API access on higher tiers
- Google flags hidden spam or redirects but file scans look clean
- A hacked site is cleaned and you want to verify nothing malicious remains in posts or metadata
- You need a database malware scanner alongside your existing WordPress security stack
- You want to review risky Gutenberg or Classic Editor content before publishing
- You inherit a site from another agency and need to check what's actually in the database
安装:
- In your WordPress admin, go to Plugins → Add New
- Search for "Content Guard Pro"
- Click "Install Now" and then "Activate"
- The setup wizard will guide you through initial configuration
- Download the plugin ZIP file
- Go to Plugins → Add New → Upload Plugin
- Upload the ZIP file and click "Install Now"
- Activate the plugin
- Follow the setup wizard to configure scanning preferences
- Enable admin alerts for Critical findings (recommended)
- Run your first scan to establish a security baseline
屏幕截图:
常见问题:
What does this WordPress malware scanner scan in the free version?
The free WordPress.org version includes Quick Scan for wp_posts. That covers posts, pages, custom post types, and Gutenberg block content. It also includes on-save single post scans.
What does Standard Scan add?
Standard Scan adds deeper database scanning for postmeta and selected options data. This helps find malware and spam hidden outside the main post content — including serialized data used by page builders such as Elementor.
Can it find hidden SEO spam in WordPress posts and pages?
Yes. Content Guard Pro is built to detect hidden links, cloaked content, spam keywords, redirects, and malicious scripts stored in WordPress content.
Does it scan Gutenberg, Classic Editor, or page builder data?
Yes. Free scans cover Gutenberg content plus on-save scanning in the Block Editor and Classic Editor. Standard Scan also inspects deeper database fields such as postmeta and selected options, including Elementor data.
Does Content Guard Pro detect Japanese keyword hacks?
Yes. The Japanese keyword hack typically injects spam content into wp_posts and wp_options, which is exactly what Content Guard Pro scans. File-based scanners often miss this type of hack because the malicious content lives in the database, not in files.
My file scanner says my site is clean but Google still flagged it for spam. What now?
This is one of the most common reasons people install Content Guard Pro. When files come back clean but Google detects spam, the malicious content is almost always in the database — inside posts, postmeta, or widget options. Run a Quick Scan to check posts and Gutenberg blocks; upgrade to Standard Scan if you also need postmeta and options coverage.
Can it find pharma spam hidden in WordPress posts?
Yes. Pharma spam is a recurring SEO injection pattern that hides drug-name keywords and outbound links inside existing posts, often using CSS tricks such as display:none or off-screen positioning. Content Guard Pro's pharma detection rules look for these patterns directly in post content, titles, and excerpts.
How is this different from Wordfence or Sucuri?
Wordfence, Sucuri, and similar plugins are excellent at scanning files and blocking attacks at the firewall level. Content Guard Pro scans the WordPress database — posts, postmeta, and selected options — which file-based plugins don't inspect. Use them together for complete coverage. Think of it as adding database forensics to your existing security toolkit.
Does it replace my firewall or file scanner?
No. Content Guard Pro is a database-first WordPress security scanner. It works best alongside file scanners, firewalls, login protection, and vulnerability scanners such as Wordfence or Sucuri.
Will scans slow down my site?
Scans run in background batches with auto-throttling. On-save scans are designed for quick feedback, while full scans are tuned to work on typical WordPress hosting.
Does it delete content automatically?
No. Content Guard Pro is non-destructive by design. You review findings first. Premium plans add quarantine tools that neutralize risky content without deleting it from the database.
Can I use it after cleaning a hacked WordPress site?
Yes. This is one of the main use cases. After file cleanup, run a Content Guard Pro scan to look for database malware, SEO spam, hidden links, and injected scripts that may still remain in WordPress content.
更新日志:
- Fewer false positives across common editorial patterns — refined detection heuristics better distinguish legitimate content from spam injection patterns.
- Improved scan accuracy on link-heavy pages through tuned anomalous link profile scoring.
- Scan engine stability and minor performance improvements on large batch runs.
- Improved reporting and dashboard to better visualize site health
- Fixed anomalous link profile detection so allowlisted domains no longer inflate suspicious link ratio checks.
- Improved findings filtering, pagination, and scan summaries for faster review after each scan.
- Clarified email alert recipient settings for the site admin email and additional recipients.
- Prevented duplicate scans for cleaner scan history and more reliable reporting.
- Added optional cloud security integration for rule updates and security advisories.
- Minor scan stability fixes.
- Added serialized data inspection for malware hidden in postmeta, selected options, and Elementor data.
- Added multi-layer decoding and deeper obfuscation detection for Base64, URL encoding, HTML entities, ROT13, hex, and octal payloads.
- Initial release — WordPress database malware scanning, Gutenberg block parsing, on-save scanning, confidence scoring, admin alerts, REST API, audit trail, and allowlist/denylist management.