Content Guard Pro – Database Malware Scanner & SEO Spam Detector
File scanner clean but Google still shows spam?
File scanner says your WordPress site is clean, but Google still shows spam pages, strange redirects, pharma keywords, hidden links, or Japanese keyword hack results?
Content Guard Pro scans the WordPress database for hidden SEO spam, malicious scripts, suspicious iframes, spam links, encoded payloads, and cloaked content inside posts, pages, custom post types, titles, excerpts, and Gutenberg blocks.
Most WordPress security plugins focus on files, firewalls, login protection, or vulnerability checks. Content Guard Pro adds the missing database-content layer, so you can inspect the places attackers often abuse after a hacked-site cleanup: post content, block markup, titles, excerpts, and deeper database fields when Standard Scan is enabled.
What the free WordPress.org version scans
The free plugin includes Quick Scan for wp_posts, including:
- Posts, pages, and custom post types
- Post titles, excerpts, and post content
- Gutenberg block content stored in the database
- Classic Editor and Block Editor content during single-post scans
- Hidden links, suspicious scripts, iframes, SEO spam, and encoded payloads in supported content fields
The free version also includes unlimited manual scans, all findings visible, on-save single post scanning, confidence scores, severity labels, admin notices, dashboard alerts, 30-day scan history, and allowlist/denylist controls.
What this database malware scanner detects
Content Guard Pro helps find content-layer threats such as:
- Hidden SEO spam links and cloaked text using CSS tricks such as
display:none,visibility:hidden,opacity:0, off-screen positioning, and tiny or hidden elements - Pharma spam, casino spam, gambling spam, crypto spam, financial scam phrases, counterfeit goods spam, and redirect spam
- Japanese keyword hack content and cloaked search-result spam
- Suspicious external scripts, iframes, object/embed tags, and links in posts and blocks
- JavaScript redirects, meta refresh redirects,
javascript:links, and suspicious inline event handlers - Obfuscated JavaScript patterns such as
eval(),fromCharCode(),atob(), Base64 payloads, and largedata:URIs - URL shorteners and redirectors that hide the final destination
- Cryptocurrency miner patterns and known cryptojacking script indicators
- Encoded attacks hidden with HTML entities, URL encoding, Base64, ROT13, hex, or octal encoding
- Serialized malware in postmeta, selected options, and Elementor data when Standard Scan is enabled
When to use Content Guard Pro
Use Content Guard Pro when:
- Google flags hacked content, spam pages, or strange search results, but your file scanner looks clean
- You cleaned a hacked WordPress site and want to check whether spam remains in posts or blocks
- You inherited a client site and need to inspect the database content layer before making changes
- You see pharma keywords, Japanese keyword spam, casino links, hidden iframes, or suspicious redirects in search results
- You want to review risky Gutenberg or Classic Editor content before publishing
- You need a database malware scanner alongside your existing firewall, file scanner, and vulnerability scanner
Why database-first scanning matters
File scanners are important, but many SEO spam infections do not live in plugin files or theme files. Attackers often inject spam links, hidden text, malicious scripts, or redirect code directly into WordPress content stored in the database.
Content Guard Pro focuses on that content layer. It is designed to complement your existing security stack, not replace it.
Think of it as database forensics for WordPress content: scan posts, pages, custom post types, block markup, and deeper database fields with a scanner built specifically for content-resident threats.
Low-noise findings for real cleanup work
Not every external link or hidden element is malicious. Content Guard Pro uses confidence scores, Critical/Suspicious/Review severity labels, accessibility-aware rules, and allowlists to reduce obvious false positives.
Findings include the affected content location, matched rule, confidence score, context excerpt, and suggested next action so you can review problems faster.
Free plugin features
- Quick Scan for
wp_postscontent, including posts, pages, custom post types, titles, excerpts, and Gutenberg blocks - Unlimited manual scans
- All findings visible in the plugin dashboard
- Gutenberg-aware scanning with block parsing
- Classic Editor and Block Editor single-post scanning on save
- Confidence scores from 0 to 100
- Severity labels: Critical, Suspicious, and Review
- Admin notices for important findings
- Admin bar alerts and WordPress dashboard summary
- 30-day scan history
- Allowlist and denylist controls to reduce false positives
- One-click Edit Post workflow for manual cleanup
- Ignore/false-positive workflow for accepted findings
- Local scanning with bundled detection rules
Premium adds deeper database coverage
Premium plans add deeper coverage and workflow automation for site owners and agencies:
- Standard Scan for
wp_posts,wp_postmeta, and selectedwp_optionsdata - Deeper inspection of serialized data and Elementor data stored in postmeta
- Scheduled daily scans
- Non-destructive quarantine to neutralize risky content without deleting database content
- Revision-based rollback for affected posts
- Email alerts and daily digest emails
- Webhooks for agency monitoring on supported plans
- Reputation checks through supported security services
- Faster rule updates
- CSV/JSON export and REST API access on supported agency plans
- Extended scan history on paid plans
Privacy and external services
Content Guard Pro scans locally on your WordPress server and works without creating an account or connecting to the cloud service.
Optional external service: Content Guard Pro Cloud, provided by contentguardpro.com.
The optional cloud service can be used for rule-pack hints, community allowlist sync, optional anonymous telemetry, optional developer contact, and optional security newsletter preferences. It is consent-based and can be skipped.
If you choose to connect, the service may receive the site URL, site name, plugin version, WordPress version, PHP version, anonymous installation ID, consent choices, optional email address if you provide it, and anonymous scan metrics such as scan count, findings count, duration, and items scanned when telemetry is enabled.
Content Guard Pro does not send post content, database contents, matched excerpts, scan result details, usernames, passwords, payment details, visitor data, or stored customer data to the cloud service.
Terms: https://contentguardpro.com/terms Privacy Policy: https://contentguardpro.com/privacy
Documentation and support
Documentation: https://contentguardpro.com/docs Support forum: https://wordpress.org/support/plugin/content-guard-pro/