If you quarantine content by mistake or determine a finding was a false positive, you can restore it to normal rendering.
When to Restore #
Valid Reasons to Restore #
- False positive confirmed – The content was actually safe
- Quarantined in error – Wrong item selected
- Third-party service identified – Legitimate embed or script
- Testing complete – You quarantined for investigation purposes
Think Twice Before Restoring #
- Critical findings – Restore only after thorough investigation
- Reputation hits – Content flagged by Safe Browsing/PhishTank
- External scripts – Unless you verify the source
- Hidden links – Usually indicate SEO spam injection
Restoring a Single Item #
From Quarantine List #
1. Go to Content Guard Pro → Quarantine
2. Find the quarantined item
3. Click Restore in the actions column
4. Confirm the restoration
From Findings List #
1. Go to Content Guard Pro → Findings
2. Filter by Status: Quarantined
3. Find the finding
4. Click Restore
5. Confirm the action
Bulk Restore #
Restore Multiple Items #
1. Go to Content Guard Pro → Quarantine
2. Check boxes next to items to restore
3. Select Restore from Bulk Actions
4. Click Apply
5. Confirm bulk restoration
What Happens After Restore #
Immediate Effects #
1. Finding status changes from “Quarantined” to “Open”
2. Cache cleared for affected content
3. Audit log records the restoration
4. Content renders normally on next page view
The Content #
- Original content displays as stored in database
- Scripts, iframes, links function normally
- No modifications remain from quarantine
Verification Steps #
After restoring, verify the content:
For Posts #
1. Visit the post as a logged-out user
2. Check that content displays correctly
3. Verify embeds/scripts function (if legitimate)
For Scripts #
1. Use browser developer tools
2. Check Network tab for script loading
3. Verify script source is trusted
For Links #
1. Click restored links (carefully)
2. Verify destinations are legitimate
3. Check for unexpected redirects
Alternative to Restore: Ignore #
If you don’t want to restore but also don’t want to see the finding again:
1. Keep content quarantined (stays neutralized)
2. Mark finding as “Ignored”
3. Finding won’t appear in active findings list
This is useful when:
- Content was legitimately injected but you don’t want it
- You’re unsure and want to keep protection while hiding the alert
Restore and Re-scan #
After restoration, consider running a new scan:
1. Restore the content
2. Go to Content Guard Pro → Scans
3. Run a Quick Scan
4. Verify the finding doesn’t reappear (or if it does, re-evaluate)
Preventing Future False Positives #
If you restored due to a false positive:
Add to Allowlist #
For trusted domains/services:
1. Go to Content Guard Pro → Patterns
2. Add domain to Allowlist
3. Future scans won’t flag this domain
Report False Positive #
Help improve detection:
1. When ignoring a finding, select “Report as false positive”
2. Provide brief context
3. Helps refine detection patterns
Audit Trail #
All restore actions are logged:
- Who restored the content
- When restoration occurred
- Original quarantine details
- Reason (if provided)
View the audit trail:
1. Go to finding details
2. Click View History
3. See all status changes
Restore Limitations #
Cannot Restore #
- Findings that were edited (content changed manually)
- Items where the original post was deleted
- Options that were manually modified
Partial Restore #
If content was edited while quarantined:
- The quarantine filter is removed
- But manual edits remain
- Original malicious content (if removed) is gone
Safety Tips #
1. Never restore Critical findings without investigation
2. Verify domains before restoring external resources
3. Check reputation services for flagged URLs
4. Test on staging if unsure about restoration impact
5. Keep recent backup before restoring suspicious content
