=== Content Guard Pro ===
Contributors: contentguardpro
Tags: security, malware, spam, content-scanning, database-security
Requires at least: 6.1
Tested up to: 6.9
Requires PHP: 8.0
Stable tag: 1.0.2
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Advanced WordPress security plugin that detects and quarantines malicious content, spam links, and SEO injections stored in your WordPress database.

== Description ==

Content Guard Pro is a specialized WordPress security plugin focused on detecting and quarantining **malicious content, spam links, and SEO injections stored in the WordPress database**. Unlike traditional security plugins centered on file integrity and WAFs, Content Guard Pro targets **database-resident content**—posts, custom post types, and associated metadata—where attackers often hide spammy links, cloaked iframes, and obfuscated scripts.

= Key Features =

* **Database-First Scanning** - Scans wp_posts, wp_postmeta, and selected wp_options for malicious content
* **Gutenberg Block Parsing** - Deep analysis of block editor content with recursive block scanning
* **Low False Positives** - Accessibility-aware detection rules with configurable allowlists
* **Non-Destructive Quarantine** - Neutralizes threats without modifying database content
* **Real-Time Protection** - Scans content automatically when posts are saved or published
* **Smart Detection Patterns** - Identifies hidden links, external scripts, obfuscated code, and SEO spam
* **Reputation Checks** - Optional integration with Google Safe Browsing v5 and PhishTank
* **Performance-Conscious** - Auto-throttling, batch processing with resumable scans
* **Comprehensive Reporting** - Detailed findings with confidence scores and remediation guidance
* **Audit Trail** - Complete activity logging for forensic analysis and rollback support

= What Makes It Different? =

**Traditional security plugins focus on files.** Content Guard Pro focuses on your **content**.

Many site owners discover that spam and malware bypass file scanners by injecting directly into:
- Post content (especially Gutenberg blocks)
- Custom field metadata
- Widget content
- Options table entries

Content Guard Pro finds these database-resident threats that other tools miss.

= Target Users =

* Agencies and power users managing multiple WordPress sites
* Site owners who have experienced content-layer spam/malware
* E-commerce sites protecting reputation and SEO
* Membership sites with user-generated content concerns
* Anyone who wants database-level content security

= Detection Capabilities =

**What Content Guard Pro Detects:**

**Core Detection:**
* **Hidden/Cloaked Content** - `display:none`, `visibility:hidden`, negative positioning with external links
* **Suspicious External Resources** - `<iframe>`, `<script>`, and links to non-allowlisted domains
* **URL Shorteners** - bit.ly, t.co, is.gd, cutt.ly and other redirector services
* **SEO Spam** - Pharma, casino, essay, crypto keyword families
* **Obfuscated JavaScript** - `fromCharCode()`, base64→eval, large data: URLs
* **Anomalous Link Profiles** - Unusual external:internal link ratios
* **Reputation Threats** - Domains flagged by Google Safe Browsing or PhishTank

**Enhanced Detection:**
* **Inline Event Handlers** - onclick, onerror, onload, onmouseover and 30+ DOM events
* **document.write()** - Dynamic content injection commonly used in malware
* **javascript: URIs** - href="javascript:..." execution vectors
* **Object/Embed Tags** - `<object>`, `<embed>`, `<applet>` with external sources
* **Meta Refresh Redirects** - `<meta http-equiv="refresh">` redirect spam
* **PHP Function Patterns** - Dangerous functions in serialized data (eval, exec, base64_decode)
* **Extended CSS Cloaking** - opacity:0, font-size:0, text-indent:-9999px, clip:rect(), z-index:-1
* **SVG with Scripts** - SVG elements with embedded JavaScript or event handlers
* **Cryptocurrency Miners** - Coinhive, CryptoLoot, JSEcoin and other cryptojacking scripts
* **Expanded SEO Spam** - Additional pharma, gambling, financial scams, counterfeit goods, crypto scams

**Page Builder Support:**
* **Elementor** - Deep scanning of Elementor widget data and nested elements

= Scan Modes =

**Quick Scan** - Posts and pages only (faster, recommended for most sites)
**Standard Scan** - Posts, pages, custom fields, and allowlisted widgets (comprehensive)

= How It Works =

1. **Scan** - Choose Quick or Standard mode, run manual or scheduled scans
2. **Review** - Findings categorized as Critical, Suspicious, or Review with confidence scores
3. **Quarantine** - One-click non-destructive neutralization at render-time
4. **Remediate** - Direct edit links, revision rollback, bulk operations
5. **Monitor** - Email alerts, admin notices, webhook notifications for Critical findings

= Performance =

* Scans ~100 posts in 30-60 seconds on shared hosting
* Auto-throttling prevents resource overload
* Resumable batch processing survives timeouts
* Safe Mode for large sites (>2M content rows)

= Privacy & Data =

* All scanning happens on your server
* No data sent to external services (except optional reputation checks)
* API keys stored securely
* Optional anonymous telemetry (opt-in only)

== Installation ==

= Automatic Installation =

1. Log in to your WordPress admin panel
2. Navigate to Plugins → Add New
3. Search for "Content Guard Pro"
4. Click "Install Now" and then "Activate"
5. Follow the setup wizard to configure your preferences

= Manual Installation =

1. Download the plugin ZIP file
2. Log in to your WordPress admin panel
3. Navigate to Plugins → Add New → Upload Plugin
4. Choose the downloaded ZIP file and click "Install Now"
5. Click "Activate Plugin"
6. Follow the setup wizard to configure your preferences

= After Activation =

1. The setup wizard will guide you through initial configuration
2. Choose your scan mode (Quick or Standard)
3. Configure alert preferences (email, admin notices)
4. Set up scheduled scans (optional)
5. Run your first scan to establish a baseline

== Frequently Asked Questions ==

= Does this plugin scan files? =

No. Content Guard Pro is specifically designed to scan **database content** where traditional file scanners don't look. It complements (not replaces) file-based security plugins like Wordfence or Sucuri.

= Will it slow down my site? =

No. Scans run in the background using WordPress's Action Scheduler. The auto-throttling system ensures scans never impact your site's performance. Real-time on-save scans complete in under 5 seconds.

= What happens when content is quarantined? =

Quarantine is **non-destructive**. The database content remains unchanged, but malicious elements are neutralized when the content is displayed (render-time filtering). Scripts/iframes are stripped, and links are disabled with nofollow attributes.

= Can I restore quarantined content? =

Yes! Quarantined content can be un-quarantined instantly, or you can use WordPress's built-in revision system to restore previous versions of posts.

= Does it work with Gutenberg? =

Yes! Content Guard Pro has deep Gutenberg integration. It recursively parses and scans all block content, including innerHTML, attributes, and nested blocks.

= Does it work with page builders? =

Yes! Content Guard Pro supports **Elementor** with deep scanning of widget data and nested elements. Support for Divi and Beaver Builder is planned for future releases.

= What about false positives? =

Content Guard Pro uses accessibility-aware rules and respects allowlists to minimize false positives. You can:
- Add trusted domains to the allowlist
- Ignore individual findings
- Adjust detection sensitivity
- Review confidence scores before taking action

= Can I scan custom post types? =

Yes. Content Guard Pro scans all post types by default (posts, pages, and custom post types).

= Does it scan comments or user profiles? =

Not in the current version. Content Guard Pro focuses on posts, pages, custom fields, and selected options. Comment and user profile scanning may be added in future versions.

= What are the system requirements? =

- WordPress 6.1 or higher
- PHP 8.0 or higher
- MySQL 5.6 or higher (or MariaDB equivalent)
- Recommended: 64MB+ PHP memory limit

= Can I use it on shared hosting? =

Yes! Content Guard Pro is specifically designed to work reliably on shared hosting. The auto-throttling system adapts to your server's capabilities.

= Does it work on multisite? =

Yes. Each site in a multisite network can be scanned independently. Network-wide administration features may be added in future versions.

= How do I get support? =

- **Documentation**: Visit https://contentguardpro.com/docs
- **Support Forum**: Use the WordPress.org support forum
- **Direct Support**: Visit https://contentguardpro.com/support

= Can I contribute? =

Yes! Content Guard Pro welcomes community contributions:
- Report bugs via the support forum
- Suggest features and improvements
- Share custom detection patterns
- Help with translations

== Screenshots ==

1. Dashboard - Overview of security status with last scan results and quick actions
2. Scans Page - Run manual scans, view progress, and manage scan history
3. Findings List - Comprehensive list of detected issues with filtering and bulk actions
4. Finding Details - Detailed view with confidence scoring and remediation options
5. Quarantine Management - Manage quarantined content with bulk operations
6. Patterns & Allowlist - Configure detection rules and trusted domains
7. Reports - Executive summary with scan statistics and trends
8. Settings - Comprehensive configuration for scheduling, notifications, and integrations
9. Setup Wizard - First-run wizard for easy configuration

== Changelog ==

= 1.0.2 =
* Minor fixes

= 1.0.1 =
* Minor fixes

= 1.0.0 =
* Initial release
* Database scanning engine with Quick and Standard modes
* Gutenberg block parsing and analysis
* Non-destructive quarantine system
* Real-time on-save scanning
* Scheduled daily/incremental scans
* Email alerts and admin notifications
* Admin bar badge with critical count
* Dashboard widget
* Comprehensive reporting
* REST API for findings
* Webhook notifications for Critical findings
* Google Safe Browsing v5 integration (optional)
* PhishTank integration (optional)
* Auto-throttling and Safe Mode
* Audit trail with rollback support
* Setup wizard with sensible defaults
* Bulk operations (Quarantine, Ignore, Delete)
* Allow/Deny list management
* Diagnostics and system checks
* Help documentation and FAQ
* **Detection Patterns:**
  * External scripts/iframes with domain allowlist
  * Hidden/cloaked content with CSS detection
  * URL shorteners and redirectors
  * SEO spam keywords with word boundary matching
  * Obfuscated JavaScript (fromCharCode, base64, eval)
  * Anomalous link profiles
  * Inline event handlers (onclick, onerror, onload, etc.)
  * document.write() injection
  * javascript: URI detection
  * Object/Embed/Applet tag scanning
  * Meta refresh redirect detection
  * PHP dangerous function patterns
  * Extended CSS cloaking (opacity, font-size, clip, z-index)
  * SVG with embedded scripts
  * Cryptocurrency miner detection
  * HTML entity decoding for encoded attacks
* **Page Builder Support:**
  * Elementor deep scanning

== Upgrade Notice ==

= 1.0.2 =
Minor fixes to Content Guard Pro. Scan your database for malicious content, spam links, and SEO injections.

= 1.0.1 =
Minor fixes to Content Guard Pro. Scan your database for malicious content, spam links, and SEO injections.

= 1.0.0 =
Initial release of Content Guard Pro. Scan your database for malicious content, spam links, and SEO injections.


== Privacy Policy ==

Content Guard Pro is designed with privacy in mind:

**Data Collection:**
- The plugin does NOT collect or transmit any data by default
- All scanning happens locally on your WordPress server
- No external API calls unless you explicitly enable optional integrations

**Optional External Services:**
- Google Safe Browsing (if enabled): Domain URLs sent for reputation checks
- PhishTank (if enabled): Domain URLs sent for phishing checks
- Both services cache results to minimize API calls

**Telemetry (Opt-in Only):**
- If enabled, anonymous usage metrics help improve detection patterns
- No personally identifiable information is collected
- No site content is transmitted
- Can be disabled at any time

**Data Storage:**
- Findings and scan history stored in your WordPress database
- Audit logs retained for 365 days (configurable)
- API keys stored securely in wp_options

**Third-Party Services:**
- Google Safe Browsing API: https://developers.google.com/safe-browsing
- PhishTank API: https://www.phishtank.com/

== Technical Specifications ==

**Database Tables:**
- `{prefix}content_guard_pro__findings` - Security findings with confidence scores
- `{prefix}content_guard_pro__scans` - Scan history and performance metrics
- `{prefix}content_guard_pro__audit_log` - Activity tracking for forensics and rollback

**Hooks & Filters:**
- `content_guard_pro_loaded` - Fires when plugin is fully initialized
- `content_guard_pro__finding_saved` - Fires when a new finding is saved
- `content_guard_pro__quarantine_content` - Filter quarantine neutralization behavior
- `content_guard_pro__detection_patterns` - Filter or extend detection rules
- `content_guard_pro__allowlist_domains` - Filter allowlist domains

**REST API:**
- `GET /wp-json/content-guard-pro/v1/findings` - Query findings with filters and pagination

**WP-CLI Commands:**
- Coming in future release

**Action Scheduler:**
- Uses Action Scheduler for reliable background job processing
- Resumable scans survive server timeouts
- Configurable batch size and delay

== Credits ==

**Development Team:**
- Content Guard Pro Team

**Built With:**
- WordPress Core APIs
- Action Scheduler
- Google Safe Browsing API v5
- PhishTank API

**Special Thanks:**
- WordPress community for feedback and testing
- Security researchers who contributed detection patterns
- Beta testers who helped refine the plugin

== Support ==

Need help? We're here for you:

* **Documentation**: https://contentguardpro.com/docs
* **Support Forum**: https://wordpress.org/support/plugin/content-guard-pro/
* **Bug Reports**: Use the support forum or GitHub issues
* **Feature Requests**: We'd love to hear your ideas!
* **Direct Support**: https://contentguardpro.com/support

== Roadmap ==

**Upcoming Features:**
- Additional page builder support (Divi, Beaver Builder)
- Advanced Custom Fields (ACF) deep scanning
- WooCommerce product content scanning
- Comments and user meta scanning
- Custom table scanning
- WP-CLI interface
- PDF report generation
- Advanced pattern editor with YAML/JSON
- Network-wide multisite administration
- White-label capabilities
- Community pattern sharing
- Automated pattern updates
- More third-party integrations

Want to influence our roadmap? Let us know what features matter most to you!

