WordPress.org

Brasil

Baixar o WordPress
WordPress.org

Plugin Directory

BrandBees Malware Guardian

BrandBees Malware Guardian

Por BrandBees
Baixar

Descrição

BrandBees Malware Guardian is a powerful WordPress security plugin that helps you detect, review, and safely clean malware from your website. It scans both your files and database for malicious code, spam injections, and defacement patterns, making it ideal for website owners who want clear, practical protection without complexity.

With BrandBees Malware Guardian, you get a structured and easy-to-understand malware detection experience. Instead of overwhelming you with technical logs, the plugin highlights real threats with clear severity levels, confidence scores, and actionable recommendations, so you can focus on what actually matters.

The plugin performs deep scans across your WordPress environment, including core files, themes, plugins, and database content. It identifies suspicious PHP, JavaScript, and HTML code, as well as SEO spam and hidden injections that can harm your website’s performance and search rankings.

BrandBees Malware Guardian is built to reduce false positives and noise. Its risk-based detection model prioritizes critical and high-risk issues, helping you respond faster and avoid wasting time on low-impact warnings. Each detected threat includes detailed insights and guided remediation steps, allowing you to clean your site safely without breaking functionality.

The plugin also supports scheduled scans and updated malware signatures, ensuring ongoing protection as new threats emerge. With a simple admin dashboard, you can monitor scan results, review incidents, and take action, all from one place.

Designed for both technical and non-technical users, BrandBees Malware Guardian makes WordPress malware detection and cleanup accessible, efficient, and reliable.

Key Features

  • Malware signature scanning for PHP, JavaScript, HTML, SEO spam, and defacement indicators
  • Local file scanning with threat matching and confidence scoring
  • Database scanning for malicious or injected content patterns
  • Risk-based detection model to reduce noisy/low-value alerts
  • Threat details with severity, confidence, and remediation steps
  • Signature feed support for ongoing rule updates
  • Admin dashboard for scan visibility and incident review
  • Scheduler support for recurring scans and alerting workflow
  • Backup/patch workflow components for safer cleanup operations
  • Built for WordPress administrators with clear, non-technical controls

Ideal Audience

  • Small to mid-size WordPress site owners
  • Agencies managing multiple client WordPress websites
  • Internal website admins who need practical security monitoring
  • Non-technical teams needing clear malware alerts and next steps

Core Value Propositions

  • Early detection of common WordPress malware patterns
  • Clear prioritization (critical/high/medium) to focus on real risk
  • Faster incident response with actionable cleanup guidance
  • Ongoing protection through updateable signature intelligence

Typical Workflow

  1. Open BB Malware Guard in wp-admin
  2. Choose a scan type (quick routine scan or deeper scan depending on your need)
  3. Run a scan now, or enable scheduling so scans run automatically
  4. Review results grouped by severity and confidence (start with critical/high)
  5. Open any finding to see what was detected, where it was found, and why it matters
  6. Apply the recommended cleanup action (safe workflows and backups where applicable)
  7. Re-scan to verify the issue is resolved
  8. Keep scheduled scans enabled to catch new issues early

Support

For support requests, please use the WordPress.org support forum.

Website: brandbees.net/contact-us

Developer Documentation

Hooks & Filters

The plugin provides filters for customization. Full developer docs: BrandBees Malware Guardian documentation.

Actions

There are no custom do_action hooks prefixed for this plugin at this time. Integrate via filters below or standard WordPress hooks.

Filters

  • bbmg_malware_scan_post_types – Adjust which post types are included in database content scanning (array of post type slugs).
  • bbmg_malware_scan_file_roots – Adjust absolute filesystem roots scanned for a given scope (array of paths, plus scan scope context).
  • bbmg_malware_excluded_file_extensions – Change which file extensions are skipped during file scanning (array).
  • bbmg_checksum_trust_scan_enabled – Enable or disable checksum-based trust optimizations during file scanning (boolean).
  • bbmg_pattern_risk_score_threshold – Override the internal pattern risk score threshold used by the matcher (integer).
  • bbmg_detection_risk_score – Adjust the computed risk score for a detection ($score, $signature_id, $category, $signature).
  • bbmg_stale_db_heartbeat_seconds – Seconds of grace before treating a DB scan heartbeat as stale (integer).
  • bbmg_stale_running_scan_grace_seconds – Grace period for a running scan before stale handling (integer).
  • bbmg_stale_zero_progress_grace_seconds – Grace period when scan progress is zero before stale handling (integer).
  • bbmg_signature_feed_url – Provide or override the remote URL used to load the malware signature JSON feed (string).
  • bbmg_signature_remote_fetch_disabled – Return true to disable remote signature feed fetching (boolean).
  • bbmg_signature_feed_ttl – Override cache TTL (seconds) for a successful remote signature feed response (integer).
  • bbmg_signature_feed_cron_first_delay – Override delay (seconds) before the first scheduled signature feed sync after setup (integer).

For deeper integration (REST routes, database tables, scan lifecycle), see the developer documentation site.

External services

This plugin can optionally use third-party threat intelligence services. Core local file/database scanning works without these services.

  • PhishTank (Cisco Talos): Optional phishing feed source used for local URL reputation checks when enabled.
    Terms: https://phishtank.org/terms.php
    Privacy: https://www.phishtank.org/privacy.php

  • VirusTotal: Optional URL reputation lookup used only when VirusTotal integration is enabled and configured.
    Terms: https://www.virustotal.com/gui/terms-of-service
    Privacy: https://www.virustotal.com/gui/privacy-policy

  • Google Safe Browsing API: Optional threat lookup used only when Safe Browsing integration is enabled and configured.
    Terms: https://developers.google.com/safe-browsing/v4/terms
    Privacy: https://policies.google.com/privacy

WordPress.org update APIs may also be contacted by WordPress itself for update/metadata checks.

Privacy Policy

BrandBees Malware Guardian is designed for privacy-conscious operations:

  • Core scanning is performed locally on your server
  • Scan results are stored locally in your WordPress database
  • Optional external integrations are disabled by default and used only when enabled/configured
  • Backups created by cleanup workflows are stored on your server

Credits

Developed by Brand Bees
Contributor profile: Hassan Ejaz (@genius786)

Capturas de tela

  • Security dashboard and scan controls
  • Scan progress and status updates
  • Threat list with severity/confidence
  • Cleanup and remediation workflow
  • Scheduler and scan settings
  • History and reporting views

Instalação

  1. Upload the brandbees-malware-guardian folder to /wp-content/plugins/
  2. Activate the plugin from Plugins
  3. Open BB Malware Guard in wp-admin
  4. Run your first scan and review results

Perguntas frequentes

1) What is BrandBees Malware Guardian?

BrandBees Malware Guardian is a WordPress security plugin designed to scan your website for malware, spam injections, and hacked content. It checks your files and database for suspicious code and provides clear guidance on how to safely clean and secure your site. It’s built for WordPress site owners who want simple, effective malware detection without needing advanced technical knowledge.

2) How does BrandBees Malware Guardian detect malware in WordPress?

The plugin uses malware signature scanning and pattern detection to identify threats. It scans WordPress core files, plugin and theme files, and database content (posts, pages, options, etc.). It looks for common threats like malicious scripts, SEO spam injections, and defacement code, then assigns a risk level and confidence score.

3) Can this plugin remove malware from my WordPress site?

Yes, it helps you safely clean malware by providing step-by-step remediation guidance. Instead of blindly deleting files, it shows what the threat is, where it is located, how risky it is, and recommended cleanup actions. This helps reduce the chance of breaking your site.

4) Does BrandBees Malware Guardian scan the WordPress database?

Yes. It performs database scanning to detect hidden spam links, injected scripts, malicious redirects, and SEO spam content. This is important because many WordPress hacks inject malware into database content, not just files.

5) What types of malware does the plugin detect?

It detects a wide range of WordPress threats, including PHP malware and backdoors, JavaScript injections, HTML-based defacement code, SEO spam and hidden links, and suspicious/obfuscated code patterns.

6) What is malware signature scanning in WordPress?

Malware signature scanning means the plugin compares your site’s code against a database of known malicious patterns and behaviors. BrandBees Malware Guardian supports signature updates to stay aligned with evolving threats.

7) How accurate is the malware detection?

The plugin uses a risk-based detection model with severity levels and confidence scoring to reduce false positives and help you focus on the most important issues first.

8) Will I get alerts when malware is found?

The plugin supports scheduled scans and alerting workflows. You can review scan reports in the dashboard and respond quickly when threats are detected.

9) Can I schedule automatic malware scans in WordPress?

Yes. You can set up recurring scans so your website is continuously monitored. This helps detect new threats early without manual checks.

10) Does this plugin protect against SEO spam in WordPress?

Yes. It detects SEO spam injections such as hidden links, spam keywords, and redirect scripts, which can harm search rankings.

11) Is BrandBees Malware Guardian suitable for non-technical users?

Yes. It provides clear descriptions, easy-to-understand risk levels, and guided cleanup steps so non-technical users can respond confidently.

12) Can agencies use this plugin for multiple client websites?

Yes. It’s useful for agencies managing client sites by helping detect malware quickly, prioritize critical issues, and improve response times.

13) What is the difference between file scanning and database scanning?

File scanning checks code files such as plugins and themes for malware. Database scanning checks stored content like posts, pages, and options where attackers often inject spam or scripts. BrandBees Malware Guardian includes both.

14) Does the plugin provide threat details?

Yes. Each detected issue includes the threat type, severity, confidence, location (file or database), and recommended remediation guidance.

15) Can I update malware signatures?

Yes. The plugin supports signature feed updates, allowing new detection rules to be applied as threats change.

16) Does this plugin prevent WordPress hacks?

It focuses on detection and response rather than firewall-based prevention. However, detecting and cleaning infections early can significantly reduce damage and downtime.

17) Will this plugin slow down my WordPress site?

Scans are designed to be manageable and can be scheduled to run at appropriate times. For best results, schedule scans during low-traffic periods.

18) Is this a good alternative to other WordPress security plugins?

It’s a good fit if you want a focused malware scanner with clear, actionable reports, reduced false positives, and practical cleanup guidance.

19) How do I scan my WordPress site for malware?

After installing, open the plugin dashboard, start a scan (or schedule one), review the detected threats, and follow the cleanup recommendations. No coding knowledge is required for typical workflows.

20) Who should use BrandBees Malware Guardian?

This plugin is best for small to mid-size site owners, agencies, e-commerce stores, bloggers, content publishers, and non-technical teams needing simple security tools.

Avaliações

Não há avaliações para este plugin.

Colaboradores e desenvolvedores

“BrandBees Malware Guardian” é um programa de código aberto. As seguintes pessoas contribuíram para este plugin.

Colaboradores

Traduzir o “BrandBees Malware Guardian” para seu idioma.

Interessado no desenvolvimento?

Navegue pelo código, consulte o repositório SVN ou assine o registro de desenvolvimento por RSS.

Registro de alterações

1.0.0

  • Initial release
  • Local file scanning and database scanning
  • Signature-based threat detection
  • Severity/confidence based findings
  • Cleanup workflows with backup-aware operations
  • Scheduled scanning support
  • Dashboard reporting and scan history

Meta

Classificações

Ainda não foi enviada nenhuma avaliação.

Your review

Ver todas avaliações

Suporte

Tem algo a dizer? Precisa de ajuda?

Ver fórum de suporte