Title: BrandBees Malware Guardian
Author: BrandBees
Published: <strong>April 16, 2026</strong>
Last modified: April 29, 2026

---

Search plugins

![](https://ps.w.org/brandbees-malware-guardian/assets/banner-772x250.png?rev=3508091)

![](https://ps.w.org/brandbees-malware-guardian/assets/icon-256x256.jpg?rev=3508016)

# BrandBees Malware Guardian

 By [BrandBees](https://profiles.wordpress.org/brandbees/)

[Download](https://downloads.wordpress.org/plugin/brandbees-malware-guardian.1.0.1.zip)

 * [Details](https://vec.wordpress.org/plugins/brandbees-malware-guardian/#description)
 * [Reviews](https://vec.wordpress.org/plugins/brandbees-malware-guardian/#reviews)
 *  [Installation](https://vec.wordpress.org/plugins/brandbees-malware-guardian/#installation)
 * [Development](https://vec.wordpress.org/plugins/brandbees-malware-guardian/#developers)

 [Support](https://wordpress.org/support/plugin/brandbees-malware-guardian/)

## Description

BrandBees Malware Guardian is a powerful WordPress security plugin that helps you
detect, review, and safely clean malware from your website. It scans both your files
and database for malicious code, spam injections, and defacement patterns, making
it ideal for website owners who want clear, practical protection without complexity.

With BrandBees Malware Guardian, you get a structured and easy-to-understand malware
detection experience. Instead of overwhelming you with technical logs, the plugin
highlights real threats with clear severity levels, confidence scores, and actionable
recommendations, so you can focus on what actually matters.

The plugin performs deep scans across your WordPress environment, including core
files, themes, plugins, and database content. It identifies suspicious PHP, JavaScript,
and HTML code, as well as SEO spam and hidden injections that can harm your website’s
performance and search rankings.

BrandBees Malware Guardian is built to reduce false positives and noise. Its risk-
based detection model prioritizes critical and high-risk issues, helping you respond
faster and avoid wasting time on low-impact warnings. Each detected threat includes
detailed insights and guided remediation steps, allowing you to clean your site 
safely without breaking functionality.

The plugin also supports scheduled scans and updated malware signatures, ensuring
ongoing protection as new threats emerge. With a simple admin dashboard, you can
monitor scan results, review incidents, and take action, all from one place.

Designed for both technical and non-technical users, BrandBees Malware Guardian 
makes WordPress malware detection and cleanup accessible, efficient, and reliable.

**Key Features**

 * Malware signature scanning for PHP, JavaScript, HTML, SEO spam, and defacement
   indicators
 * Local file scanning with threat matching and confidence scoring
 * Database scanning for malicious or injected content patterns
 * Risk-based detection model to reduce noisy/low-value alerts
 * Threat details with severity, confidence, and remediation steps
 * Signature feed support for ongoing rule updates
 * Admin dashboard for scan visibility and incident review
 * Scheduler support for recurring scans and alerting workflow
 * Backup/patch workflow components for safer cleanup operations
 * Built for WordPress administrators with clear, non-technical controls

**Ideal Audience**

 * Small to mid-size WordPress site owners
 * Agencies managing multiple client WordPress websites
 * Internal website admins who need practical security monitoring
 * Non-technical teams needing clear malware alerts and next steps

**Core Value Propositions**

 * Early detection of common WordPress malware patterns
 * Clear prioritization (critical/high/medium) to focus on real risk
 * Faster incident response with actionable cleanup guidance
 * Ongoing protection through updateable signature intelligence

**Typical Workflow**

 1. Open **BB Malware Guard** in wp-admin
 2. Choose a scan type (quick routine scan or deeper scan depending on your need)
 3. Run a scan now, or enable scheduling so scans run automatically
 4. Review results grouped by severity and confidence (start with critical/high)
 5. Open any finding to see what was detected, where it was found, and why it matters
 6. Apply the recommended cleanup action (safe workflows and backups where applicable)
 7. Re-scan to verify the issue is resolved
 8. Keep scheduled scans enabled to catch new issues early

### Support

For support requests, please use the [WordPress.org support forum](https://wordpress.org/support/plugin/brandbees-malware-guardian/).

Website: [brandbees.net/contact-us](https://brandbees.net/contact-us/)

### Developer Documentation

**Hooks & Filters**

The plugin provides filters for customization. Full developer docs: [BrandBees Malware Guardian documentation](https://docs.brandbees.net/brandbees-malware-guardian).

**Actions**

There are no custom `do_action` hooks prefixed for this plugin at this time. Integrate
via filters below or standard WordPress hooks.

**Filters**

 * `bbmg_malware_scan_post_types` – Adjust which post types are included in database
   content scanning (array of post type slugs).
 * `bbmg_malware_scan_file_roots` – Adjust absolute filesystem roots scanned for
   a given scope (array of paths, plus scan scope context).
 * `bbmg_malware_excluded_file_extensions` – Change which file extensions are skipped
   during file scanning (array).
 * `bbmg_checksum_trust_scan_enabled` – Enable or disable checksum-based trust optimizations
   during file scanning (boolean).
 * `bbmg_pattern_risk_score_threshold` – Override the internal pattern risk score
   threshold used by the matcher (integer).
 * `bbmg_detection_risk_score` – Adjust the computed risk score for a detection (`
   $score`, `$signature_id`, `$category`, `$signature`).
 * `bbmg_stale_db_heartbeat_seconds` – Seconds of grace before treating a DB scan
   heartbeat as stale (integer).
 * `bbmg_stale_running_scan_grace_seconds` – Grace period for a running scan before
   stale handling (integer).
 * `bbmg_stale_zero_progress_grace_seconds` – Grace period when scan progress is
   zero before stale handling (integer).
 * `bbmg_signature_feed_url` – Provide or override the remote URL used to load the
   malware signature JSON feed (string).
 * `bbmg_signature_remote_fetch_disabled` – Return true to disable remote signature
   feed fetching (boolean).
 * `bbmg_signature_feed_ttl` – Override cache TTL (seconds) for a successful remote
   signature feed response (integer).
 * `bbmg_signature_feed_cron_first_delay` – Override delay (seconds) before the 
   first scheduled signature feed sync after setup (integer).

For deeper integration (REST routes, database tables, scan lifecycle), see the [developer documentation site](https://docs.brandbees.net/brandbees-malware-guardian).

### External services

This plugin can optionally use third-party threat intelligence services. Core local
file/database scanning works without these services.

 * **PhishTank** (Cisco Talos): Optional phishing feed source used for local URL
   reputation checks when enabled.
    Terms: https://phishtank.org/terms.php Privacy:
   https://www.phishtank.org/privacy.php
 * **VirusTotal**: Optional URL reputation lookup used only when VirusTotal integration
   is enabled and configured.
    Terms: https://www.virustotal.com/gui/terms-of-service
   Privacy: https://www.virustotal.com/gui/privacy-policy
 * **Google Safe Browsing API**: Optional threat lookup used only when Safe Browsing
   integration is enabled and configured.
    Terms: https://developers.google.com/
   safe-browsing/v4/terms Privacy: https://policies.google.com/privacy

WordPress.org update APIs may also be contacted by WordPress itself for update/metadata
checks.

### Privacy Policy

BrandBees Malware Guardian is designed for privacy-conscious operations:

 * Core scanning is performed locally on your server
 * Scan results are stored locally in your WordPress database
 * Optional external integrations are disabled by default and used only when enabled/
   configured
 * Backups created by cleanup workflows are stored on your server

### Credits

Developed by [Brand Bees](https://brandbees.net/)
 Contributor profile: [Hassan Ejaz (@genius786)](https://profiles.wordpress.org/genius786/)

## Screenshots

[⌊Security dashboard and scan controls⌉⌊Security dashboard and scan controls⌉[

Security dashboard and scan controls

[⌊Scan progress and status updates⌉⌊Scan progress and status updates⌉[

Scan progress and status updates

[⌊Threat list with severity/confidence⌉⌊Threat list with severity/confidence⌉[

Threat list with severity/confidence

[⌊Cleanup and remediation workflow⌉⌊Cleanup and remediation workflow⌉[

Cleanup and remediation workflow

[⌊Scheduler and scan settings⌉⌊Scheduler and scan settings⌉[

Scheduler and scan settings

[⌊History and reporting views⌉⌊History and reporting views⌉[

History and reporting views

## Installation

 1. Upload the `brandbees-malware-guardian` folder to `/wp-content/plugins/`
 2. Activate the plugin from **Plugins**
 3. Open **BB Malware Guard** in wp-admin
 4. Run your first scan and review results

## FAQ

### 1) What is BrandBees Malware Guardian?

BrandBees Malware Guardian is a WordPress security plugin designed to scan your 
website for malware, spam injections, and hacked content. It checks your files and
database for suspicious code and provides clear guidance on how to safely clean 
and secure your site. It’s built for WordPress site owners who want simple, effective
malware detection without needing advanced technical knowledge.

### 2) How does BrandBees Malware Guardian detect malware in WordPress?

The plugin uses malware signature scanning and pattern detection to identify threats.
It scans WordPress core files, plugin and theme files, and database content (posts,
pages, options, etc.). It looks for common threats like malicious scripts, SEO spam
injections, and defacement code, then assigns a risk level and confidence score.

### 3) Can this plugin remove malware from my WordPress site?

Yes, it helps you safely clean malware by providing step-by-step remediation guidance.
Instead of blindly deleting files, it shows what the threat is, where it is located,
how risky it is, and recommended cleanup actions. This helps reduce the chance of
breaking your site.

### 4) Does BrandBees Malware Guardian scan the WordPress database?

Yes. It performs database scanning to detect hidden spam links, injected scripts,
malicious redirects, and SEO spam content. This is important because many WordPress
hacks inject malware into database content, not just files.

### 5) What types of malware does the plugin detect?

It detects a wide range of WordPress threats, including PHP malware and backdoors,
JavaScript injections, HTML-based defacement code, SEO spam and hidden links, and
suspicious/obfuscated code patterns.

### 6) What is malware signature scanning in WordPress?

Malware signature scanning means the plugin compares your site’s code against a 
database of known malicious patterns and behaviors. BrandBees Malware Guardian supports
signature updates to stay aligned with evolving threats.

### 7) How accurate is the malware detection?

The plugin uses a risk-based detection model with severity levels and confidence
scoring to reduce false positives and help you focus on the most important issues
first.

### 8) Will I get alerts when malware is found?

The plugin supports scheduled scans and alerting workflows. You can review scan 
reports in the dashboard and respond quickly when threats are detected.

### 9) Can I schedule automatic malware scans in WordPress?

Yes. You can set up recurring scans so your website is continuously monitored. This
helps detect new threats early without manual checks.

### 10) Does this plugin protect against SEO spam in WordPress?

Yes. It detects SEO spam injections such as hidden links, spam keywords, and redirect
scripts, which can harm search rankings.

### 11) Is BrandBees Malware Guardian suitable for non-technical users?

Yes. It provides clear descriptions, easy-to-understand risk levels, and guided 
cleanup steps so non-technical users can respond confidently.

### 12) Can agencies use this plugin for multiple client websites?

Yes. It’s useful for agencies managing client sites by helping detect malware quickly,
prioritize critical issues, and improve response times.

### 13) What is the difference between file scanning and database scanning?

File scanning checks code files such as plugins and themes for malware. Database
scanning checks stored content like posts, pages, and options where attackers often
inject spam or scripts. BrandBees Malware Guardian includes both.

### 14) Does the plugin provide threat details?

Yes. Each detected issue includes the threat type, severity, confidence, location(
file or database), and recommended remediation guidance.

### 15) Can I update malware signatures?

Yes. The plugin supports signature feed updates, allowing new detection rules to
be applied as threats change.

### 16) Does this plugin prevent WordPress hacks?

It focuses on detection and response rather than firewall-based prevention. However,
detecting and cleaning infections early can significantly reduce damage and downtime.

### 17) Will this plugin slow down my WordPress site?

Scans are designed to be manageable and can be scheduled to run at appropriate times.
For best results, schedule scans during low-traffic periods.

### 18) Is this a good alternative to other WordPress security plugins?

It’s a good fit if you want a focused malware scanner with clear, actionable reports,
reduced false positives, and practical cleanup guidance.

### 19) How do I scan my WordPress site for malware?

After installing, open the plugin dashboard, start a scan (or schedule one), review
the detected threats, and follow the cleanup recommendations. No coding knowledge
is required for typical workflows.

### 20) Who should use BrandBees Malware Guardian?

This plugin is best for small to mid-size site owners, agencies, e-commerce stores,
bloggers, content publishers, and non-technical teams needing simple security tools.

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“BrandBees Malware Guardian” is open source software. The following people have 
contributed to this plugin.

Contributors

 *   [ BrandBees ](https://profiles.wordpress.org/brandbees/)
 *   [ Hassan Ejaz ](https://profiles.wordpress.org/genius786/)

[Translate “BrandBees Malware Guardian” into your language.](https://translate.wordpress.org/projects/wp-plugins/brandbees-malware-guardian)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/brandbees-malware-guardian/),
check out the [SVN repository](https://plugins.svn.wordpress.org/brandbees-malware-guardian/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/brandbees-malware-guardian/)
by [RSS](https://plugins.trac.wordpress.org/log/brandbees-malware-guardian/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.0.0

 * Initial release
 * Local file scanning and database scanning
 * Signature-based threat detection
 * Severity/confidence based findings
 * Cleanup workflows with backup-aware operations
 * Scheduled scanning support
 * Dashboard reporting and scan history

## Meta

 *  Version **1.0.1**
 *  Last updated **2 months ago**
 *  Active installations **10+**
 *  WordPress version ** 5.8 or higher **
 *  Tested up to **6.9.4**
 *  PHP version ** 7.4 or higher **
 *  Language
 * [English (US)](https://wordpress.org/plugins/brandbees-malware-guardian/)
 * Tags
 * [malware](https://vec.wordpress.org/plugins/tags/malware/)[malware detection](https://vec.wordpress.org/plugins/tags/malware-detection/)
   [scanner](https://vec.wordpress.org/plugins/tags/scanner/)[security](https://vec.wordpress.org/plugins/tags/security/)
   [wordpress security](https://vec.wordpress.org/plugins/tags/wordpress-security/)
 *  [Advanced View](https://vec.wordpress.org/plugins/brandbees-malware-guardian/advanced/)

## Ratings

No reviews have been submitted yet.

[Your review](https://wordpress.org/support/plugin/brandbees-malware-guardian/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/brandbees-malware-guardian/reviews/)

## Contributors

 *   [ BrandBees ](https://profiles.wordpress.org/brandbees/)
 *   [ Hassan Ejaz ](https://profiles.wordpress.org/genius786/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/brandbees-malware-guardian/)