Description

Gogasys Malware Scanner is a comprehensive security solution for WordPress, built from the ground up to be lightweight, secure, and fully compliant with WordPress coding standards.

Key Features:

Web Application Firewall (WAF): Real-time inspection of GET, POST, and FILES requests to block SQL injection, XSS, and more.
Malware Scanner: Detects malicious file patterns and monitors WordPress core file integrity using official checksums.
IP & Country Blocking: Easily block specific IP addresses or entire countries using GeoIP detection.
Security Headers: One-click configuration for XSS Protection, CSP, HSTS, and more.
Scheduled Scans: Automated scanning powered by WP-Cron. Note: This feature is OFF by default and requires explicit user consent to enable.
Incident Logging: Detailed logs of all blocked threats and suspicious activities.
Admin Notifications: Get notified via email immediately when threats are detected.

External services

Gogasys Malware Scanner connects to the following third-party services to provide core security features:

api.wordpress.org: Used by the Malware Scanner to fetch official WordPress core file checksums. This allows the plugin to verify the integrity of your WordPress installation and detect unauthorized file modifications.
- Data Sent: WordPress version and site locale.
- Service Provider: WordPress.org (Privacy Policy: https://wordpress.org/about/privacy/)
ip-api.com: Used for GeoIP-based country blocking. When the Country Blocking (GeoIP) feature is explicitly enabled by the site administrator, visitor IP addresses are sent to ip-api.com to determine the country of origin. This feature is disabled by default. No IP data is sent unless the administrator opts in. IP addresses are not stored by this plugin.
- Data Sent: Visitor IP address (only when the GeoIP feature is enabled by the admin).
- Service Provider: Artia International S.R.L. (Terms and Privacy: https://ip-api.com/docs/legal)

Installation

Upload the gogasys-malware-scanner folder to the /wp-content/plugins/ directory.
Activate the plugin through the ‘Plugins’ menu in WordPress.
Navigate to the ‘Gogasys Security’ menu in your dashboard to configure settings.

FAQ

Does this plugin include a firewall?: Yes, it includes a real-time Web Application Firewall (WAF) that inspects every request.
How does the malware scanner work?: It compares your WordPress core files against official checksums and scans the wp-content directory for known malicious PHP patterns.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Gogasys Malware Scanner” is open source software. The following people have contributed to this plugin.

gogasysitsolutions

Translate “Gogasys Malware Scanner” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.6

Security: Gated all ip-api.com GeoIP lookups behind an explicit admin opt-in toggle (gogasys_ms_enable_geoip). The plugin no longer contacts external services without administrator consent, complying with WordPress.org Plugin Directory Guidelines.
Privacy: Added wp_add_privacy_policy_content() integration so site owners can include GeoIP data-handling details in their Privacy Policy.
Path Handling: Replaced hardcoded WP_CONTENT_DIR with wp_upload_dir() for the quarantine directory, ensuring compatibility with non-standard WordPress installs.
Security: Replaced the disallowed define('DISALLOW_UNFILTERED_HTML', true) with a map_meta_cap filter, which is the WordPress-approved pattern for restricting the unfiltered_html capability.
Bug Fix (Critical): Fixed fatal PHP error in quarantine action — GOGASYS_MS_QUARANTINE_DIR constant reference replaced with the correct gogasys_ms_quarantine_dir() function call throughout class-scanner.php.
Bug Fix: Fixed admin asset enqueue logic — CSS/JS now loads on all plugin subpages (Firewall, Scanner, Logs, IP Blocker, Headers, Notifications), not only the main dashboard.
Compliance: Removed Network: true from plugin header (plugin does not require network activation).
Compliance: Updated Author header field to a proper display name per WordPress Plugin Directory guidelines.
Compliance: Updated Plugin URI to a clean URL without .html extension.
Settings API: Registered gogasys_ms_enable_geoip, gogasys_ms_blocked_countries, and gogasys_ms_block_attack_countries via register_setting() for proper sanitization.
Added gogasys_ms_sanitize_country_array() sanitize callback for country code option storage.
UI: Added a prominent opt-in notice to the IP & Country Management settings page explaining that ip-api.com is an external service.
Uninstall: Added all gogasys_ms_header_* options, gogasys_ms_attack_countries, and removed duplicate entries from uninstall cleanup list — ensures no orphaned data remains after plugin deletion.

1.0.5

Fix: Resolved PHP syntax error by renaming invalid namespace (Gogasys Malware Scanner) to GogasysMalwareScanner across all files to comply with WordPress.org coding standards.

1.0.4

Renamed plugin to Gogasys Malware Scanner for compliance with directory guidelines.
Fully refactored codebase to synchronize namespaces, constants, and options with the new identity.

1.0.3

Resolved granular Plugin Check security warnings for unescaped DB parameters.
Optimized database queries with unified suppressions.

1.0.2

Finalized database compliance by using literal SQL fragments for ordering.
Improved cache invalidation on data updates.

1.0.1

Improved database query compliance for WordPress.org submission.
Implemented full object caching for database results.
Prefixed all global variables in admin views.

1.0.0

Initial release.