Description
Safeguard your WordPress website from evolving malware, brute force attacks, hidden backdoors, and zero-day vulnerabilities.
Guardian Gaze Security – Malware Scanner, AI Backdoor Detection & Login Protection
Guardian Gaze is a research-driven WordPress security plugin designed to help website owners, developers, and agencies protect their sites from malware infections, AI-detected backdoors, brute-force attacks, unauthorized file changes, and emerging WordPress vulnerabilities.
Built by RedSecLabs, a cybersecurity firm specializing in threat research and detection engineering, Guardian Gaze focuses on:
• Continuous WordPress security monitoring
• AI/LLM-assisted malware and backdoor detection
• Login protection and brute force prevention
• IP management and traffic filtering
• WordPress security hardening
• Clear visibility into your site’s security posture
Detection logic is supported by ongoing threat intelligence updates, ensuring protection adapts to new and evolving attack techniques.
Guardian Gaze delivers practical website security for WordPress without aggressive lockouts, excessive alerts, or heavy resource usage.
Key Features
WordPress Malware Detection & AI-Based Backdoor Scan
Guardian Gaze includes a built-in WordPress malware scanner that analyzes WordPress core files, plugins, and themes for suspicious or unauthorized changes.
• Detects modified or infected files
• Identifies malware injections, malicious code, and hidden backdoors
• AI/LLM-assisted backdoor scanning to detect suspicious code patterns
• Highlights changes in WordPress core, plugin, or theme integrity
• Designed for continuous monitoring — not one-time scans
• Helps users review findings before taking action
This approach combines traditional detection techniques with AI-assisted analysis for improved backdoor detection and malware discovery in WordPress.
Login Security & Brute Force Protection
Reduce WordPress login abuse and authentication attacks.
• Limit repeated failed login attempts
• Reduce brute-force and credential-stuffing attacks
• Identify unusual login behavior or suspicious activity
• Protect wp-login.php and XML-RPC endpoints
These controls improve WordPress login security without blocking legitimate users.
IP Management & Traffic Filtering
Manage and reduce unwanted or abusive traffic.
• Block or allow IP addresses manually
• Automatically flag suspicious IP behavior
• Reduce bot noise, vulnerability scanners, and automated attacks
Ideal for sites experiencing repeated probing or targeted WordPress attacks.
WordPress Security Hardening
Improve your website’s default security posture with guided hardening options.
• Strengthen WordPress configuration
• Reduce exposure to known weak points
• Follow recommended WordPress security best practices
• Clear explanations before applying changes
Designed to enhance baseline WordPress website security.
Central Security Dashboard
View real-time WordPress security events and activity:
• Latest malware scan results
• Login attempts and security logs
• Blocked and flagged IP addresses
• Alerts, notifications, and system status
Built for both beginners and developers managing multiple WordPress sites.
Configurable Alerts & Security Notifications
Stay informed with security notifications and alerts.
• Email notifications for login events and malware scan results
• Adjustable alert sensitivity
• Useful for single-site owners and agencies
Continuous Threat Intelligence Updates
Guardian Gaze receives updated detection logic, indicators, and malware patterns through the Guardian Gaze Security Intelligence API.
These updates help:
• Improve malware detection accuracy
• Adapt to new WordPress security threats
• Maintain performance and stability
Privacy & Data Use
Guardian Gaze uses external services only for security functionality such as license validation, threat intelligence updates, optional reporting, and IP geolocation (if enabled).
• No unnecessary data collection
• No passwords or sensitive content transmitted
• Secure WordPress-native API communication
• Optional features can be disabled
• Only security metadata required for functionality is processed
Guardian Gaze follows a privacy-first design.
External Services Used
Guardian Gaze connects to the following services to provide security features and functionality:
=1. Guardian Gaze API – wp-api.guardiangaze.com=
Used for license validation, malware pattern updates, threat intelligence updates, and optional email reporting.
Data Sent:
• Admin email
• Site URL
• API key
• Plugin version and definitions version
• IP addresses (for global blocking features)
• Scan report data (if email reporting is enabled)
Terms of Service: https://www.guardiangaze.com/terms-of-service/
Privacy Policy: https://www.guardiangaze.com/privacy-policy/
=2. Guardian Gaze API – www.guardiangaze.com=
Used for plugin registration.
Data Sent:
• Site URL
Terms of Service: https://www.guardiangaze.com/terms-of-service/
Privacy Policy: https://www.guardiangaze.com/privacy-policy/
=3. WordPress.org API – api.wordpress.org=
Used for WordPress core file integrity checks and version validation.
Data Sent:
• WordPress version
• Locale / language
Terms of Service: https://wordpress.org/about/privacy/
Privacy Policy: https://wordpress.org/about/privacy/
=4. IP-API.com – ip-api.com=
Used for IP address geolocation.
Data Sent:
• Visitor IP address
(Free tier used; responses cached locally to reduce external requests.)
Terms of Service: https://ip-api.com/docs/legal
Privacy Policy: https://ip-api.com/docs/legal
=5. IPAPI.co – ipapi.co
Alternative IP geolocation provider used for dashboard analytics.
Data Sent:
• Visitor IP address
Terms of Service: https://ipapi.co/terms/
Privacy Policy: https://ipapi.co/privacy/
Important Notes
• All API calls use WordPress wp_remote_get() and wp_remote_post()
• Data is transferred over HTTPS whenever available
• No user passwords or sensitive content is collected or transmitted
• Geolocation lookups are cached to limit external requests
About RedSecLabs
RedSecLabs is a cybersecurity company focused on threat research, detection engineering, and building defensive tools for real-world scenarios.
Guardian Gaze reflects this philosophy by offering a transparent, research-backed WordPress security plugin with AI-assisted backdoor detection, built for long-term reliability and practical protection.
Screenshots
Guardian Gaze – Dashboard Overview 
Malware Scan Results 
IP Management Panel 
Login Security Settings 
Security Hardening Options 
General Settings Page
FAQ
-
What differentiates Guardian Gaze from other WordPress security plugins?
-
Guardian Gaze combines traditional malware scanning with AI/LLM-assisted backdoor detection to identify suspicious or abnormal code patterns that may not match known malware signatures.
Built by RedSecLabs, Guardian Gaze focuses on research-driven detection engineering, continuous monitoring, and performance-conscious design. It provides practical WordPress security without aggressive lockouts or unnecessary system overhead. -
How does the Guardian Gaze WordPress malware scanner work?
-
Guardian Gaze scans WordPress core files, plugins, and themes for unauthorized changes, malware injections, and hidden backdoors. It monitors file integrity and highlights suspicious modifications inside your WordPress installation.
The scanner combines traditional pattern-based detection with AI-assisted analysis to improve visibility into potentially malicious code. -
What is AI-assisted backdoor detection?
-
AI-assisted backdoor detection uses LLM-based analysis to evaluate suspicious or abnormal code structures within WordPress files. This approach helps identify hidden backdoors and obfuscated malware that may bypass signature-only detection methods.
It enhances traditional malware scanning by adding contextual analysis to improve detection accuracy. -
How does Guardian Gaze protect WordPress sites from attackers?
-
Guardian Gaze provides:
• Continuous malware scanning
• AI-based backdoor detection
• Login security and brute force protection
• IP management and traffic filtering
• WordPress security hardening options
Threat intelligence updates help detection adapt to evolving WordPress vulnerabilities and attack techniques. -
What login security features are included?
-
Guardian Gaze improves WordPress login security by limiting repeated failed login attempts, reducing brute-force attacks, monitoring suspicious authentication behavior, and protecting endpoints such as wp-login.php and XML-RPC.
These protections help reduce unauthorized access attempts while minimizing disruption for legitimate users. -
How will I be alerted if my site has a security problem?
-
Guardian Gaze provides configurable email notifications for malware scan results, suspicious login activity, flagged IP behavior, and other security events.
Alert sensitivity can be adjusted to balance visibility with reduced notification noise. -
Do I still need Guardian Gaze if I use Cloudflare or another cloud firewall?
-
Yes. Cloud-based firewalls like Cloudflare help filter network-level traffic and block certain attack patterns, but they cannot see inside your WordPress files.
Cloud services do not scan your WordPress core, plugins, or themes for malware, hidden backdoors, or unauthorized file modifications. Guardian Gaze operates within your WordPress environment, providing application-level malware detection and AI-assisted backdoor analysis.
For full WordPress protection, infrastructure-level filtering and application-level security serve different purposes. -
Will Guardian Gaze slow down my WordPress website?
-
Guardian Gaze is designed to be lightweight and performance-conscious. Malware scanning and monitoring processes are structured to reduce unnecessary resource usage while maintaining continuous security monitoring.
-
What if my WordPress site has already been hacked?
-
Guardian Gaze can detect modified core files, suspicious code, and potential backdoors on compromised WordPress sites. Scan results help identify infection points so you can review and take appropriate remediation steps.
Accurate detection improves visibility before cleanup or restoration. -
Does Guardian Gaze collect personal or sensitive data?
-
Guardian Gaze does not collect passwords or sensitive content. Only limited security-related metadata required for functionality is processed. Optional services can be disabled.
-
Is Guardian Gaze suitable for developers and agencies?
-
Yes. Guardian Gaze provides file monitoring, login activity logs, AI-assisted backdoor detection, and centralized visibility that can support developers and agencies managing multiple WordPress installations.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Guardian Gaze Security – AI Based Malware Scanner, Firewall and Login Protection” is open source software. The following people have contributed to this plugin.
Contributors
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
2.2.1
- added new feature to scan updated files
- support for php 7.0.
- suppor for WordPress 4.7.
2.2.0
- Added new feature to scan updated files.
2.1.3
- Fixed bugs.
2.1.2
- Fixed bug in file integrity monitoring.
2.1.0
- Added new feature to scan updated files.
2.0.8
- Fixed security keys regeneration creating too many backups.
2.0.7
- Fixed bugs email report delivery.
2.0.6
- Fixed bug in file integrity monitoring.
2.0.5
- Added AI scan feature.
2.0.4
- Fixed bug in file integrity monitoring.
2.0.2
- Fixed bug in file integrity monitoring.
2.0.0
- Initial release