Do you know that WordPress (or WP) is among the most popular CMS platforms for website development and is being used by over 75 million websites across the globe? According to Forbes, over 400 million Internet users view over 23 billion web pages (powered by WordPress) each Month. So, it was not surprising when I decided to use WordPress for building my website some years back. If you did not have a WordPress blog, you can follow This guide to create a WordPress website within 5 minutes.
I also came across many online articles on the increasing number of malware and other cyber attacks being made on WordPress Websites by hackers across the globe. This included websites of small business enterprises, the type that you would think would not be targeted by hackers.
This raised my alarm bell, and I decided to look for a Good WordPress security plugin that would work for my website. I evaluated quite a few WordPress Security plugins, which were easy to install and execute. Finally, I decided to test out the MalCare security plugin, which has been created by BlogVault team. After working in the WordPress ecosystem for a long time, the creators of BlogVault realised the importance of developing a good security solution. And that’s MalCare was made.
What is MalCare?
MalCare is a WordPress plugin designed to keep WordPress-powered websites protected from online malware and other security threats, as well as to restore any hacked website that has been compromised by a cyber attack.
Why I Chose MalCare?
MalCare offered a variety of security-related features (which I liked), some of which included:
- A one-click automatic clean-up feature, which was convenient for my use.
- Early detection of malware through the use of over 100 intelligent signals that alert me on possible security threats.
- Complete removal of any malware on detection.
- No need for any technical knowledge to operate this tool, which was convenient for a complete novice like me.
- Zero false alarms, thus protecting me from having panic attacks.
Easy to Install and Configure
Due to my limited technical knowledge, I wanted a security plugin that was easy to install and configure. MalCare plugin took me just around 5 minutes to install and configure for my website address. You can also read 4 Ways to Install and Activate WordPress plugins.
First, Signup To MalCare. Log in and add your website by entering its URL after clicking “Add Site” or the + button that appears on the top left corner.
Install the MalCare plugin either manually or through the automatic install.
That’s it. It’s done, and you are ready to go!
Accessing the MalCare Dashboard
After installing the security plugin, I decided to test the functionality of the MalCare dashboard. The MalCare dashboard is neatly organized into multiple sections, namely:
However, the best part was that on installation, MalCare started scanning my website automatically for any malware immediately. On completing the scanning process, the Overall Score section displays a score on the security grading of my website. This grading score ranges from A to D, with A being the “most secure” and D representing “most vulnerable.” Additionally, it provides easy solutions on how to improve the score.
Evaluating the MalCare Scanner
The MalCare scanning feature allows you to perform a scan any time by pressing the “Scan Now” button from the Security section of the dashboard. It also provides the convenience of either scheduling regular scanning or the daily automatic scan.
As the scanning tool utilises the resources of the MalCare servers, and hence it does not impact or slow down my website performance during the actual scan.
If your website is infected, MalCare detects the malware and notifies the website owner through e-mail, along with the published scan report on the dashboard.
- Scan Technology
To keep WordPress powered websites safe, MalCare uses over 100 AI-based signals to detect any new malware on any WordPress website. This scanning algorithm is being consistently upgraded to detect new malware. Additionally, MalCare synced my website to their server to locate any malware with precision.
- Not Just Signature Matching
The MalCare tool maintains a record of any changes occurring on my website and reports any unusual behaviour or changes. Unlike other malware scanning tools, MalCare goes beyond simply signature matching to detect any new or sophisticated malware.
- Minimum False Positives
The MalCare tool deploys optimum methods to ensure that only actual malware (if detected) is reported to the owner, instead of burdening them with any false positives.
Evaluating the MalCare Cleaning Tool
Once I was satisfied with the Scanning process, I decided to evaluate the MalCare cleaning tool. The One-Click Automatic Clean-Up feature is among the best features of MalCare that does the cleaning job efficiently without any technical knowledge.
If your website is hacked, MalCare sends a notification email about the compromise.
To perform the clean-up, I just had to log into the MalCare dashboard and click the “Auto Clean” button in the Security section.
After removing the malware in a matter of minutes, MalCare provides a detailed report on the dashboard, detailing the reasons why the website was hacked in the first place.
I also liked some of the other features of the MalCare Cleaning tool, including:
- Complete Malware Removal that prevents malware to return to the clean website through backdoors.
- No Technical Knowledge Necessary, which means any novice user like me can run the clean-up feature.
- Pinpoint Exact Location of the Malware, meaning MalCare can not only detect new malware but also identify its exact location. This enables the tool to remove the malware without impacting any other files.
Evaluating the MalCare Website Hardening measures
Next, I evaluated MalCare’s website hardening measures, which are recommended by WordPress to strengthen website security. The good part about this is that MalCare does the website hardening automatically for you on its dashboard.
Categorised under Essentials, Advanced, and Paranoid, MalCare allows the following security measures:
- Blocks PHP Execution in Untrusted Folders: which is used to block vulnerable PHP and other files (stored in the uploads folder) from being accessed by hackers.
- Changes Database Prefix
- Disables the File Editor: to prevent hackers from using the File Editor to create backdoors or access the crucial backend files.
- Resets all Passwords
- Changes Security Keys: to keep them secure from hackers by storing them in the wpconfig.php file.
All that I required to strengthen my website was to select each of these options and fill in the SFTP details. MalCare does not require me to have any technical knowledge to perform the website hardening measures.
Evaluating the MalCare Firewall
The purpose of any WordPress firewall is to prevent hackers from gaining easy entry into websites.
The MalCare firewall functionality offers the following main capabilities:
- IP Blocking: to block requests from any bad IP addresses that can potentially damage the target website. Firewalls are used to record the list of bad IP addresses to block these requests.
- Login Protection: Aimed at preventing brute force attacks, MalCare provides CAPTCHA-based protection that is difficult for harmful bots to access.
MalCare presents the details of any blocked IPs or failed requests on its dashboard.
Evaluating the MalCare Website Management
While regular updating of installed WordPress plugins and themes are necessary for keeping the site safe, it is inconvenient for most website users to keep accessing their websites and updating each of the installed plugins or themes. MalCare simplifies this requirement by allowing me to update (or remove) all of the installed WordPress plugins or themes from its dashboard itself.
Adding (or removing) a user or modifying their privileges is also easy on the MalCare dashboard.
Secure Backup Functionality
With its daily backup feature, MalCare ensures that my crucial files and folders are backed up, just in case my website is still compromised, resulting in data loss.
Support, Price & Discount
Finally, I decided to check out the pricing and support. On the pricing front, MalCare has both a free and a paid version. While the free version includes scanning and firewall feature, the paid version is priced at $8.25 for a month.
MalCare customer supports has a 24-hour response policy to any customer query, along with necessary technical assistance and guidance on security-related issues.
MalCare gives you 20% discount on the Annual plans.
- You Might Also Like: 7 Best WordPress Image Optimizer Plugins
- 6 Best Ad management plugins for WordPress
With features such as easy and automatic scanning and clean-ups, MalCare saved me from a lot of trouble related to my website security and is also easy on my pocket. My verdict is that all WordPress website owners must install and use MalCare to protect their websites.
Get MalCare Now!