Skip to main content

MalCare – your best buddy for malware protection of your website

74,652,825 websites depend on WordPress and yet yours was the one that got hacked? Well, join the club, you’re not alone!

WordPress is a phenomenally popular site that powers about 30% of the internet. I have also been a constant victim of getting my WordPress site hacked frequently and decided to take action needed to stop this once and for all. Here is how I found a solution to my hacking woes.

While browsing the internet for the best security plugin by WordPress out there I came across MalCare. This was a relatively new security feature that I became even more convinced of as I learned more about it. And let me tell you, I went for it, and since then, my site hasn’t been hacked to date.

How MalCare Came About

MalCare is the brainchild of BlogVault, a popular WordPress backup plugin. They started working on a multidimensional solution that focuses on several fronts of website security. The idea was to create something that won’t just prevent a hack, but also block further attempts.

With multiple websites and lack of technology expertise, MalCare has been a saviour for me because of its ease of use. If all you want is to scan and secure your site, you don’t need to have any technical knowledge for that. With MalCare it’s an automated process, one that does not even ask for your site credentials. This is as easy as it can get!

Installation and Setup of MalCare

Anyone can do MalCare installation and setup. It took barely a few minutes to get the plugin and have it running on my site.
Step 1: Sign up and Add Site to your MalCare account.

Step 2: There are two ways in which the plugin can be installed –

  • There is an Auto option that will install the plugins easily. All I had to do was log in to my account
  • If the auto installation fails, there’s an option for Manual installation.

MalCare Dashboard

The dashboard features five neatly categorised sections to the right and quick links for the same functions on the left.
These are the options I found on the Dashboard:

  • Security
  • Management
  • Backup
  • Reporting
  • White-Labelling

The best part about this plugin is, once it was installed, it automatically started scanning my website. There is a score given on the dashboard indicating the security level for the site. If you get the highest score A, your website is secure. On the other hand, D is the lowest. If this pops up, MalCare guides you through the steps that should be taken on how you can improve the score.

MalCare Features

The extensive set of features that MalCare provides did impress me. It had everything I needed to keep my website free from malware for now and in the future.

MalCare Scanner

This WordPress scanner was built using AI after analysing and studying over 240,000 sites for 2.5 years. It is one of the most advanced security measures introduced to detect unknown malware in the last few years. With daily scans that are automatically activated once the timing is set. The security plugin can also scan the site on demand. MalCare will sync your site to their server and even note the file changes. All this, in 60 seconds!

So, to put the MalCare scanner to the test, I intentionally compromised my website and decided to let MalCare do its job.

And the result? The hack was identified, and I received notification through email as well in real-time!

How malware does it’s scanning?

Complete Malware Scanner

100+ signals are searching for malware on the website. The AI technology actively searches for malware by cross-checking with 240,000 and more sites. Any changes that aren’t supposed to be happening are also detected in specific files to locate the malware.

Goes Beyond Signature Matching

MalCare does not use the regular run in the mill methods to find the malware. It won’t check each line of code on your website for the malware. Instead, it looks for abnormalities and examines them for the presence of malware. This algorithm has proven to be useful in finding even the most complex malware.

Does Not Overload Server

Most of the security scanners present in the market tend to overload your server. This is something that the MalCare team has taken note of. Scanning by MalCare takes place on its server without affecting our websites. A shift in the entire load means our page load speed is not affected either.

When I ran the scans on-demand or automatically I noticed that the speed of my site was not slow.

No False Positives

I have been using MalCare for quite some time now and have never come across any false positives from their end. You’ll receive an alert only when there is a presence of a specific malware on your WordPress site. On the other hand, it is good that you won’t receive any false positives. This way, you won’t have to be alarmed when there is no attack on your system.

When I enquired, the support team informed me that extra care was taken to make sure it reports only genuine malware issues.

MalCare Cleaner

When you notice signs of a hack, panicking is a typical reaction. Finding the right experts who can help explain the issue and get the website back on track has always been a tedious task in the past. MalCare has taken away this worry from me with the One Click Malware clean feature.

While the manual clean is always a Hercules task, MalCare makes the job easy with just a few clicks.
Here is what I did when I received an email informing me that there is a hack.

I used the Auto Clean option that is present below the scanner options.

MalCare immediately took care of it. It took less than a minute to remove the malware. I was informed through my dashboard and email that my site was clean again.

I was utterly bowled over this feature and, I dug in deeper to explore MalCare, and this is what I learned.

Perfect for Newbies

If you are using MalCare for the first time, you don’t have to worry about a thing. Thanks to the MalCare cleaner, you’ll never have to know the difficulties of doing a manual clean up. All you have to do is select the one-click feature, and it will clean up the site. It was gratifying to discover that we need not rely on external specialists every single time anymore.

Defense Against Malware

You will be surprised to know that despite frequent clean-ups malware generally comes back by finding a backdoor! However, MalCare takes care of this, and I haven’t had the same hack taking place on my website, as of now.

Thorough Cleaning

MalCare removes all the malware from the system without leaving a speck behind. The good thing – it only removes parts of the files that were hacked. The others remain unchanged.
I am glad this feature is available because now I won’t have to depend on anyone to get a malware clean done one on my sites.

Website Hardening

MalCare has a feature called Website Hardening that is even recommended by WordPress.
It is done in three parts based on the level of security.

Essentials
This is the primary website hardening step that all are suggested to take. It disables the files editor, changes the database prefix and blocks the PHP executions in untrusted folders.

Advanced
Here, it blocks the theme installations and plugins.

Paranoid
This is where it resets all your passwords and changes your security keys. It is the final step to ensuring you don’t get hacked.

Here is how MalCare performs the necessary actions for website hardening.

Changing the Security Keys

The security keys are stored in the database of the site by default. This can be very dangerous if the hacker probes into the database tables of your site. MalCare helps you create a whole new set of robust security keys and stores them in the wp-config.php file that is secure.

Protects Upload Folders

Many of the hacks happen through the execution of PHP files in the upload folder. MalCare blocks such executionsMalCare.

Prevent Plugin Installation

One of the common ways hackers try to get into your site is through the backdoors by using themes and plugins. By disallowing these installations, you can reduce the risk of getting hacked.

Disabling File Editor

One way of preventing malware from getting in is to block all access to your backend files.
All I had to do was select all the fixes that I wanted to deploy for my site and enter the site details. And just like that, my site was secured!

MalCare Firewall

Firewall protecting is like a defence you put up for your site from external hackers. You can automatically enable or disable it when you add your site to MalCare. The firewall filters the traffic that comes in from the outside online world.

IP Blocking

MalCare is continuously in search of bad IP’s. These are ones that can cause harm to your website. When one of these IP’s tries to access your site, MalCare Firewall blocks it. Reassuring right? It even gives you all the information about the bad IP that was blocked.
I could see the number of IP’s that were barred from entering my site on the dashboard. By selecting the amount of allowed traffic, the IP address and more details of the incoming traffic were available to me.

Login Protection

Hackers are always on the lookout to target websites by trying various usernames and passwords to get into the site. After a few unsuccessful tries, malicious bots and hackers are locked out. MalCare deploys a CAPTCHA designed to be unreadable for machines thus preventing the hack. Even brute force attacks by bots are ineffective when you have your MalCare firewall enabled.

MalCare Support

MalCare support is very reliable and took the time to help me with my queries and even explain how it works. They were very helpful in making me understand the MalCare features in details. This is more reassuring as it shows that they care about online security and appreciate its importance.

Prices

There are both free and paid versions of MalCare. The scanner and the firewall are features that can be used in the free version. If you are looking for more of their security features, you can opt for it for $8.25 per month.

My Opinion

Several features in MalCare impressed me. What I liked, in particular, was the Website Hardening feature. As a website owner, I would want to do everything in my power to protect my website from a hack, and this feature gives many ways in which that can be done.
Scanning is a task I generally postpone because it slows down my site. This does not happen when I use the MalCare scanner. The server is not overloaded, and so to my delight, the working of my site was not interrupted. This is another feature that led me in favour of the MalCare product. I should also mention White Labelling and Reporting that makes life easier for those who handle client sites.

I would recommend all WordPress site owners to get MalCare to keep their site protected. It is a one-stop shop for all your security needs.

Try MalCare and experience it for yourself.

Comments

Popular posts from this blog

WordPress migrations need an overhaul. Here’s why.

 WordPress migration is the bare necessity of running an active website. All WordPress customers need to deal with the aggravations with migrating their site beginning with one web host onto the next web host. It is known by the web society that WordPress migration is a overwhelming undertaking. This is clear with the by and large wide number of instructional exercises and articles concerning it. Even more importantly, the expenses incurred in this system are a wide sum. In the 21st century, we would look for our prerequisites to be fulfilled intuitively for a comprehensive customer endeavour. For the particular strategies to stay reasonable to this day and age, it is fundamental for the required virtual processes to be quick, i.e. they ought to be simple for the customer. WordPress has profitable strength of 14 years on the web. Even so, after this time, migration must be done manually. This is genuinely tiresome. You will be responsible for content creation an

WordPress custom menu page, fetch data from custom MySQL table and export to CSV

 To create a custom menu page in WordPress, retrieve custom table data from MySQL, and display it with the ability to export to CSV/Excel, you can follow these steps: 1. Create a custom table in your WordPress database to store your data. You can use the $wpdb global variable to interact with custom tables in WordPress. Here's an example of creating a custom table: <?php global $wpdb ; $table_name = $wpdb -> prefix . 'custom_data' ; $sql = "CREATE TABLE IF NOT EXISTS $table_name ( id INT(11) NOT NULL AUTO_INCREMENT, name VARCHAR(255) NOT NULL, email VARCHAR(255) NOT NULL, phone VARCHAR(20) NOT NULL, PRIMARY KEY (id) ) $charset_collate ;" ; require_once (ABSPATH . 'wp-admin/includes/upgrade.php' ); dbDelta( $sql ); ?> 2. Add the following code to your theme's functions.php file or create a custom plugin file to define the custom menu page: <?php // Add menu page function custom_menu_page () {

Covert all date data format from VARCHAR to DATE in any MySQL table

 Converting varchar data to date format in MySQL involves several steps. Here's a method to achieve this: Assuming your varchar date column is named date_column and your table is named your_table, you can follow these steps: Add a New Date Column: First, add a new date column to your table. ALTER TABLE your_table ADD new_date_column DATE; Update New Date Column: Update the newly added date column using the STR_TO_DATE function to convert the varchar dates to date format. UPDATE your_table SET new_date_column = STR_TO_DATE(date_column, 'your_date_format'); Replace 'your_date_format' with the format of the varchar dates in your column. For example, if your dates are in the format 'YYYY-MM-DD', use '%Y-%m-%d'.  Drop Old Date Column: If you're confident that the new date column contains the correct data, you can drop the old varchar date column. ALTER TABLE your_table DROP COLUMN date_column; Rename New Date Column: Finally, rename the new date colum