travis.media

MalCare Review - A New WordPress Security Solution

This AppSumo special has expired… but you can still pick it up here. Highly recommended.

While the developers of WordPress take security very seriously and focus intently on securing the core, the real vulnerabilities are found within our plugins and themes. This means as bloggers and online businesses, we need to be concerned as to the security of our own sites and go the extra mile to keep them safe from attackers. 

There are a number of solid solutions available today: Sucuri, Ithemes, Wordfence, etc. But in this post, I want to review a new contender: MalCare.

*This is my fourth purchase from AppSumo, ever.  I pass on many things that they offer. However, every now and then they present a new application that fits my need AT THAT SPECIFIC TIME. At that point I buy. After using Sucuri and Wordfence free for a while, this came just at the right time as I had begun to search for a more professional, paid solution. And it's currently $49 for a lifetime license!!! Updated link

** Update: November 20, 2018 – I'm still using Malcare and have NO intention of changing to anything else. In addition to the info on this page and it remaining a rock-solid security solution, Malcare now shows me Performance stats and Uptime monitoring. I don't have to deal with another piece of software on my site as Sucuri or Wordfence would have it, but am glad to have a service off-site looking in and taking care of things. Go pick it up.

So Why Another Security Plugin?

To begin this MalCare review, let's ask the question: Why another security plugin if we have a handful of solid and trustworthy options already? Let me mention a few reasons:

  1. Performance – one consistent complaint with Wordfence is that it bogs the site down. It taxes the performance. I can't contest to this as I only briefly used the free version. Yet MalCare actually runs apart from your website, on their servers, so there is zero load on your site. This is good.
  2. Price – Sucuri is $200/yr for the basic plan, Wordfence is $100/yr, and iThemes is $200/yr (though they offer discounts at times & with bundling). The MalCare business plan is $249/yr, but at this moment it is only $49/one-time for a lifetime license! Quite a deal. Updated link
  3. False positives – this was my experience with Wordfence and Sucuri's free plugins….lots of false positives. One of MalCare's core claims is to reduce this significantly.

malcare-review-false-positives

MalCare Review – Comparisons

MalCare doesn't seem to shy away from comparing themselves with other reputable security solutions out there. 

In fact, they have side-by-side comparisons of their features versus the features of iThemes Security, Wordfence, Sucuri, SiteLock, and SecuPress.

Click any of those links to view the comparisons.

MalCare Review – Features

Overview

The current AppSumo deal (updated link) is the Business Deal which includes:

malcare review business features

Let's explore each one below based off of my own website's data:

1. Comprehensive Malware Scan

malcare review scanner

MalCare is set to automatically scan your site daily. This is good!

There is also the 'scan on demand' option.

I ran the Scan Now feature and when it was complete I received an email letting me know there were no malwares found on my site. This is great as I assume I will be alerted each day, and ESPECIALLY if something is found. I will update this in a few days and let you know.

Malcare claims that they keep track of ALL file modifications in order to allow a very early and precise detection. Also they use more than 100 signals to make sure nothing slips through unnoticed. These both sound great. We'll see. 

2. Instant Malware Clean

In the case of being hacked, MalCare will alert you and there will appear an 'Auto Clean' button on the dashboard. Upon clicking this you will enter your FTP credentials, choose your WP install folder, and MalCare will do its thing. 

After this cleanup is complete, MalCare will rescan and alert you as to your site being malware-free (or not). 

Now look ….. I have not tested this. I am looking for someone with a hacked site, but up until now I don't have a site to test. 

However, if you read the reviews, even on AppSumo, it seems that MalCare does the job very well. I mean, this is one of the sole purposes of the application, and I would expect it to do what it promises. I have no reason to doubt. 

I'm a 'half-full' kind of guy. 

If this is true, this plugin is an absolute charm and worth every penny. Let me ask you: If your site got hacked, would you know the steps to take to pick through and clean it all out? Most of us wouldn't, let alone have a "One-Click solution" available, right?

In addition, many hosting companies will go as far as deleting hacked sites, and Google will dish out penalties. 

So without any reason to doubt the promise of this company, this is a vital tool in my toolbox for my own site, as well as the sites of my clients, until proven otherwise. 

3. Powerful Malware Protection

malcare review score

Next in this MalCare review: Site hardening!

What a lovely word.

MalCare offers a few extra options to help lock down the security of your site. Here are the three categories and their contents:

Essentials

malcare review essentials

  • Block PHP Execution in Untrusted Folders
  • Disable Files Editor

I would be really hesitant to disable the files editor in my own site because I use it to make quick changes. However, I can see the benefit if you do not make changes there or make changes infrequently. 

Advanced

malcare review advanced

  • Block Plugin/Theme Installation

This is a good feature if you don't install plugins often. However, I'm not sure I'll utilize this because I seem to have plugin updates daily. I'm sure you do as well.

BUT…. the MalCare dashboard informs you of theme and plugin updates, so it may actually be a good idea to put your website through such a process. You make the call. 

Paranoid

malcare review paranoid

  • Change Security Keys
  • Reset All Passwords

The 'paranoid' hardening takes the options to a bit more extremes. 

4. Zero Load and High Accuracy

Zero load is a great feature. As mentioned above, MalCare's scanners run on THEIR site servers ensuring zero load on your own site. 

MalCare also tracks any changes on all files on your website. This allows for a comprehensive detection, as well as the ability to pinpoint the exact file affected for cleaning. They also evaluate all identified changes across 100+ signals to detect changes on your site. 

 

5. Integrated Secure Backups

Not available with the Business plan or the AppSumo deal, it's an add-on. Bummer. 

Yet, that really isn't the purpose of this plugin at all, so I understand. I have a hosting provider and can simply back up my site there. 

But What About The Footer Badge?

malcare review disable badge

You may have already read about this on AppSumo or perhaps another MalCare review, but MalCare, upon installing the plugin, adds this 'Secured by MalCare' badge to the bottom of your site. The above image is from my own footer after install.

Not cool. 

But people inquired about it, and how to remove it, and at this moment there is now an option within the Dashboard to remove the badge. It was a simple as clicking a button.

I love the transparency in this response from the founder and CEO of MalCare:

Additional Information

There is one more panel that I found helpful, the firewall panel:

malcare review firewall photo

Here you can click on each of these values (allowed, blocked, successful, etc.) and get specific data as to your Traffic Requests and Login Requests, from IP Addresses, to Paths, to User Agent info, etc. Great firewall features!

View Details just gives you an attractive graph of this data. Nothing special. 

MalCare Review Verdict

So what's the verdict? As mentioned above, I have not cleaned any sites with this and I have not been attacked since activating it, so i cannot 100% attest that it lives up to its claim.
But, there are three reasons why I think it will live up to its claim, why I think it's completely worth the price AND why I went and purchased it for my own site:

  1. It's Claim. MalCare charges $250 a year for its Business Plan! That's a lot. As mentioned above, the other options are at most $200/yr AND they are well established. The fact that MalCare charges this much, and that people are paying yearly for it, leads me to believe that it indeed delivers what it promises. Amazingly, this deal is currently just a one-time price of $49 for a lifetime plan (updated link). I'll take it.
  2. It's Purpose. MalCare has one purpose: Website security. If it fails at this, it fails completely. Looking at the reviews, it has not failed and is actually receiving quite the opposite.
  3. It's Functionality. The dashboard looks great. It integrates smoothly with my site. And it provides helpful information aside from the security side of things (like my Google Safe status, needed updates, etc.). It provides automatic scans daily, and it allows me to harden my site for further security.
  4. The Current Price. As mentioned it is currently a one-time price of $49 (updated link) for a lifetime license. It is not $250 a year (as originally)…….but $49, forever! This came at the perfect time for me as I was looking to invest in a professional security solution for my website.

Overall, I am pleased and feel confident in MalCare to take care of my website. I will update this MalCare review in a week or two so be on the lookout for that.
For now, go and get the deal and secure your website today.

Go get it

Do you have a security plugin on your site that you recommend? Have you tried MalCare? Let's discuss below.

----------

** This article may contain affiliate links. Please read the affiliate disclaimer for more details.

About Me Author

Travis of

Travis Media

Who Am I? I was 34 years old in a job I hated when I decided to learn to code. Read More
Explore

You May Also Like