MalCare WordPress Security Plugin - Malware Scanner, Cleaner, Security Firewall

Yes. Take the help of this step-by-step guide.

We require your email address to keep you informed about important updates related to your website, such as malware alerts, vulnerability alerts, and uptime alerts. Having an account is necessary to use our service, and your email address serves as a unique identifier for your account. In addition, we may use your email address to notify you about any changes or updates that we make to our service, as well as any new features or services that we may offer to help enhance your user experience.

You can send an email to the support team at support@malcare.com and notify our team regarding this.

MalCare Security Service has a free version and a premium version. We’ll scan and protect your website with a Firewall in the free MalCare version. You can download the security plugin from the WordPress repository. The paid version includes Cleaning a Hacked Site, Website Hardening, Website Management, White-Labeling, Client Reporting, and taking Regular Backups. Kindly take a look at our security feature pages for more details. To learn more, please take a look at MalCare free vs premium page.

To upgrade from a free trial version to a premium account, please take the help of this guide.

To upgrade to a bigger Plan, take the help of this guide.

Never! We will be with you for any queries at any time. Click here to get in touch with us!

MalCare automatic security scans a website once every 24 hours.

MalCare Security Service scans all your website WordPress files beyond just signatures and evaluates them automatically using powerful technology with the collective knowledge of 240,000+ sites. It uses 100 + intelligent signals automatically for deep security scanning and combing through all the files. That is how it detects even the most complex and well-hidden malware on your site.

No, not at all. MalCare Security Service performs all the heavy lifting of scanning your entire site WordPress files on its own. It does not use your site resources. MalCare Security Service runs its security operations on MalCare servers, thereby ensuring zero loads from its side on your website.

A situation may occur where your site is being repeatedly infected. In such events, there is no limit to the number of times you can clean up a hacked website. But if the situation persists, then cleaning up the site, again and again, will not solve the problem. In such cases, you can contact us, and we will help improve your security posture. We’d ask you to take proactive measures based on the recommendation of the Support team. We reserve the right to refuse service until appropriate actions are taken from your end. In cases like this, we also reserve the right to deny refund or cancellation of the MalCare Security account.

In order to begin the cleanup process, we need access to your server and its associated files. (Don’t worry, this will not compromise your site’s security). We get this access in the form of FTP, SFTP, or SSH access to your server. FTP stands for File Transfer Protocol, sFTP for Secure File Transfer Protocol, and SSH for Secure Shell. These are connection protocol mechanisms that allow us to log into servers to edit/add/remove files. These connection protocols allow us to log into your websites, specifically the server, and perform the remediation process. If you for some reason are unfamiliar with these protocols, don’t worry, our team of security analysts is prepared to assist you in the process. To do so, you’ll need to be willing to share access information to your hosting account. We covered how to clean a website here. Here’s a guide on how to find FTP credentials and another guide on how to locate a folder where WordPress is installed.

It really depends on the size of the website. In average, cleaning up with MalCare Security usually takes 5-10 mins.

MalCare’s Login Protection feature prevents bots from entering your website stealing your data, spamming, and other malicious activities that threaten the security of your site.

WordPress has recommended a few extra security measures which will harden the security of your website. We have incorporated those recommendations in our Site Hardening feature. Kindly have a look at our guide on how to implement Site Hardening.

MalCare Security Service was created after analyzing over 240,000 sites from scratch. The Firewall constantly monitors traffic from all places and automatically blocks IPs that seem malicious in nature. As such, it is automatically enabled and needs minimal overseeing. MalCare Firewall Security ensures that attacks on your site by even bots are mitigated, without affecting your WordPress site. It monitors bots across a global level without ever overloading your server.

Yes. Updating WordPress add-ons tightens the security of your website. Take a look at this Manage Site help doc to learn how to update WordPress add-ons.

Yes. With MalCare managing WordPress, users have become easier. Take the help of this Manage Site help doc. Remember to delete the passive user account and encourage users to use a strong password for better security.

Yes, you can. Our client feature is for your reference alone. You can assign a client to their site. If you want to give a user, dashboard access, please add them as your team members under the team section. Please see How do I add clients and team members? For the sake of security, give dashboard access to only people you can trust.

We understand the pains of a website going down. If a site goes down after you have added the website and installed the security plugin from the dashboard, MalCare will clean up your site. But if you add a website that was down beforehand, i.e. before adding the security plugin, then MalCare Security Service won’t work.

We only store data related to your site structure such as plugins/themes with their respective versions. This helps us identify vulnerabilities that may be present on the site. We track the IPs of visitors to your site, to identify malicious actors who might attack your site.

MalCare Security Service was developed after analyzing 240,000+ websites.

1. It uses 100+ internal signals to Scan and identify the most complex malware.
2. It pinpoints the malware’s exact location on your site. It does remote security scanning, to ensure there are Zero loads on your server.
3. MalCare comes with an industry-first One-Click Malware removal service that eliminates any malware in a jiffy.
4. We alert you only when there is a legitimate malicious discovery rather than 'possible hacks'. We feel these features set us apart from most other WordPress security plugins. For further information take a look at how MalCare Security Service stands when compared with Top Security Plugins.

Backups play a very important role in WordPress security, but it has some limitations. We have noticed that in many cases, it is weeks before a site owner realizes that his/her website has been hacked. During this period multiple backups will be taken, and there will be a high chance that the files that contain the hack or the Malware are also backed up. In such a case restoring from backup is not sufficient as it will not clean your website. Here is where a Malware solution like MalCare Security Service comes in. It does regular automated security scans of your website and notifies you if there is any sort of Malicious content on your website.

WordPress core is safe, but the CMS does not work in isolation. Security plugins and themes are part of its ecosystem. Several studies on hacked sites show that plugins and themes are responsible for a majority of such compromises. MalCare Security Service is an easy and effective way of securing websites and keeping them safe from hack attempts. Look at this full feature list.

An SSL certificate is used only to encrypt a connection between the browser and server to safely transmit sensitive information. However, MalCare Security Service goes beyond and actually protects the database where this information is stored, scans your website files using 100+ intelligent signals automatically, and applications protect from data breaches and the spreading of viruses/malware. These functionalities are not provided by an SSL certificate.

We’re the best because of three features:

1. We have developer-friendly plans that are easy on the wallet. If you’re a developer or an agency that hosts about 10 websites, the chances are that enterprise-level security packages would be too expensive for you. If you’ve got anything more than seven sites, take a look at our unlimited plans.
2. Our auto-clean feature makes sure that you can scan, and clean your sites by yourself, so you don’t waste precious time.
3. MalCare’s regular security scans alert you whenever it identifies hacks, so your sites are always secure.

We completely understand the concern and complexities surrounding WordPress Multisite installs. We treat each WordPress install as a license. It means that if you have a network of websites on a single WordPress installation, we treat that as a single license.

MalCare runs on its own servers. We take great care to ensure that we do not add load to your site. We do all the hard work of security scanning, cleaning, and protecting, on our servers and this is our USP.

FTP details input into MalCare is processed on our servers. We need your FTP credentials to access your website’s files and folders. We feel that FTP transfer is the safest way to transfer data to and from a site. However, they are treated like payment details (i.e. they’re not stored on our servers). Once we’ve processed them, they’re deleted from our servers.

These are available on our website: Terms of Service and Privacy Policy