Through synchronising data to the servers, MalCare backs up the website. To make the most of MalCare Malware Detection Technologies, it is important to fully synchronise the website records, including all its files and the website database. The database forms the content, sites, text, user credentials, setup, while the photos, plugins, themes and WordPress Core form the Files part of your website. When MalCare is installed and linked to the WordPress account, this data starts to sync.
How does MalCare sync Data?
It first copies the website entirely as MalCare syncs the website to its servers.
This is much like a pupil who photocopies notes for a lecture from his teacher. However, it is not like the notes that the student makes dependent on the notes of the teacher. That is, the data from the website will not be processed or synthesised by MalCare. Just another copy of the data can be made.
MalCare smartly and incrementally copies website info.
Let us consider the following scenario in order to continue the analogy described above. On Day 1, we will photocopy 10 pages of notes. There are 12 sheets of observations on Day 2. The student would though, have to photocopy only 2 more pages.
Similarly, in blocks of data, MalCare syncs information. On Day 1, MalCare scans the whole web automatically. On Day 2, only new data generated since then will be screened. This is required to decrease server load and to maximise the time of processing.
MalCare checks whether any modifications have been made on the web, and then searches the file or table for malware as well.
What data does MalCare sync?
Configuration, Settings and Content
For the same purposes, data is synced.
From time to time, we send you email updates about scanning procedures for MalCare. MalCare syncs the following information to show correct information for your proper understanding:
- Site name
- Site tagline
- Site locale
- Permalink structure
The following data is synced for seamless scanning and cleaning through off-site storage locations:
- Postings, and the author’s WordPress user ID.
- Sites, like the author’s WordPress user ID.
- Custom forms for article.
- Uploaded Website Signature
- Uploaded PDFs or other collateral material
- Any metadata that is linked, including:
- If the post is public or not
- If the post is exempt from a quest or not
- The Post permalink
- If available, an excerpt of the post
- The post author’s external ID (specific to the site in question)
- The featured picture, if available, of the post
Please note that when syncing, MalCare doesn’t process data. We are mostly concerned with the entire database being synchronised. Because in database tables all these configurations, posts, etc are available, we also sync them. This information is then parsed on our servers to show you in our dashboard statistics and figures for your website.
MalCare syncs various forms of information about the user:
- UserID, User Names, Email Addresses, Passwords, User Functions, Registered User Skills.
- User ID of users attempting or making changes to the website, as well as changes related to content.
- Link info, including email addresses and linked service user names
- Login attempts made by IP address and person’s user attempting to login (both successful and unsuccessful).
Basically, we synchronise everything local to WordPress stores. We’re not doing any further logging. WordPress can automatically generate post updates and records of users that have edited them when you edit a post. Since we synchronise the whole database, we also get this info. This knowledge would not be synchronised by MalCare if WordPress did not store it in the first place.
That is to say, we are actually searching the whole web. In order to display reports, we could then parse the info.
Themes and Plugins
MalCare syncs different kinds of plugin and theme information:
Plugin or Theme name
Plugin or Theme versions and capabilities (including featured image, menu locations, and pending updates)
Plugin Installation path
We also sync the following data to further enable and improve the functionality of MalCare:
- Comments and metadata on them like the following:
- Comment author name.
- Comment author email address.
- Comment author URL.
- Comment author IP address.
- Comment author WordPress user ID, if known.
- Comment author external (specific to the site in question) user ID, if known.
- Taxonomies (including categories and tags).
- Custom taxonomies (if used on the site).
- All core WordPress options.
All in WordPress that is saved locally is synced, including passwords. In the case of smart networks like WordPress, because several levels of encryption are applied for improved security, you do not need to worry about data security. In plain text, critical details such as passwords would not be available.
How Does MalCare Use this Data?
- Prevents unauthorized access
- Providing audit logs
- Plugin Management
- Theme Management
- User Management
- Advanced Queries on website
- Unauthorized login protection
- Vulnerability exploits
- Unauthorized Data Requests
- Remote Plugin and Theme Installation and Management via WordPress Repository.
- Enables Plugin and Theme updates.
- Enables Plugin and Theme activation
- Enables Plugin and Theme deactivation
Syncing exactly the same data onto the MalCare server enables a number of features, like scanning and cleaning.