WebARX Review: Keep Websites Secured

  • Editor Rating
  • Rated 4.5 stars
  • 80%

  • WebARX
  • Reviewed by:
  • Published on:
  • Last modified: 29th August 2018

If you run a website or an online store, there is a chance you might already been hacked. But you won’t know until it’s too late. By then your site might be a cesspool of hacked files and malware that does things like redirect your visitors, replace genuine code with malicious ones or just plain don’t work.

In worst case scenarios, your site could be placed on Google’s Blacklist and removed from Google’s search results until you clear the malware infestation.

By then, you would suffer from a damage of reputation, a loss in traffic and perhaps some lost business if your business relies on your website.

Average website attacks per day

Why you need Website Security (source: Sitelock, Website Security Insider Q4 2017)

But would hackers target my insignificant site? Shouldn’t they be looking at more prominent targets?

Unfortunately not. The fact is, websites are getting hacked more often today. And most of the compromised sites, are smaller sites without the time nor resources to self-maintain nor hire website security experts.

That’s why we need proper website security.

Why Do We Need Website Security?

In Google’s State of Website Security Report (2017) , the number of hacked sites has increased by 32% in 2016 compared to 2015. And this trend of hacked websites is expected to increase as hackers get more aggressive and more sites fall behind on security patches and updates.1

As most of us run self-hosted websites (e.g: WordPress, WooCommerce & OpenCart), it is our responsibility to keep our website secure and safe from hacks.

But website security is a hard thing. Things like OWASP (Open Web Application Safety Project), firewalls and removal of malware are often beyond the skillset of most webmasters, web designers and digital agencies.

Here’s where WebARX comes in.

WebARX Review: An Introduction

WebARX's Oliver Sild

WebARX’s Oliver Sild – Image by vpnMentor

WebARX is a fairly new website security and monitoring platform that came out of the founders’ own needs as a digital agency offering web design and development services.2

They have come a long way since then though, having won third place in the JIC StarCube 2015 competition3 and graduating from Cyber London (Cylon), the world leading accelerator focused on growing cyber security startups, in 2017.4

WebARX is focused on PHP-based website security and has WordPress as their first integrated CMS. Meanwhile, integration with other Content Management Systems will arrive as early as September 2018. (Check out WebARX’s Public Roadmap here.)

As such, we will compare WebARX with the leading WordPress security services and plugins and help you make the best choice.

WebARX Review: The Competition

WebARX vs Sucuri vs Sitelock vs MalCare vs Wordfence vs iThemes Security

WebARX vs Sucuri vs Sitelock vs MalCare vs Wordfence vs iThemes Security (click to enlarge)

Before we continue, I need to emphasise the importance of the OWASP Top 10 list in the table. If you scroll down, you will see more on the OWASP Top 10 List after this segment.

WebARX, $39/mo for 10 sites

When compared to the leading website security solutions for WordPress, WebARX does surprisingly well . In fact, based on features alone, WebARX comes close to Sucuri and Sitelock, the gold standard in WordPress Website Security.

WebARX lacks in database scanning and the automated malware removal, both covered by MalCare. This makes WebARX and MalCare, strange bedfellows.

WebARX will soon have the white label option, which helps you look great with clients.

MalCare, $149/year

MalCare, which was previously on AppSumo, does pretty well too. My main concern though, is MalCare only does behavioural blocking instead of the OWASP Top 10 rule set.

MalCare lacks the ability to block database attacks, namely SQL injections, which are covered by WebARX (and the other Website Security Solutions which follow the OWASP Top 10).

However, MalCare comes with database scanning, automatic malware removal and manual hack repair when the automatic malware removal fails. As such, MalCare complements WebARX and should be used together.

One good analogy on how MalCare and WebARX work together is like insurance. WebARX is like the medical card that provides you hospitalisation benefits and coverage from that expensive surgery. MalCare then provides you the lump sum of money that you need as you go through the recovery period.

Read: MalCare Review: Get Complete Coverage when used together with WebARX

Sitelock Secure Site, $70/mo

Sitelock’s highest tier, the Secure Site plan is the most complete plan in the table. It has database scans and automatic malware removals which WebARX lacks and only misses out on backups and downtime notifications.

Sitelock however, is also the most expensive WordPress Security Solution in this comparison table.

Cloudflare Pro, $20/mo

Other than the OWASP 2017 Top 10, Cloudflare Pro misses out when it comes to malware scans. As such, please get yourself MalCare, which covers the scanning portions that Cloudflare Pro doesn’t and is much more affordable than Sitelock.

Wordfence, $99/year

Other than the daily malware scan and average web application firewall, Wordfence lacks in many ways when compared to the other providers. Personally, I would stick with the MalCare and WebARX combination.

iThemes Security Pro, $99/year with unlimited sites

iThemes Security Pro is the cheapest website security solution in the table with a generous unlimited sites. However, iThemes Security Pro does not do any scanning of its own nor have a web application firewall.

As such, I would not recommend iThemes Security Pro as of this moment.

WebARX Review: The OWASP Top 10 List – Why it matters?

OWASP Top 10 Passing Rate

OWASP Top 10 Passing Rate

Update: I realised the importance of the the OWASP Top 10 list, as they are the most critical risks a website face. Here’s a snippet from Cloudflare, which explains it better:

The OWASP Top 10 is a regularly-updated report outlining security concerns for web application security, focusing on the 10 most critical risks. The report is put together by a team of security experts from all over the world. OWASP refers to the Top 10 as an ‘awareness document’ and they recommend that all companies incorporate the report into their processes in order to minimize and/or mitigate security risks

You can read more about the OWASP Top 10 from Cloudflare, Veracode & GreyCampus.

WebARX Review: First Impressions

The WebARX dashboard

The WebARX dashboard

WebARX impressed me from the get-go. From their beautiful hacker-like dashboard to the process of installing WebARX’s WordPress plugin and the thoughtful layout that helps with the consumption of logs and reports, WebARX comes across as professional and easy to use.

Plus, the WebARX team shows a lot of agility and ambition to move WebARX to the next level. Since the AppSumo launch, they have added on features that will benefit users, such as the ability to white label and to stack more than one AppSumo code.

WebARX Review: WebARX let's you know of vulnerable plugins

WebARX Review: WebARX let’s you know of vulnerable plugins

WebARX further impressed me when it detected a vulnerable WordPress plugin in my client’s site. The site was on MalCare and I added it to WebARX to see the difference. Within moments, WebARX notified me that I had a vulnerable software.

Now that you have read a bit about WebARX, should you buy a license? And if the answer is yes, how many? If that’s you, perhaps the following statement by Oliver Sild, the founder of WebARX, would help.

‘The uniqueness of WebARX comes from its private threat intelligence, which the company is also providing to national CERT’s and is powering the CMS-based web application firewall. We analyse around 3,000 hacking incidents every single day. We know all the latest attack vectors being used, as well as the software that is mostly targeting with automated hacking tools.5

WebARX Review: The Testimonials

WebARX Testimonial

WebARX Testimonial

Here are some WebARX testimonials from AppSumo. These testimonials were helpful to me and I hope to you too.

So Good – ‘I usually host most of my client sites on Flywheel that provides built-in security and free malware cleaning, but they’re kinda pricey. So I host some less important sites on either Bluehost or Cloudways. And I’ve had my sites hacked multiple times on both of those. Yikes! It’s a pain in the a**.

Wordfence has been kinda pricey, so I’m excited to see this deal for WebARX. I just bought it, and installed it on 8 sites in about a half hour, all from one dashboard. OMG! No more logging in to each site to install and configure the plugin. And I can see the activity in all from one dashboard.

I feel so relieved’, anubhav

Visual centralized security management for your sites is now a thing –‘I nearly bypassed this. Then my friend who is a web host said he was impressed with it. And he ain’t an easy guy to please when it comes to tech. I am SO glad I went back for another look.

Having stacked codes, I can now map out the removal of WordFence, GOTMLS, PAID uptime monitoring, daily AV scanning and other stuff I have with another provider. As for the interface…the colour scheme appeals to my inner geek. The information is presented very clearly, with even more data/info available on each website on the dashboard.

This is looking like one of the best AppSumo deals in a LONG time with the WebArx team set to deliver even more via their roadmap. 

One very happy camper here!’, paulirvine

WebARX Review: The Conclusion

WebArx Review: Don't Get Hacked

WebArx Review: Don’t Get Hacked

WebARX is a software that has the potential to shake up the website security industry. Compared to the current WordPress security solutions, WebARX has come a long way really fast. I can’t imagine where WebARX would be in a year or two.

With upcoming integrations with major CMS such as Magento, OpenCart and Prestashop, among others, WebARX will turbocharge any freelancers, web developers and digital agencies who handle care plans for clients.

Personally, I recommend that you stack a minimum of a five stack which will give you fifty websites for life. If you have the budget, stack more, as WebARX has the potential.


  1. https://webmasters.googleblog.com/2017/03/nohacked-year-in-review.html 
  2.  https://www.webarxsecurity.com/company/ 
  3.  https://www.jic.cz/en/magazine/we-know-the-winners-of-jic-starcube-show-2015/ 
  4.  https://cylonlab.com/startups/ 
  5.  https://www.vpnmentor.com/blog/webarx-web-application-firewall-for-digital-agencies/ 

WebARX

Summary: WebARX is an upcoming website security platform that provides impressive protection and monitoring of your WordPress and PHP-based websites.

RatingRated 4.5 stars

Posted by Leo Koo

I help people with SEO, WordPress, Marketing, SaaS and Growth at WPStarters.com.

  • Eduardo says:

    Excelente Good job on this great review! its a very intresting area and think would be good to knoe more to secure sites offered to my clients. Thanks for sharing this

  • Helene says:

    I just want to raise a serious matter. I have installed this plugin on 3 pages – and the result after using it is a disaster. On all three sites which are ecommerce – we dropped in ranking from page one to page 8 – 20 for over 350 keywords. They all lost a huge amount of sales and income … and the only common thing is the installation of Webarx.

  • This post may contain affiliate links to support the running and editorial content of the site
    >