Akshat Choudhary

Akshat Choudhary is the Founder and CEO of BlogVault, MalCare, and WP Remote – successful WordPress plugins designed for complete website management. He has always prided himself on his ability to teach himself things. Since starting BlogVault, Akshat has transformed his side-project into a profitable venture that is scaling new heights in the Indian startup space. As a member of the WordPress community for almost a decade, Akshat’s core belief when building any product is to ensure the end-user doesn’t need assistance and to assist them in the best possible manner if they do.

Main Topics/Questions Of The Interview

#1 – Can you give some further insights connected to yourself and BlogVault, MalCare, and WP Remote?

#2 – In a lot of IT departments WordPress is seen as being very insecure do you agree with this statement and what can be done about this view?

#3 – You got a new product/service WP Remote that speeds up WordPress websites can you tell us more?

#4 – What have been some of the most difficult problems you have to deal with in the past year which like to share with the audience?

#5 – What are one or two key advice points you would give to somebody who is thinking of developing either a plugin or service in the WordPress ecosystem?

#6 – Why would you like BlogVault to be in the next couple of years’ time?

This Week Show’s Sponsors

Castos: Castos

LaunchFlows: LaunchFlows

Focuswp.co Focuswp

Bertha.ai: Bertha

Episode Transcript


Intro: Welcome to the WP-Tonic this week in WordPress and SaaS podcast, where Jonathan Denwood interviews the leading experts in WordPress, e-learning, and online marketing to help WordPress professionals launch their own SaaS.


Jonathan Denwood: Hi there folks. Welcome back to this week in WordPress and SaaS, it’s episode 683. We have a returning guest, a really fantastic guest, and built up a fantastic business. We have Akshat with us; I probably butchered his first name, I’m not going to attempt his surname because I’m going to butcher the whole thing, but tribe, you’re used to that, and so is my friend and co-host, John Locke. I can say Akshat is the founder of BlogVault, MalCare, and WP Remote, all fantastic plugins, and services, which I use myself and I am a paying customer.

So, Akshat will have to be nice to me, won’t he? First of all, I’m going to let my co-host introduce himself. John, can you introduce yourself to the tribe?


John Locke: Yeah. John from Lockedown SEO and, yeah.


Jonathan Denwood: That’s fantastic. And Akshat, can you give the tribe a quick intro about yourself, a quick 10-20 second intro?


Akshat Choudhary: Yeah. Hi, John and Jonathan, nice to be back. Thank you for having me. I’m the founder, as Jonathan described, I’m the founder of BlogVault and some of the other products; being here in the WordPress community, and I was almost going to say ecosystem, and then I realized that community describes it so much better, the WordPress community for over 12 years now. And, yeah, it’s been an amazing journey. Yeah, and we think that we are only getting started, there’s so much more to do and so much more to be part of.


Jonathan Denwood: That’s fantastic, Akshat. I just want to say, I think Akshat is one of the most interesting WordPress entrepreneurs really, really bright but humble at the same time, so that’s a really amazing combination really. Before we go into the main part of this great interview, I have a message from our major sponsor, Castos, we will be back in a few moments.


Ad: Hi there, folks. I just wanted to tell you about our major sponsor and that’s Castos. If you’re looking to get into podcasting for yourself, or for clients, you need a top-quality podcasting platform, and that’s what you get with Castos. It has a superb interface, is really easy to use, and you’re not penalized for success, they have a flat-rate pricing structure, it doesn’t matter how many podcasts you make, how many downloads you achieve, you’re just pray at one fixed-rate with Castos; plus there is support and just the quality of the people are just amazing.


Jonathan Denwood: We’re coming back. I just want to point out that Castos has a fantastic special offer for the tribe, plus some of the other sponsors, plus I have a list of the best plugins and WordPress services all on one page. A fantastic resource to get all of this, all you have to do is go to the wp-tonic/recommendations, and you’ll find the special offers and everything else on that page. So, let’s go straight into the interview, so maybe you, I watched some of your other recent interviews and it’s on the artwork that BlogVault started by a mistake basically. Maybe you can give a quick outline of why you started BlogVault and just a quick intro into the background of the company.


Akshat Choudhary: Alright. So, yes, I was a complete WordPress outsider. In fact, in many ways, I still consider myself an outsider even now, but at that point in time, I barely knew about the existence of WordPress. So, what had happened was one of those bloggers, who’s very famous, he runs this blog called Coding Horror, so he’s also the founder of Stack Overflow, and his blog had crashed. And I was like, if this guy can lose his website, and fortunately, I was able to recover it through some mechanisms, but because his server had crashed, I was like, okay, maybe there is a need to save blogs, and which is why the name is BlogVault.

In hindsight, looking back, I would not, knowing today who our customers typically are, I would not have called it BlogVault because WordPress is so much more than blogs. And in fact, a very, very small number of our customers, as a percentage, are would-be bloggers; it’s a lot more business websites, that use our services today. So, yes, that’s how we started BlogVault, and we were like, okay, fine, what software is this person using and they’re like, okay, there’s this thing called WordPress.

And, yes, this is how WordPress runs, and we started BlogVault, and then we realized, one thing we did at that time, was we realized that we wanted to make it as a SaaS, and if you go back to early 2010, 11 timeframe, the concept of SaaS was not there. In fact, we thought that the only way to do backups is to do it on another server; you don’t want to go through these hassles of doing it. Because we thought that’s the better way of solving the problem, we took that approach, and I think in hindsight, that has turned out to be a really, really good thing, and it has really set the direction for the company.

So, it was not like we wanted to create a SaaS company or anything of that kind, it just happened that we thought this is the best way of solving the problem, and it led to a number of other decisions that got made. It also meant that we ended up being almost, if you go back to that time, there was nobody doing SaaS, nobody charging you on a recurring basis. So, we got a lot of resistance from potential customers because they would be like, why should I pay recurring?

Everything is a one-time payment and a very small amount of money, whereas we were charging a decent bit, so there was quite a bit of pushback from the customers, and frankly, it was a side job, so a side gig, I was working as an engineer, so I didn’t care too much. So, I’ll let it run if I get a few customers, but you know what happened, suddenly I started getting more and more customers and I was like, okay, fine, what’s happening. And people started paying and before I knew it, the amount of money became substantial, so maybe there’s more to it, and that’s when I quit and started doing it full-time.


Jonathan Denwood: Alright. And I think just a follow-up question before I throw it over to John, is that I think in a couple of the interviews that I listened to when it came to MalCare; MalCare was, you admitted that maybe you should have concentrated on BlogVault, but you got engrossed in a customer’s problem and it was a difficult problem that took over a year to really solve to your satisfaction. And that turned into MalCare, it’s fascinating, is that true? Is that correct?


Akshat Choudhary: Yeah, no, it actually took more than, it took almost three years to build, and if I had investors, they would’ve shot me by now, by then, they’re like, first of all, you’re making a stupid decision because you’ve barely scratched the surface with BlogVault to market. And then we are getting distracted into building a completely different product when we are not even doing a good enough job of selling the first product.


Jonathan Denwood: Yeah. I think you said in that interview, the main thing that saved you is that you always try and produce top-quality, and I think you feel, always trying to produce the best that you can, that your team can do, is one of the things that in the end has really worked out for you, is that correct?


Akshat Choudhary: Yes. And again, and not everything is by design, some of it is just our learnings, but we’ve always been, one of the things that we call it whenever a new person joins, so we tell them that we’re like a jackhammer. We will keep solving the problem, we’ll keep coming back at the problem until we’re really, really happy with it, and even then, if we find a better way, and even today, so for example, we do our backups.

So, we’ll just keep coming back and solving these problems really, really well because when you do that, then you just create a market for yourself, so even if you have other shortcomings like lack of marketing, the great product takes care of it. And great products don’t get built overnight, at least the kind of products we are building; they require that almost maniacal sense of focus.


Jonathan Denwood: Yeah. Over to you, John.


John Locke: One thing that I use BlogVault for a lot is migrating sites. And I noticed it today in the WordPress repo; you’ll see that there are a ton of plugins that are for migrating sites to specific hosts. How much of that played a role in the growth of the company? Was that the turning point?


Akshat Choudhary: So, it’s an interesting one. So, we started doing backups and then a lot of our customers came back and told us that we should do the migration, migration is a real problem. And it took me three years to realize that migration is a real problem, and then I bumped into the founder of WP Engine, and this was still early days, now WP Engine is this massive thing.

It was still big, but it was not as massive as it is today, far from it, and I bumped into him and I told him that in a podcast that I was listening to where he was a guest, he mentioned that people would sign up for WP Engine and the biggest problem they would have is they would be unable to migrate their website, and I was like, this is a problem we solve really well. And that became the genesis of our partnership with WP Engine, which led to all the other partnerships. In terms of, yeah, so this gave BlogVault a lot of credibilities because now we had the biggest WordPress companies endorsing our technology.

So, what we noticed is that a lot of larger agencies and other companies, started realizing that, okay, fine, they would use BlogVault or our plugin to migrate their websites to WP Engine, and they would notice our brand, and because they noticed the brand, they would be like, what is this? And eventually, it took a long time, but it started adding to that credibility, and we started getting more and more customers because of this. So, even today, a large number of people recognize BlogVault from the migrations they have done through these hosting companies.


John Locke: That’s excellent. Now, I noticed that you have another product, WP Remote, which allows people to manage almost as many websites as they want to. Can you go into that product a little bit?


Akshat Choudhary: Alright. So, we have BlogVault and we have MalCare, so BlogVault is a backup product, MalCare is a security product, but if you’re using BlogVault for backups, and if you have multiple websites, most likely, you’re an agency. Now, as an agency, you’re doing these backups, but you have a lot more things that you need to accomplish, you want to do things up there, you want to keep them updated. So, our customers would tell us that we need to our website and stuff like that, and then they would leave us for some of our competitors because we didn’t have that functionality.

So, we started building it into BlogVault, but we also faced this other challenge, in which, we’re in the process of solving, is people would come to BlogVault and the branding would just [Inaudible – 13:35]. Are we a backup product, or are we a product for agencies? So, what we said is that, okay, fine, we’ll use the same technology on everything else, but brand it for agencies under the WP Remote brand, okay.

And so, if you are an agency and you’re managing multiple websites, then you’ll get all the technologies, you get backup, security updates, monitoring, and everything else that we are doing, tailor-made and packaged for you under the WP Remote brand. So, as an agency owner, that’s where you would typically go to, so it’s more of a branding positioning thing than anything else.


Jonathan Denwood: Alright then. I think we’ll go for our break and we’re coming back, have some more excellent questions, well, hopefully, they’re excellent. I think it’s been a great discussion already; we’ll be back in a few moments.


Ad: Hi there, folks, are you looking to build modern shopping cart landing pages using the power of WooCommerce for yourself or for clients, and you want to do that quickly with little need to know about hand-coding? Well, if the answer is, yes, and it should be, I have the perfect answer for you, and that’s LaunchFlows, LaunchFlows is the most modern and easiest way of building modern landing shopping pages for your clients. It also works natively with Gutenberg and the leading page builders like Elementor or Divvy; it’s really flexible, really powerful.


Ad: Hey, tribe, are you trying to scale your agency, but struggling to find time to work on your business because you’re always stuck working in your business? Head over to https://focuswp.co, where you can subscribe to an instant team of white-label geeks and creatives to delegate to; use code WP-Tonic for a special discount just for the tribe. With FocusWP, you don’t have to worry about hiring, firing, or any other HR nightmares, just submit a ticket, and your new team will dive in. Focus on what you love, outsource the rest


Jonathan Denwood: We’re coming back. We have had a great discussion about all things backup plugins, MalCare, WP Remote, but if you want to get the WP-Tonic weekly newsletter with the leading WordPress stories, and a personal editorial written by myself, all you have to do is go over to wp-tonic/newsletter, and you can sign up for this free weekly newsletter.

As I said, it has some of the best news stories of the week around WordPress, and also has a great editorial from me, so I think one of the things, and I think you’ve, as I said, you’ve touched upon this, is that I have a mixture of small entrepreneurs trying to build a business in e-learning, but I also have some large clients, corporate clients, and they have their IT departments. This is a generality, but it’s based on experience, have a very negative attitude, in general, towards WordPress, they say it’s insecure, it doesn’t meet their internal standards blah, blah, blah.

And I think it’s a total misconception about open-source software, where you have multiple eyes looking at the code, which is great, but I think one of the problems, maybe, are the plugins, which is one of the things that makes WordPress very attractive. So, what are your own thoughts about how WordPress is seen and how insecure is it, or what are some of the problems, or is it overblown? I thought you’re the top expert to really ask this question.


Akshat Choudhary: So, we’re fairly opinionated about the space in this topic. As you mentioned, plugins are the single biggest reason why sites get hacked today…by far, I think vulnerable plugins. 90 to 95% of sites get hacked because of vulnerable plugins, maybe themes, plugins even more so, and as you mentioned, WordPress itself has a lot of people looking at it, so we have not had a major workplace vulnerability for years. But at the same time, plugins, only a handful of people work on it, you’ll also often see plugins with millions of installs having only a person working on it part-time.

And just the nature of it means that there is going to be, it’s not going to be as foolproof as you’d like, and then you’re talking about plugins which are solving a small problem, a niche problem, which will, yeah, which just does not get the effort or the security analysis going in on a regular basis, and when this happens, you’re sites, using these plugins, will be vulnerable.

Now, today, one of the biggest reasons you are using WordPress is because of the flexibility because of all those plugins, so the answer is most WordPress installs tend to be, are always risky. So, there’s always a sense of risk associated with them, and you cannot wish that away, you can say that no WordPress is safe, but the plugin. The reason a vast majority of people are using WordPress is, for this reason, so you can’t, yeah, it just leads to, the reality is that most WordPress sites, you have to accept that there is a possibility of a hack.

Now, comes the possibility, how do you mitigate it, especially if you have an IT department? So, that means that you most likely have a valuable website and you can’t afford to have it get hacked. Or there are peoples’ necks on the line, jobs are on the line if this happens and there’s serious material impact, but this is the second part, which makes it even more insecure is the level of information out there. Or should I call it misinformation out there when it comes to how to secure a website is so high and not maliciously so, a lot of people strongly believe those are good ways of securing websites, and that gets peddled so much?

There’s also a lot of fear-mongering happening of a different kind. Because of all of these reasons, WordPress sites tend to be a lot more insecure, let me tell you this, you know how we mentioned plugins are part of 90% of hacks, but if you went to a person whose site got hacked they’ll be like, no, my web host is the reason I got hacked, where web host is rarely the reason. Web hosts can play a role in securing your website, but web hosts are not the reason your site got hacked, it got hacked because you’re using your plugin, and now that tells you the way people think and the way people approach the security of their website. And then all of this cascades into basically, a lot more sites getting hacked than there should be.


Jonathan Denwood: Right. So, what I gathered from what you’ve just said, is the reality is, the biggest security vector is the plugins, but you also said that it’s the understanding of how to set up a WordPress website and if you really understand it and do it the right way, some of these problems are reduced greatly. That’s the impression I was getting from what you were saying, can you give a quick outline of what some of the key things that you think people need to understand when they’re setting up a WordPress website that will make it more secure?


Akshat Choudhary: Alright. So, I think the most important thing you should have is a firewall. And there are different types of firewalls; a web application firewall is what you should get. Personally, I believe that’s the single biggest reason why a whole set of attacks can get blocked. In case you are using WordPress, WordPress actually has a great firewall; people don’t give it credit for that. Our old login, also, we are building a great firewall, we already have it, but I’m saying that’s another one, but focus on a firewall; there are a lot of other noisy things out there trying to make you do stuff with the login protection, which only plays a very much, much smaller role.

So, a great firewall is number one. Number two is to keep things updated; that I’m sure we have heard a million times. So, keep things updated. And third, if feasible, try and use some of the more popular plugins with a bigger team behind them because as the bigger team, what has happened is, as WordPress has become more commercial and plugins’ businesses have actually become more realistic businesses, people are able to put in a lot more investments with resources behind them. So, those plugins and teams tend to be a lot more secure.

So, something like, I actually shouldn’t take names there because there’s no such thing as foolproof security, but some of the larger teams are more likely to have better practices when it comes to security than the smaller teams. It’s not a hundred percent tool, but those are the three factors I would say; having said this, we use plugins, which have a few thousand installs all the time because when my marketing team wants to solve a problem, they’re like, I need to solve this problem because money is on the line. So, they’re not going to look helpless there, or they’re not going to figure out which is the most secure plugin.


Jonathan Denwood: I think, yeah, I think you’re totally correct there, but think when you’re dealing with a corporate website, especially if they’re in the medical or the financial, or in some regulatory environment, external, they have rightful concerns. But I think one of those is really being very fussy about having a stable platform, not allowing everybody in the organization to be able to install whatever they want to, having only a small group of plugins installed, having a stable environment, having somebody in charge that won’t allow anything else to be installed, unless it’s been checked over, and being fussy about where these plugins come from. Would you agree with that?


Akshat Choudhary: Absolutely. Every word you have said there is as accurate as it gets; with this critical environment, you need teams to be, you need people to be really, really fussy and gatekeepers, essentially.


Jonathan Denwood: Right. Over to you, John.


John Locke: I know BlogVault is a very successful company, but are there any business challenges that you’ve encountered over the last year, what things do you struggle with behind the scenes?


Akshat Choudhary: Alright. So, I think last year has been a challenge, the bigger elephant in the room is, obviously, with COVID and stuff, but keeping that aside, so one of the things, one of the challenges was over the past two years most of the time our company was remote and most WordPress companies tend to be remote. What we have come to realize in the past couple of years is we cannot be a remote company. So, it’s been counter, so we’re like, okay, fine, remote does not work for us. There are parts of it we can do remotely, but most of it, we like to be in person, we like to do things together, we like to solve problems in this way.

And we have also diagnosed the reasons behind it, the level of maturity in the team you require, the level of communication you require we’re not there yet, and, obviously, the temperament et cetera. So, all of those factors mean that we like to be in a room, we have seen that things which used to take weeks often get solved within hours when you’re just talking against a whiteboard, it also deals with the kinds of problems we’re trying to solve.

So, we also like to take up some of the more complex technical problems and try and really keep coming back at it, so those things are non-trivial, and it’s good to have people in a room brainstorming and coming up with different solutions before we zero in on one. So, these are factors that have set the agenda for the rest of the company for at least a decent amount of the future where we know this big thing that is going on is not for us.


Jonathan Denwood: Yeah. We have to discuss that in the bonus content because that was fantastic, you just opened a fantastic interesting subject there about how you cope with a remote team and an in-house and the benefits and non-benefits of both. That’s fascinating itself. We’re going to wrap up the podcast part of the show, folks, we’re going to continue the discussion. You’ll be able to watch the whole show on the WP-Tonic YouTube channel, plus the extra conversation that we’re going to be having in a few minutes, just go over to YouTube, put WP-Tonic in, and please subscribe and support the show on YouTube as well. So, John, what’s the best way for people to find out more about you and what you’re up to, John?


John Locke: You can go to my website, Lockedownseo, or YouTube channel, same thing; I’m lockedown SEO everywhere.


Jonathan Denwood: Yeah, John’s got a fantastic channel where he’s got fantastic practical insights around SEO. He gets to the point quickly and it’s relevant and he’s not trying to pitch anything, and I’ve learned a lot from John, so I recommend that. Akshat, how can people find out more about you, your company, and really some fantastic products?


Akshat Choudhary: Alright. So, head over to BlogVault or WP Remote, those are the two products, also MalCare, so malcare.com, wpremote.com, or blogvault.net a person. Those are the places where you can see about the products, personally, I’m not a very social person, so you rarely see me tweeting or putting emails out.


Jonathan Denwood: You seem quite chatty to me.


Akshat Choudhary: My team really gets annoyed with it, but the personality is the personality, so I’m not a very social person, so you don’t see me being very active on any of these social mediums.


Jonathan Denwood: Well, you’re always welcome to come back. You have to come back a little bit sooner than last time because it’s been a fascinating conversation, as I said, we’ll be continuing the discussion and you’ll be able to watch it all on the WP-Tonic YouTube channel, go over there and subscribe. We’ll see you next week, folks, for another great interview. We’ll see you soon. Bye.


Outro: Hey, thanks for listening, we really do appreciate it. Why not visit the mastermind Facebook group and also to keep up with the latest news click wp-tonic.com/newsletter. We’ll see you next time.

Sign-up For The WP-Tonic’s Weekly Newsletter

Sign up For WP-Tonic’s Weekly Newsletter Where You Read The Latest WordPress News & The Best Deals! Join The Tribe?

#683 WP-Tonic This Week in WordPress & SaaS With Guest Akshat Choudhary was last modified: by