A little while back we talked about WordFence and whether it’s actually the best WordPress security plugin on the market (as user numbers suggest). Yet, while popular, Wordfence is way from the only one of its kind. Actually, with Sucuri GoDaddy recently acquired one of it’s main competitors. High time we did a comprehensive Sucuri review!
For your uninitiated, Sucuri is really a company specialized in website security. They offer a number of services such cleaning hacked, compromised or blacklisted sites and protection from DDOS, brute force as well as other attacks.
It’s important to note that Sucuri will not be a WordPress-specific company. They also offer their services for Joomla, Drupal, Magento along with other sites. However, they are doing have a special desire for the WordPress platform. In reality, the business works closely using the WordPress security team plus some plugin providers and make their research accessible to them.
On top of that, these people have a security plugin in the WordPress directory, which can be what we should will mainly handle in this article. Let’s begin.
Sucuri Security – Installation and Setup. As step one within this Sucuri, we will install the plugin on our website and acquire it to function. Install the Plugin. You can install Sucuri within the same fashion as other WordPress plugins. Go to Plugins > Add New and check for Sucuri. The plugin you are interested in is within first place. The dashboard shows the security status of your own site. If activated, here you will notice logs of all things which has been taking place along with your site.
For your beginning, it shows the core integrity of your site. This means, Sucuri scans your WordPress files for changes or unknown files and lists problems so that you can address them. Needless to say, if files can be found in the list you know are no problem, it is possible to exclude them through the next scan. For that, just look into the products in question and utilize mark as fixed through the drop-down menu below. Within the same place, you may also delete or restore files.
Similar to Wordfence, Sucuri Security has a malware scanner. Whenever you push the button, it is going to examine your site for malware, errors and out-of-date components. It also checks whether you have been blacklisted by Google, Norton, AVG, Phishtank along with other spam lists. The scan will run automatically every three, twelve or twenty-four hours (based on your settings). The default is two times a day.
Once it provides run through, you get a detailed report of the findings. Any issues present on your site are listed onto it so you can take appropriate action if required. Of course, like any good burglar alarm system, Sucuri even offers a firewall. When enabled, all site traffic first experiences Sucuri’s servers before coming to your site. This way, they are able to sort out hackers, DDOS attacks and all other undesirable traffic before it even reaches you.
Accomplishing this protects your website together with your server, prevents downtime and slow downs. It also protects you from database SQL injections, backdoors and lots of other threats. However, the firewall is not within the free plugin. So that you can enable it, you will need an API key that you need to join up to one of many paid plans.
Under Hardening, Sucuri helps you make a plan to fortify your site from the outside threats. You are able to enable each feature comfortably using the mouse click.
Finally, this part contains everything Sucuri is aware of your site. It contains info on your plugins and server, scheduled tasks, the integrity of your own .htaccess file, variables like database name, table prefix, SALTs and much more as well as settings for error logs.
Sucuri Security – User Friendliness
Generally, Sucuri Security is simple to use. Everything is within the same menu item, settings are structured and the plugin includes sensible default configuration. Besides managing a manual scan and experiencing the hardening options and settings once, there isn’t much to accomplish for most users.
However, I came across that some features are disabled by default that, for me, shouldn’t be. For instance, checks for core integrity and audit log statistics. However, the remainder is really set it and forget it.
Really the only problem I ran into was which i was not able to create an API key. Although I clicked the button many times, the reminder to get my API key never vanished. Recovery via email also didn’t work. Nothing ever arrived within my inbox even though test emails for your security alarms did allow it to be there.
Overall, Sucuri offers a solid free security plugin for WordPress. It has many wonderful features, such as the comprehensive scanning module, easy security hardening and help for hacked websites. Along with yjvefb monitoring tools, the plugin makes keeping your web site safe quite simple.
The thing that is missing, naturally, is definitely the firewall. Other security plugins offer this feature free of charge but Sucuri users need to pay to use it for their site.
That’s understandable, considering that the firewall is Sucuri’s flagship product and the primary reason for stellar reputation on the web. In case you are running a valuable high-traffic website, purchasing this extra layer of security is sensible. Sucuri actually know what they are performing along with your site are usually in good hands.
However, when it comes to free WordPress security plugins, Sucuri’s offer does not really stay ahead of the group. If you want to protect your web site on a budget, you can examine out iThemes security or Wordfence first. They offer most of the same features along with a firewall without costing anything.