A little while back we mentioned WordFence and whether it’s actually the best WordPress security plugin on the market (as user numbers suggest). Yet, while popular, Wordfence is far from the only one of its kind. In reality, with Sucuri GoDaddy recently acquired one of it’s main competitors. High time we did a detailed Sucuri review!
For your uninitiated, Sucuri is actually a company focused on website security. They provide many different services such cleaning up hacked, compromised or blacklisted sites and protection from DDOS, brute force and other attacks.
It’s important to note that Sucuri is not really a WordPress-specific company. In addition they offer their services for Joomla, Drupal, Magento and other sites. However, they actually do have an exclusive fascination with the WordPress platform. In reality, the business works closely with the WordPress security team and a few plugin providers and make their research offered to them.
Besides that, they have a security plugin in the WordPress directory, which is what we will mainly cope with in this article. Let’s get going.
Sucuri Security – Installation and Setup. As the initial step within this Sucuri Security, we are going to install the plugin on our website and get it to function. Install the Plugin. You are able to install Sucuri within the same fashion as other WordPress plugins. Go to Plugins > Add New and check for Sucuri. The plugin you are searching for is at first place. The dashboard shows the safety status of your own site. If activated, here you will see logs of all things which has been going on with your site.
For that beginning, it shows the core integrity of your site. That means, Sucuri scans your WordPress files for changes or unknown files and lists problems to help you address them. Of course, if files show up in the list that you know are not an issue, you can exclude them through the next scan. For the, just look into the products in question and use mark as fixed through the drop-down menu below. Within the same place, you can even delete or restore files.
Much like Wordfence, Sucuri Security contains a malware scanner. Once you push the button, it can look at your site for malware, errors and out-of-date components. In addition, it checks whether you have been blacklisted by Google, Norton, AVG, Phishtank and other spam lists. The scan will run automatically every three, twelve or twenty-four hours (according to your settings). The default is two times a day.
Once it provides run through, you get a detailed report of the findings. Any issues present on the site are listed on it so you can take appropriate action if needed. Of course, like every good burglar alarm system, Sucuri also provides a firewall. When enabled, all site traffic first goes through Sucuri’s servers before coming to your website. That way, they are able to sort out hackers, DDOS attacks and all of other undesirable traffic before it even reaches you.
Accomplishing this protects your web site along with your server, prevents downtime and slow downs. It also protects you against database SQL injections, backdoors and lots of other threats. However, the firewall is not contained in the free plugin. To be able to enable it, you will need an API key for which you need to sign up to one of the paid plans.
Under Hardening, Sucuri helps you take steps to fortify your website from outside threats. It is possible to enable each feature comfortably with all the click of a button.
Finally, this part contains everything Sucuri is aware of your website. It contains information on your plugins and server, scheduled tasks, the integrity of the .htaccess file, variables like database name, table prefix, SALTs and much more in addition to settings for error logs.
Sucuri Security – User Friendliness
As you can tell through the above, the plugin is chock full of useful features. However, how does it compare when it comes to user friendliness?
Generally speaking, Sucuri Security is simple to use. Everything is incorporated in the same menu item, settings are very well structured as well as the plugin comes with sensible default configuration. Besides operating a manual scan and going through the hardening options and settings once, there isn’t much to perform for most users.
However, I discovered that some features are disabled by default that, for me, shouldn’t be. For instance, checks for core integrity and audit log statistics. However, the rest is really set it and end up forgetting it.
The only real problem I ran into was that I was not able to create an API key. Although I clicked the button repeatedly, the reminder to obtain my API key never vanished. Recovery via email also didn’t work. Nothing ever arrived in my inbox despite the fact that test emails for that security alarms did allow it to be there.
Overall, Sucuri offers a solid free security plugin for WordPress. It provides extensive amazing features, such as the comprehensive scanning module, easy security hardening and help for hacked websites. In addition to yjvefb monitoring tools, the plugin makes keeping your website safe quite easy.
The one thing that is missing, naturally, is the firewall. Other security plugins offer this feature for free but Sucuri users need to pay to apply it their site.
That’s understandable, considering that the firewall is Sucuri’s flagship product and the main reason for stellar reputation on the web. If you are running a valuable high-traffic website, making an investment in this extra layer of security is sensible. Sucuri really know whatever they are performing along with your site are usually in good hands.
However, when it comes to free WordPress security plugins, Sucuri’s offer fails to really stand out from the crowd. In order to protect your site on a budget, you can even examine out iThemes security or Wordfence first. They provide many of the same features plus a firewall without costing anything.