Some time back we talked about WordFence and whether it’s really the best WordPress security plugin on the market (as user numbers suggest). Yet, while popular, Wordfence is far from the only one of its kind. Actually, with Sucuri GoDaddy recently acquired certainly one of it’s main competitors. High time we did a comprehensive Sucuri review!
For the uninitiated, Sucuri is a company focused on website security. They provide many different services such clearing up hacked, compromised or blacklisted sites and protection from DDOS, brute force and other attacks.
It’s worth noting that Sucuri is not a WordPress-specific company. Additionally they offer their services for Joomla, Drupal, Magento as well as other sites. However, they actually do seem to have a unique desire for the WordPress platform. In reality, the organization works closely with all the WordPress security team and a few plugin providers and make their research offered to them.
Besides that, these people have a security plugin inside the WordPress directory, that is whatever we will mainly deal with in this article. Let’s get going.
Sucuri Security – Installation and Setup. As the first step in this Sucuri Sitecheck, we shall install the plugin on our website and obtain it to operate. Install the Plugin. It is possible to install Sucuri in the same fashion as other WordPress plugins. Go to Plugins > Add New and search for Sucuri. The plugin you are looking for is in first place. The dashboard shows the safety status of the site. If activated, here you will observe logs of all things that has been going on together with your site.
For the beginning, it shows the core integrity of your site. This means, Sucuri scans your WordPress files for changes or unknown files and lists problems so you can address them. Of course, if files show up in the list that you know are not a problem, you can exclude them from the next scan. For that, just look at the items in question and use mark as fixed from your drop-down menu below. Inside the same place, you may also delete or restore files.
Similar to Wordfence, Sucuri Security contains a malware scanner. Whenever you push the button, it can check your site for malware, errors and out-of-date components. In addition, it checks whether you may have been blacklisted by Google, Norton, AVG, Phishtank as well as other spam lists. The scan will run automatically every three, twelve or twenty-four hours (based on your settings). The default is two times a day.
Once it offers run through, you have a detailed report of its findings. Any issues present on the site are listed into it so that you can take appropriate action if needed. Needless to say, like any good security system, Sucuri even offers a firewall. When enabled, all site traffic first goes through Sucuri’s servers before coming to your site. That way, they can sort out hackers, DDOS attacks and all other undesirable traffic before it even reaches you.
Doing this protects your website along with your server, prevents downtime and slow downs. It also protects from database SQL injections, backdoors and lots of other threats. However, the firewall will not be contained in the free plugin. In order to enable it, you require an API key for which you need to join up to one of the paid plans.
Under Hardening, Sucuri allows you to do something to fortify your internet site from the outside threats. It is possible to enable each feature comfortably using the click of a button.
Finally, this part contains everything Sucuri knows about your website. It contains info on your plugins and server, scheduled tasks, the integrity of the .htaccess file, variables like database name, table prefix, SALTs and a lot more along with settings for error logs.
Sucuri Security – User Friendliness
As you can see through the above, the plugin is chock packed with useful features. However, how does it compare when it comes to user friendliness?
Generally, Sucuri Security is simple to use. Everything is incorporated in the same menu item, settings are very well structured as well as the plugin comes with sensible default configuration. Besides operating a manual scan and dealing with the hardening options and settings once, there isn’t much to perform for most users.
However, I discovered that some features are disabled automatically that, in my view, shouldn’t be. For example, checks for core integrity and audit log statistics. However, the others is pretty much set it up and end up forgetting it.
The only real problem I ran into was i was not able to create an API key. Although I clicked the button several times, the reminder to get my API key never vanished. Recovery via email also didn’t work. Nothing ever arrived inside my inbox even though test emails for the security alarms did allow it to be there.
Overall, Sucuri offers a solid free security plugin for WordPress. It provides extensive great features, such as the comprehensive scanning module, easy security hardening and help for hacked websites. Together with yjvefb monitoring tools, the plugin makes keeping your web site safe quite easy.
The thing that is missing, naturally, is definitely the firewall. Other security plugins offer this feature free of charge but Sucuri users have to pay to use it for their site.
That’s understandable, since the firewall is Sucuri’s flagship product and the key reason for their stellar reputation on the web. If you are managing a valuable high-traffic website, investing in this extra layer of security is practical. Sucuri actually know the things they are performing along with your site are usually in good hands.
However, when it comes to free WordPress security plugins, Sucuri’s offer fails to really stand above the crowd. In order to protect your web site on a budget, you can even examine out iThemes security or Wordfence first. They offer most of the same features along with a firewall without costing anything.