A little while back we talked about WordFence and whether it’s truly the best WordPress security plugin on the market (as user numbers suggest). Yet, while popular, Wordfence is way from the only one of its kind. In fact, with Sucuri GoDaddy recently acquired certainly one of it’s main competitors. High time we did a detailed Sucuri review!
For the uninitiated, Sucuri is really a company committed to website security. They feature a number of services such cleaning up hacked, compromised or blacklisted sites and protection from DDOS, brute force and other attacks.
It’s worth noting that Sucuri is not a WordPress-specific company. Additionally they offer their services for Joomla, Drupal, Magento as well as other sites. However, they actually do seem to have an exclusive desire for the WordPress platform. In fact, the company works closely with the WordPress security team and some plugin providers making their research available to them.
On top of that, they have a security plugin within the WordPress directory, that is what we should will mainly deal with in this post. Let’s get going.
Sucuri Security – Installation and Setup. As the initial step in this particular Sucuri Review, we will install the plugin on our website and get it to function. Install the Plugin. You can install Sucuri in the same fashion as other WordPress plugins. Just go to Plugins > Add New and search for Sucuri. The plugin you are interested in is within first place. The dashboard shows the protection status of the site. If activated, here you will observe logs of all things that has been happening along with your site.
For your beginning, it shows the core integrity of your own site. That means, Sucuri scans your WordPress files for changes or unknown files and lists problems to help you address them. Needless to say, if files show up in the list you are aware are not a problem, you are able to exclude them from your next scan. For your, just check the items in question and make use of mark as fixed from the drop-down menu below. Within the same place, you may also delete or restore files.
Similar to Wordfence, Sucuri Security has a malware scanner. Whenever you push the button, it will examine your site for malware, errors and out-of-date components. In addition, it checks whether you may have been blacklisted by Google, Norton, AVG, Phishtank and other spam lists. The scan will run automatically every three, twelve or twenty-four hours (according to your settings). The default is two times a day.
Once it offers run through, you get a detailed report of the findings. Any issues present on the site are listed into it to help you take appropriate action if required. Needless to say, like any good alarm system, Sucuri also offers a firewall. When enabled, all site traffic first goes through Sucuri’s servers before coming to your website. Like that, they are able to sort out hackers, DDOS attacks and all of other undesirable traffic before it even reaches you.
Doing so protects your website along with your server, prevents downtime and slow downs. Additionally, it protects from database SQL injections, backdoors and lots of other threats. However, the firewall is not included in the free plugin. In order to enable it, you will need an API key for which you need to sign up to one of many paid plans.
Under Hardening, Sucuri allows you to make a plan to fortify your website from outside threats. You are able to enable each feature comfortably with all the click of a button.
Finally, this part contains everything Sucuri knows about your website. It contains info on your plugins and server, scheduled tasks, the integrity of your .htaccess file, variables like database name, table prefix, SALTs and more in addition to settings for error logs.
Sucuri Security – User Friendliness
In general, Sucuri Security is simple to use. Everything is within the same menu item, settings are structured as well as the plugin includes sensible default configuration. Besides running a manual scan and experiencing the hardening options and settings once, there isn’t much to do for the majority of users.
However, I came across that some features are disabled by default that, in my opinion, shouldn’t be. As an example, checks for core integrity and audit log statistics. However, the rest is pretty much set it and forget it.
Really the only problem I ran into was which i was struggling to create an API key. Although I clicked the button many times, the reminder to get my API key never vanished. Recovery via email also didn’t work. Nothing ever arrived inside my inbox despite the fact that test emails for that security alarms did ensure it is there.
Overall, Sucuri provides a solid free security plugin for WordPress. It has a lot of wonderful features, just like the comprehensive scanning module, easy security hardening and help for hacked websites. Along with yjvefb monitoring tools, the plugin makes keeping your site safe quite easy.
The one thing that is certainly missing, naturally, will be the firewall. Other security plugins offer this feature for free but Sucuri users have to pay to use it for their site.
That’s understandable, since the firewall is Sucuri’s flagship product and the main reason for stellar reputation on the web. Should you be managing a valuable high-traffic website, purchasing this extra layer of security makes sense. Sucuri actually know whatever they are performing and your site will be in good hands.
However, in terms of free WordPress security plugins, Sucuri’s offer does not really stand above the group. In order to protect your site with limited funds, you should check out iThemes security or Wordfence first. They offer lots of the same features along with a firewall without costing anything.