A year ago I wrote an article about what to do if your website has been hacked and recommended that you sign up for Sucuri. Sucuri will monitor your site on a scheduled basis, send you emails, tweets, text messages or instant messages when your site has been hacked or infected with malware, clean the site as many times as necessary in the course of the year you’ve paid for, and provide you with peace of mind. It is my most highly recommended service of all of the ones that I use.
Sucuri now has two WordPress plugins for subscribers and non-subscribers of their service. Both are useful and the one for subscribers has so many features that it’s yet another reason to start using Sucuri’s services.
Security Security Plugin (for Sucuri Subscribers)
The Sucuri Security plugin is available via the dashboard for Sucuri subscribers. It offers the following features:
- Firewall – The firewall is designed to protect the site from brute force attacks and unauthorized access. All bad IP addresses are logged and blocked. The firewall application communicates with Sucuri’s servers so once a bad IP is identified it is added and all users are protected from that IP address. In the plugin settings you will be able to see a list of all blocked IP’s and whitelist any that shouldn’t be blocked.
- Monitoring – This compares your installation to a clean version of WordPress and provides a report of all changed files and issues, such as needing to upgrade WordPress. In the future Sucuri plans to add theme, plugin, and 3rd party security checks within the monitoring.
- Reports – The reports show a list of all activity, such as blocked IP’s, login attempts and changed files. The report can be filtered via type of event and time period.
- Activity Logs – The activity log shows every action that has occurred on your site – logins, login attempts, changed files, new posts, etc. All activity can be monitored to ensure there is no unauthorized activity and to protect the integrity of the site.
- 1-Click Hardening – I really like this feature and it works great. It scans through your WordPress installation, locates potential security issues and allows you correct them with one click or provides quick and easy instructions for making the change. It allows you to hide the WordPress version, secure the configuration file, generate secret keys, protect the upload directory and much more. As with any 1-click WordPress feature, I recommend backing up your site before using it but I have not had a single problem with this feature.
- Link to Sucuri’s Malware Scanner – The plugin also contains an link to Sucuri’s online malware scanner, which is an invaluable tool.
Free Plugin – Sucuri Sitecheck Malware Scanner
This plugin is available for everyone and contains the link to the malware scanner right from the WordPress dashboard. This provides a quick and easy way to do a security scan of your site. You can, however, go directly to the Sucuri site to do the same thing so I don’t think this plugin is nearly as useful as the plugin for Sucuri subscribers.
Other
Are you a Sucuri subscriber? Do you ever use their free scanning too? What do you do to maintain the security of your website?
I am a Sucuri affiliate. It is, by far, the best service I use for my sites.
photo credit: r_gnuce
Will it slowdown the site with that much of security checks and logging? If the logs are stored in WP tables, chances are it grows bigger and slower. Haven’t gone through the sucuri site yet :-)
Hi Ajith – I haven’t noticed my site slowing down since I installed it but it would be worth doing speed tests with and without it. The data is stored on Sucuri’s side and no new tables are created in the WordPress database. That communication could cause some slowness but I really haven’t noticed it being an issue.
Hi Kim,
I will try the free version and see how it works. I hope it does not find a lot of shit in my WP.
Hi Kim! Thank you for this nice post. It is good to know about Sucuri and how it protects our wordpress site from hackers. Maybe I can try this. Keep up the good work!
Security is the necessary part. And it’s my personal experience I have used this security software it’s very good…
That is great to know there is a free version of this so we can give it a try before we buy. I have not heard of this plugin yet, but was looking for a security plugin for WordPress. I will certainly check this one out. Thank you Kim.
– James