WordPress.org

Ready to get started?Download WordPress

Plugin Directory

Sucuri Security - Auditing, Malware Scanner and Hardening

The Sucuri Security - Auditing, SiteCheck Malware Scanner and Hardening is a security plugin enables you to scan your WordPress site using Sucuri Site

The Sucuri Security - Auditing, SiteCheck Malware Scanner and Hardening is a security plugin enables you to scan your WordPress site using Sucuri SiteCheck for security and malware issues, and also verifies the security integrity of your core files right in your dashboard. It includes audit trails and post-hack security ions to help you reset passwords and secret keys in case it has been already hacked, or infected with malware.

You can also run the checks for malware, blacklisting, and overall security status by scanning for free at SiteCheck.Sucuri.net.

Sucuri SiteCheck detects various types of malware, SPAM injections, website errors, disabled sites, database connection issues and code anomalies that require special attention to include:

  • Obfuscated JavaScript injections
  • Cross Site Scripting (XSS)
  • Website Defacements
  • Hidden & Malicious iFrames
  • PHP Mailers
  • Phishing Attempts
  • Malicious Redirects
  • Anomalies
  • Drive-by-Downloads
  • IP Cloaking
  • Social Engineering Attacks

There are a number of blacklisting authorities that monitor for malware, SPAM, and phishing attempts. Sucuri SiteCheck leverages the APIs for these authorities to check your website blacklisting status:

  • Sucuri
  • Google Safe Browsing
  • Norton
  • AVG
  • Phish Tank (Phishing Specifically)
  • ESET
  • McAfee SiteAdvisor
  • Yandex

We augment the SiteCheck Malware Scanner with various. 1-click hardening options. Some of these options do not provide a high level of security, but collectively these options do lower your risk floor:

  • Verify WordPress Version
  • Protect Uploads Directory
  • Restrict wp-content Access
  • Restrict wp-includes Access
  • Verify PHP Version
  • Disable the theme and plugin editors

On the newest versions of the plugin we also added an option to verify all WordPress core files for changes, which can be useful to detect hidden backdoors.

Note that if your site is compromised and you need urgent help, you can leverage the Sucuri plans here: http://sucuri.net (even if our free options are not finding the compromise on your site).

Requires: 3.2 or higher
Compatible up to: 3.9.1
Last Updated: 2014-7-31
Downloads: 352,401

Ratings

4 stars
4.3 out of 5 stars

Support

8 of 16 support threads in the last two months have been resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1
100,1,1
100,1,1 100,1,1 50,2,1 50,2,1
100,1,1
100,2,2
100,1,1
100,3,3
100,2,2
0,3,0 100,1,1 40,5,2
100,1,1
100,2,2
100,3,3
100,1,1 100,4,4
100,1,1
100,2,2
100,2,2 100,2,2 100,4,4 100,1,1 100,2,2