Ready to get started?Download WordPress

Plugin Reviews

Sucuri Security - Auditing, Malware Scanner and Hardening

The Sucuri WordPress Security plugin is the best security toolset for security integrity monitoring, activity monitoring and malware detection. It’s


31 reviews
Average Rating
4 stars
4.5 out of 5 stars
5 stars
I might be a bit biased
By , for WP 4.0

But having real logs to what is happening inside WordPress is something every web site owner needs to have available.

Firewalls have logs, operating system have logs, now WordPress does too :)

3 stars
Basic lockdown features that we all likely otherwise miss
By , for WP 4.0

Great security tools, proactive and reactive, in this plugin. It's more of an app than a plugin. Very much worth the install.

5 stars
Great Plugin, but notification e-mails problem
By , for WP 3.9.1

This plugin is great, however the notification emails are always sent to the default email address.

Instead we want these messages to be delivered to a separate mailbox, i.e. firewall@ourdomain.com.

It would be a great improvement if the email address could be set or overridden in the plugin settings instead of always using the default email address.

3 stars
It's a good plugin, but the last update has caused trouble.
By , for WP 3.5.1

It's not allowing me to get the API it's demanding, nor giving me a good explanation of how to solve the problem.

"Sucuri: Something went wrong with an API call (register_site action): SSL certificate problem: self signed certificate in certificate chain"

5 stars
Usefulll Plugin
By ,

This is great plugin

5 stars
I love it
By , for WP 3.9.1

I have it in all my personal websites! super simple and useful.

4 stars
May slow your site?
By , for WP 3.9.1

I have a suspicion that this may slow your site down. Within your /wp-content/uploads folder you'll find a sucuri folder, and within that, a blacklist and a whitelist folder. This contains a set of files showing the IP addresses of the good and the bad. I found several hundred files in the blacklist folder!

Isn't there going to be a performance hit if the plugin is reading in this folder every page load? Wouldn't it be faster to put this information into a text file or the database? (It is possible that maybe the plugin is doing a php file_exists() call for the IP address when a page request is made-- I haven't checked.)

1 star
By , for WP 3.9

The description say "The best part, its completely free". That's not the case. plan are as high as $300 a year and as low as $89. There are no free versions.

I would give zero stars for misleading me if I could.

5 stars
Very useful
By ,

The sitecheck and hardening adds an incredible layer of security.

5 stars
Detect Modified WP Core Files
By , for WP 3.7.1

This plugin detected that one of my wp core files has been modified so that I can replace that file soon to prevent further backdoor attack. Thanks!

You must log in to submit a review. You can also log in or register using the form near the top of this page.