Ready to get started?Download WordPress

Plugin Reviews

Sucuri Security - Auditing, Malware Scanner and Hardening

The Sucuri Security - Auditing, SiteCheck Malware Scanner and Hardening is a security plugin enables you to scan your WordPress site using Sucuri Site

3 reviews
Average Rating
4 stars
4.3 out of 5 stars
You are currently viewing the reviews that provided a rating of 1 star. Click here to see all reviews.
1 star
By , for WP 3.9

The description say "The best part, its completely free". That's not the case. plan are as high as $300 a year and as low as $89. There are no free versions.

I would give zero stars for misleading me if I could.

1 star
it just scanner
By , for WP 3.5.2

it just scanner ... nothing else ...

1 star
Doesn't always work & shows blacklist a long time after cleaning
By , for WP 3.4.2

My site was infected by malware 6 months ago. The Sucuri plugin didn't even detect it; its only contribution was to tell me I was blacklisted (which I knew already because of an email from Google Webmaster Tools.) But Wordfence told me exactly what was going on, and where.

Removed the spyware and was able to get off Google blacklist within 48 hours.

Yet 6 months later, this plugin still shows me on the Google blacklist. (And I promise you: it just ain't on there.)

The same has since held true for several of my sites. Sucuri doesn't detect the attack shell at ALL, and then keeps telling me I'm on a blacklist, long after the fact.

I will say I like the "one-click hardening" (assuming it's doing something), but thanks to plugins like Better WP Security and Wordfence, I haven't gotten hacked since.

Bottom line: This may be a great plugin, and some people seem to love it, but as far as I can tell this is 90% an ad for Sucuri's malware removal service, and otherwise a lackluster plugin at best.

If it can't detect the presence of an attack shell on a WP platform, then uh ... what exactly is it?

(To clarify, it HAS successfully detected them AFTER a Google blacklist, but Wordfence has found the SAME shell BEFORE a blacklist; leading me to believe Sucuri may rely on a blacklist report from Google to generate its "results," which isn't the same as what Wordfence is doing: keeping me off the blacklist in the first place.)

Apologies if I'm wrong.

You must log in to submit a review. You can also log in or register using the form near the top of this page.