Support » Plugin: Sucuri Security - Auditing, Malware Scanner and Security Hardening » What are the correct settings for using Sucuri with CloudFlare?

  • Resolved Jo Sprague

    (@josiahsprague)


    Hello, and thank you very much for your plugin! It helps us keep our sites secure and for that we’re very grateful!

    Some Background
    We’ve been experiencing slow response times on our site since June 21st. We haven’t determined the exact reason that the slow downs began on the 21st, since we don’t have any records that a change was made on that date to anything on our servers, our code base, the plugin or our DNS settings. Something obviously changed somewhere, we’re just not sure what it was.

    Possible Cause
    Anyway, we’ve narrowed it down to some problem with our configuration of the Sucuri plugin. If we disable the plugin our response times are normal. Since we’re using CloudFlare, I suspect that the problem has something to do with a misconfiguration related to that. I’ve seen this issue, which is relevant: https://wordpress.org/support/topic/sucuri-security-plugin-using-cloudflare-slows-sites

    What We’re Asking
    Can you explain the correct setup when using Sucuri with CloudFlare so I can verify that we have everything configured correctly?

    * What are the Sucuri settings that we should have enabled/disabled?
    * Are there specific settings we should verify on our servers and load balancers?
    * Are there CloudFlare settings that we can verify?

    Thanks!
    I apologize if I’ve missed some documentation about this somewhere, but I’ve read through Sucuri documentation for about an hour and I can’t find anything about how Sucuri is intended to be configured with CloudFlare. Any information you can give us about the proper configuration would be much appreciated. Thanks!

    https://wordpress.org/plugins/sucuri-scanner/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author yorman

    (@yorman)

    Unfortunately I don’t have the answers to your questions right now, there are at least two things from the Sucuri plugin that will slow down the website: IP Address Discoverer, and XML HTTP Request Monitor. The HTTP requests to the API service used to monitor the events that the plugin intercepts might also affect the execution time in some rare cases.

    I will buy a new domain and put CloudFlare in front of it to see how the plugin behaves, once I have the best configuration I will update this ticket with the relevant information.

    For the time being, I suggest you to disable some settings one by one and test the performance of the website after every change. Disable “XML HTTP Request Monitor”, “IP Address Discoverer”, “Reverse Proxy and IP Address”, and “API Service Communication”; let me know if you can find the culprit of the slowness so I can improve it. If you find that “API Service Communication” is the culprit I suggest you to keep it disabled and enable “Log Exporter”, with this the plugin will stop sending the security logs to the Sucuri API service and will instead write these logs in a file located in your server (which is way faster).

    Ryan

    (@ryancloudflare)

    Did you find the Sucuri KB article? Keep in mind that stacking the services this way can result in losing the CloudFlare connecting IP, which would impact your visibility into who your visitors are or where they are connecting from.

    @yorman I figured out that the answer I was looking for was to make sure that Reverse Proxy Support is Enabled and IP Address Discoverer is Disabled. Once I set those settings, my performance is back up to normal speeds. Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘What are the correct settings for using Sucuri with CloudFlare?’ is closed to new replies.