The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
Being free it do all the provides features as prescribed and also been great from that for the premium ones.Good one for security as because it helped me.
Sucuri strikes a good balance between security features and ease-of-use. I am a recent convert from Acunetix. Very configurable, and much easier to setup than other Plugins, like Better ... and Wordfence.
I particularly like the login and content editing monitors, as well as the dashboard hardening checklist. I would give it 5 stars, but only time will tell how effective it is.
Big fan of previous plugin and loathe to make change but it kind of makes sense. It would be helpful for clients with monitoring service as paid subscription to be able to plugin in API but now there is the API for Cloud Proxy, I hope the option to use api on he monitoring will be re-introduced as well. For those of us that invested early. Its a downgrade to not be able to monitor from within WP Dashboard on scan results without having to manually run them. Having said hat its fine if you are getting it for free and you are to start with. Monitoring and Cloud Proxy as premium service are now a combined package so for paying clients would like to see combined api and match console with the combined web services.
It helps clients understand ramifications and scale of security issues and need to take responsibility across whole web team small or large.
Alerts are excellent and saves web admins lots of time but be careful if you switch all on you might not have time for much else :)
Excellent company and support is nothing short of superb a free plugin its great but really comes into its own with premium cloud proxy api enabled. Unusual to be able to say it but the plugin will e xceed most people's expectations and be a grand lead into why use Sucuri.
Look forward and hope to see multiple emails supported but we just use a forwarder so no one can say they didn't see the alert.
Almost full marks but missing the remote monitoring api that proactively alerts to deal with the issues as they arise. In the niche you can't beat Sucuri's plugin at the moment for new admins its a great plus.
As per an earlier reviewer it educates users and developers and the plugin developers have a great ethos and vision. No I don't work for them but I do love using their plugin and services.
The thing I like best about this plugin is that, in addition to actually cleaning a site and making it more secure, is that I actually learned a great deal about how to better install WordPress in regards to security. Plugins that both provide a function and teach you to be better at what you do aren't as common as you'd think.
My only gripe is that the default notification settings are way too sensitive and unless you deactivate them, you get WAY too many emails.
I had the premium plugin before and found out that had been discontinued. I would prefer I had a connection to my subscriptions with Sucuri get a report back from the subscriptions. Only way for me to see status of the subscription is through a login to Sucuri or an email alert when something goes wrong. Why inconvenience your actual paying customers?
API connection assumes only one person is managing the site. The site owner in most cases of the many websites I manage have the owner listed in "General Settings." I'm usually just doing their maintenance. Having a buggy API email sent to them while I am setting up this plugin is a bit of a nuisance, it doesn't ask what email is preferred. This doesn't work for a business situation - this is like an individual blogger. Hoping that will be corrected in the future.
In the detailed information they make it absolutely free - it's not after 15 days you have to upgrade to $40. for one website. It probably doesn't what it says it does.
I have a suspicion that this may slow your site down. Within your /wp-content/uploads folder you'll find a sucuri folder, and within that, a blacklist and a whitelist folder. This contains a set of files showing the IP addresses of the good and the bad. I found several hundred files in the blacklist folder!
Isn't there going to be a performance hit if the plugin is reading in this folder every page load? Wouldn't it be faster to put this information into a text file or the database? (It is possible that maybe the plugin is doing a php file_exists() call for the IP address when a page request is made-- I haven't checked.)
I really like this plugin and I am using it for mainly educational purposes. I just downloaded the newest 1.5.1 version of the plugin that was updated yesterday and received errors when verifying the integrity of the core WP files. The error received is: Error retrieving the wordpress core hashes, try again.
I checked the readme file and saw that changes were made in this area. I also double checked the *integrity*.php files and they definitely changed compared to the previous version.
This functionality worked perfectly for me before the upgrade.
Anyone that had similar issues and resolved them?