Sucuri WordPress Plugin
Time to take control of your WordPress security
Do you need extra security for your WordPress site? Want to keep it fully monitored and protected? Want to block attackers before they do any damage? You are on the right place.
Our WordPress Security Plugin will monitor your site from the inside, creating a complete audit trail, alerting you of possible security issues (file changes, password guessing attacks, etc) and blocking the attackers. This is the perfect complement for our external security scans.
The Sucuri WordPress Security plugin is available for all our users for free. Download the plugin and get started here: https://wordpress.sucuri.net
How does it work?
- Web Application Firewall. Block attacks before they reach your site.
- Integrity Monitoring. Receive notifications if any of your files are modified.
- Audit Logs. Keep track of everything that happens inside WordPress, including new users, posts, login failures and successful logins.
- Activity Reporting
- 1-click Hardening. Easy-to-use hardening options for your site.
Web Application Firewall (WAF)
The WAF is a unique feature that is designed to intelligently protect your sites from brute-force attacks like dictionary attacks and other similar unauthorized access attempts. When a bad IP is identified it is blacklisted in your admin dashboard. If it was an unintentional block, you have the ability to white-list access to any IP.
Why is it so unique?
The WAF is not tied to your application, it communicates with our servers and allows us to see malicious attacks across the network. When one client gets attacked by one bad IP in Croatia, we are able to push preventive measures to every plugin to protect against that IP.
This feature compares your core install against a clean version of core. In other words, if it is not a 1-to-1 match with core you will be notified of a problem.
Future add-ons include:
- Theme Integrity Checks
- Plugin Integrity Checks
- Third-party Integrity Checks
This feature is great for proactive webmasters who want to monitor their website to ensure no unauthorized access or changes are made without prior approval. Monitor your site for changes. This feature monitors for a large number of actions, including:
- Login attempts
- New Posts
- Failed Logins
- New Plugins
- File Changes
- New Users
- New Attachments
- Delete Actions (users and posts)
In our experience a high-percentage of the infections we see every day come from poor management on the end-user’s part. This feature uses common hardening measures that can be taken at any time and helps reduce infection risk.
This feature performs the following:
- Checks software core version
- Hides your version (security through obscurity)
- Upload directory protected
- Secret keys and salts created
- Configuration file hardening/location verification
- Hardening of readme file
- PHP verification