WordPress Security Plugin Installation

If you have reached this point then you have come to realize all the awesomeness that our plugin is designed to offer. If you don’t know, then take a minute to read up on it on our Preventive page.

This page is mean to walk you through the installation process. It is not meant to explain the features or debate the intentions. Please know that this tool is free to all existing clients, but is restricted to the number of sites being covered under you plan.

We have designed the installation process to take no more than 10 steps, and some are more optional than required.

Step 1. Sign into your Sucuri Account

This part is pretty easy, just make sure you are logged into your Sucuri dashboard. Quick and easy log in page is here: http://login.sucuri.net

Once logged in, uncollapse the WORDPRESS PLUGIN drop down and select “WordPress Audit Log

First time users will have a page that looks like this when they click on “WordPress Audit Log

Step2. Add Site To Create API Key

Go ahead and type in your site where it says “Add a new WordPress site for monitoring:

Once you add it you will be redirect to the WordPress site(s) management page, where you will be given the keys you’ll need:

If you have multiple sites just continue to use the “Add Site” feature.

Step 3. Download the Plugin

The next step is to download the plugin. It is not accessible via the WordPress Repository so you need to download then upload manually to your WordPress install.

On the WordPress Audit Log page you will see the Download option in the top right hand of the page. Click the link and the download will begin. This will download a zip file to your local environment.

Make sure you know how to navigate to your download directory.

Step 4. Install the Plugin

Now that you have downloaded our plugin you’re going to want to install it in your WordPress instance. You’re going to navigate to your download directory and select our plugin, it should titled:

sucuri-wp-plugin.zip

Navigate to your Plugins page in your wp-admin, select ‘Add New’ and choose “Upload”. You’ll find yourself on this screen:

Navigate to the zip file, select, and upload. Should look like this:

Select “Install Now” and wait for this screen to select “Activate Plugin“:

Step 5. Add your API Key

Now that you have created your key and installed the plugin its time to activate it and started getting protected.

You can do this by selecting “Sucuri Security” in you wp-admin panel:

Then you want to add the KEY you created in Step 3:

This is a very important step, without it you won’t be added to the network and won’t be able to capitalize on the protection.

Lastly, don’t forget to click on “Save Values

Step 6. Whitelist Your IP

This is a step many people forget.

Remember that the plugin now comes with a web application firewall (WAF) so its important that you take a minute to whitelist your own IP so that you don’t get blocked.

You have the option to do this when first configuring the plugin, you can see the option on the main page:

If you don’t configure it when starting you can always do so by clicking on “Settings” later on.

Step 7. Run through the 1-click hardening steps

Although not extremely advanced the 1-click hardening steps will help you reduce your risk profile and its important to take a minute to walk through the various features. You don’t have to do them all, but take a minute to read through them and apply where applicable.

Step 8. Verify Account is Updated on Sucuri Dashboard

Once things are configured you will want to take a minute to make sure things are working well. When in your wp-admin, you should be able to click on Dashboard and start seeing live reporting.

You should also be able to log into your Sucuri Dashboard and by click on WordPress Audit Log see the same information.

Step 9. Familiarize yourself with the Tool

Please take a minute to go through the plugin, understand the various options and ensure you know how to configure and understand the output. Again, to understand and read through all the features you can always read our Preventive page.

Step 10. Ask a Question if you’re stuck

Lastly, if you have questions, please submit them via a General Request on your Sucuri dashboard:

Be prepared to provide detailed information into the challenges you are experiencing. Also be prepared to provide us with your wp-admin credentials.

Testimonials

    • Let's be honest: the web can be a scary place sometimes. Having done many a WordPress malware cleanup in my day, I've found Sucuri to do a better job than I ever hoped I could do. Not only are they thorough, but they're fast as heck and affordable to boot. You don't just walk into a bad situation without some protection. Sucuri *is* that protection.

      —Andrew Norcross, Senior WordPress Developer @ BlueGlass Interactive, Owner @Reaktiv Studios, WordCamp Speaker

      Reaktiv Studios

    • We partnered with Sucuri for our WordPress migration and dehacking services as their capabilities are significantly more comprehensive than anything we’ve seen in the industry.

      —Brian Clark, CEO of Coppyblogger Media

      Websynthesis

    • I like to think I know security, but there is only one company I trust when it comes to the security of my websites, that company is Sucuri. They are, in my opinion, hands-down the leader in web-malware protection and cleanup services. Trust the experts, hire these fools!

      —Brad Williams, Co-Founder WebDevStudios, Co-Author Professional WordPress Series

      WebDevStudios

    • When you’re talking about protection for your WordPress site and the things most important to you — your content — you want to trust the experts. There’s really no better choice than the team at Sucuri.

      —Cory J. Miller – Founder / CEO of iThemes.com

      iThemes

    • Before Sucuri we didn’t know that someone was hacked until they told us. (Or actually, when Google blocked their site!) Now we find and fix problems before they even know what’s happening. It’s a Godsend, it’s as simple as possible, and it’s so affordable that quite frankly it’s irresponsible to not use them!

      —Jason Cohen, CEO of WP Engine

      WP Engine

    • As the owner of ClickHOST.com, a shared web hosting company, we are always fighting malware and spam. Recently we partnered with Sucuri and now all our accounts are monitored. I love this product! It not only protects our customers from malware, but these guys will fix a hack in 4 hours.

      —Carel Bekker, Owner/President of ClickHOST.com

      ClickHOST

    • Sucuri is my go to service for web based security and are the group that I recommend, exclusively, to my clients and readers, in particular WordPress users.  They are affordable, they work fast and they get the job done – as a bonus, they’re a fun group to work with!

      —Lisa Sabin-Wilson – Author: WordPress For Dummies; Designer, Co-Founder Allure Themes, Founder E. Webscapes

      E. Webscapes

    • Though I believe my sites are secure, it would be inexcusable for me not to use Sucuri’s service and be absolutely sure around the clock.

      —Scott Kingsley Clark, Lead Developer, Pods Framework

      Pods

Scan your website FOR FREE