Why Sucuri

  • Built-in WordPress features
  • WordPress login lockdown ability
  • Can review access and ban logs

Favorite Features

  • Lockdown WP Admin
  • Comprehensive security platform
  • Secure carte blanche hosting

Cart66, founded by Lee Blue, is a WordPress shopping cart plugin for selling physical products, digital products, memberships, subscriptions and more. What makes Cart66 different from other WordPress ecommerce plugins is that it also comes with a suite of connected services that dramatically improve the reliability and security of your online store. The most important of the connected services is a secure, PCI compliant hosted payment page that works with over 100 different payment gateways and looks exactly like your WordPress theme – in one click, Cart66 imports your theme to skin your checkout page. Everything you need to run your WordPress ecommerce site is included in one package.Back in 2008, when Lee was working from home with a couple of small children in tow, he was in desperate need of a way to block out noise to concentrate. After searching the internet and trying all the different noise cancellation headphones out, he stumbled upon an unknown brand invented by a drummer named John, in Missouri. Surprisingly, his headphones were the most effective at blocking out noise. Becoming fast friends, they started working together to sell John’s headphones.

At the time, there were only two other WordPress ecommerce plugins available. Both were designed for people who had a large number of products., requiring the user to organize products into categories. The layouts assumed that you would have long lists of products to display.

I wanted a WordPress ecommerce plugin that would just let me put products on a page and sell them. I wanted to be in control of the design, layout, and presentation of the products.

Voila! Cart66 was born, and is so popular that WordPress themselves uses them to sell products on their WP Swag Store.

Ecommerce Obstacles

After helping clients set up WordPress ecommerce stores for several years, a variety of common but complicated problems reoccurred, like keeping payments secure. For starters, Lee and team developed a suite of cloud services to improve the reliability and security of their client’s WordPress ecommerce sites. In addition, Cart66 sends customer emails through a business class, authenticated and verified SMTP server so that the email receipts won’t get flagged as spam. They add a robust automated email follow up system so that clients can keep in touch with their customers to continue to build relationships. And for those who sell digital products, Cart66 securely hosts and delivers those digital files over a CDN powered by Amazon. Customers get their files fast and it won’t bog down the client’s WordPress site while downloading.

Our goal is to lower the barriers to entry for people looking to start an online business. It can be a huge hassle to try to put together all of the pieces that make up the WordPress ecommerce puzzle.

Even with all of these measures in place for their clients, Cart66 faced problems in keeping bots and hackers off their own WordPress site. Because Cart66 is one of the very first ecommerce plugins out there, it gets a lot of traffic which entices bots to hack into their site.

At one point we were getting so much traffic from bots it was almost crashing our WordPress server. The other issue is we wanted to improve our sites speed with a CDN. While having these needs, we were also doing some custom stuff on our site involving account activation with some custom PHP code running outside of WordPress.

Good Security vs. Great Security

Lee and team needed a solution that was both easy to use with WordPress and also offered enough flexibility to allow them to run custom code. Since Cart66 does a considerable amount of custom WordPress development, they host many of these custom sites with Green Olive Tree. The owner, Jon Berry, had recently deployed a managed WordPress hosting platform called Bulletproof WordPress Hosting and set Lee up with a test account to review. As part of the package, the site was protected with the Sucuri Website Firewall. After seeing how much difference Sucuri made and how easy it was to both secure the site and improve performance with Sucuri’s CDN, Lee started looking into using Sucuri for Cart66 and even for his own personal blog. He had been using CloudFlare prior to discovering Sucuri but the built in WordPress-specific features sealed the deal.

I intend to use Sucuri with every serious WordPress site we deploy from now on. The ability to lock down the WordPress admin is awesome. Not only that but I can actually see bad guys getting blocked which is very satisfying.

Blocking bots, controlling where traffic is allowed to come from, and seeing reports of blocked DDOS attacks, are additional features he applauds.

The content delivery network is great. You can easily clear the cache, temporarily disable cache if you are working on something, and even stop caching for certain URLs. SSL support is great. I haven’t run into anything I want to do but couldn’t. Sucuri has all the tools you need right there.

Secured Freedom

Having said that, Lee’s favorite thing about Sucuri is really more than just a single feature or even a set of features, but rather its comprehensive security platform for all of his WordPress sites. Instead of going to a managed WordPress hosting in order to be able to run a WordPress site safely and reliably, he likes that you can basically be your own managed WordPress host with Sucuri.

For example, you can head over to Digital Ocean and spin up a droplet, configure the server with Server Pilot, install Backup Buddy, and connect to Sucuri. That’s a very solid and fast setup and you are in control of the whole thing which is terrific. If things somehow go terribly wrong, Sucuri is there for emergency situations as well.

But Lee makes sure to change default usernames and set strong passwords, making it unlikely for a problem to occur. Lee, a visionary, likes to have the controls, to do things himself, know what’s going on and not be restricted in doing anything a little outside of the box.

The bottom line, for me, is that Sucuri changes the game and brings WordPress hosting back into the hands of individuals so you don’t have to rely entirely on the fancy managed WordPress hosting companies.

Note: Many of our loyal customers are part of our referral program and earn money by referring new customers to Sucuri. It is our goal to provide such excellent service that you want to share it with others. Learn more about our referral program or contact us if you wish to be featured in a case study!


Thought Leaders in Website Security

Sucuri has been involved specifically in the website security space over 6 years, analyzing what attackers do and how they do it. This knowledge is at the core of how the technology is built.

Simple Deployment

There is no installation required, the technology is quickly enabled via the Sucuri dashboard and at the DNS level. Changes can be made via an A record switch, or full DNS management.

Active Vulnerability Research

Sucuri’s research is second to none when it comes to vulnerability exploit attempts. Our research is widely distributed and syndicated across all major media and security outlets.

Enterprise Affordability

Budgets are tight, demand is high. Sucuri has the luxury of size and youth, we bring the right level of enthusiasm, adaptability, and technology to the enterprise website security game.

Get Complete Website Security


As low as $24.99/month

Billed Annually

Secure Now