In This Guidex
Welcome to the Sucuri dashboard! Here is where you have access to an overview of your website security status. However, in order to have the most effective and accurate results, every new user must complete some basic steps to ensure their website is configured properly.
The intention of this guide is to focus on the essential steps to set up protection and monitoring, so you can have peace of mind.
Sucuri offers both remote and server side monitoring. Once these are properly set up, we will scan your website externally and internally for indicators of compromise. You’ll also receive weekly and monthly reports and have access to audit logs.
Our malware monitoring identifies the following:
In order to begin monitoring activation, we must first add your website to the monitoring dashboard.
These scans are unique in their efficiency. They have the capacity to camouflage themselves as a visitor in order to spot conditional malware via source code. It checks what hundreds of different visitors might see when they access your site.
To set up remote scanning in the Sucuri dashboard:
The remote scanner will begin automatically scanning your website. This can take up to one hour to complete.
Make sure to set up the server side scanner in the next step. Remote scanners have limited access to your website files.
Server-side scanning, unlike the remote scanner, has access to scan your website file server. Not all website content is easily visible from the outside. Many website infections hide in your file system and never present themselves to visitors, such as DDoS and mailer scripts.
The server side scanner also tracks file changes, giving you an audit trail of your website file changes. Click Audit Logs for more information.
To set up server-side scanning in the Sucuri dashboard:
At this point, your Overview page for Monitoring should be clear of warnings. Your website is completely set up for monitoring once server-side scanning enabled!
Setting up the server side scanner is a key to ensuring the integrity of your website. Do not skip this step!
If you do not know your FTP information or need help setting this up, please submit a support ticket with your cPanel/Plesk or hosting account login information.
We offer many types of monitoring. In addition to scanning your website externally and internally for malware infections, we also monitor blacklist authorities, your SSL certificate, and DNS records for unauthorized changes.
The Website Monitoring Overview will show security status and warnings:
After adding your sites to our monitoring, you can choose which monitoring types you want and the monitoring frequency.
To change monitoring types and frequency follow these steps:
Sucuri Website Monitoring provides the components you need to oversee your website security. By default, the email address you used to sign up with receive alerts. You can add other email addresses and set up alerts via SMS, Slack, and more.
To modify your alert options:
The Sucuri Firewall is a cloud-based WAF that stops website hacks and attacks. It is that protective layer that sits between your server and the visitor’s browser.
Here is a list of some of the top evolving threats we mitigate:
The Sucuri Firewall includes a CDN built on our global network of secure data centers. This is automatically enabled when you activate the firewall and makes your site faster across the world.
Before you activate the firewall, you need to add your website to our firewall network and generate a firewall IP.
After our network has downloaded copies of your website content, you can switch your DNS (www.example.com) to point to your new Sucuri Firewall IP.
To generate your Firewall IP from the Sucuri dashboard:
Your website is not protected yet! You must continue with the following steps to complete activation. If you need help with this, please contact our support team.
After adding your website to the firewall network, you will see a warning that the Service is Not Activated. Now that the firewall is caching your website content, test the internal domain to make sure they working.
To test the internal domain after adding your site to the firewall network:
If HTTPS is activated on your site, you won’t be able to test. Please temporarily disable forcing HTTPS if you need to test this.
Activating the firewall means changing your DNS (example.com) to your new Firewall IP. This allows Sucuri to filter malicious traffic before allowing legitimate visitors to access your website.
We offer a few different options to activate the firewall:
We included instructions below for each option.
Automatic Integration with cPanel/Plesk
To activate the firewall using cPanel or Plesk:
Use Sucuri DNS Manager
To use Sucuri DNS servers:
Manually Change DNS Records
To manually change your DNS records:
If you decide to remove the firewall, you must change your DNS record(s) back to its original IP address.
If you have any trouble activating the firewall, please submit a support ticket with your cPanel/Plesk or hosting account login information.
It can up to 48 hours for DNS propagation. Until all DNS servers worldwide recognize that your website is pointing to the firewall IP, you will not be fully protected.
If you have a firewall on your hosting server, such as CSF or ModSecurity, we recommend that you whitelist Sucuri IP addresses listed in the fourth step of the Activating Website Firewall Instructions.
Whitelisting the Sucuri IP addresses in your server firewall will ensure we are able to cache your website content without being blocked.
If you are not sure whether you have additional firewalls on your server, you can contact your host and send them the IP addresses to whitelist.
If you do not have an SSL certificate for your website, you can skip this step.
By default, the Sucuri Firewall offers free Let’s Encrypt certificates on your Firewall IP. To ensure end-to-end encryption, you can upload your certificate.
To upload your SSL certificate:
If you use the Basic plan, you need to upgrade to Professional or higher to use a custom SSL certificate with our firewall.
Once the DNS changes have been fully propagated (which you can test here), all traffic going to your domain (www.example.com) will be passing through the Sucuri Firewall.
If an attacker knows your hosting IP address, they can bypass the Sucuri Firewall because they are not entering your website using the domain (www.example.com).
The best way to prevent this from happening is to limit access to your hosting server so that only the Sucuri Firewall can access it.
To restrict access to your website IP address:
No matter what you do to secure your website, the risk will never be zero. If your website functionality is damaged, you need a way to recover. For only $5/month, our cloud-based backup system ensures you are protected in the event of a critical failure.
Here are a few of the benefits in adding our Sucuri Website Backup Solution:
To activate Sucuri backups:
Depending on the amount of files, the process of backing up may take some time. While the backup is in progress, you have the option to go to the next step and adjust your settings.
If you have any trouble activating backups, please open a support ticket with your cPanel/Plesk or hosting account login information.
Here is a list of the options you can adjust for setting up the details behind how backups occur and how you are to be notified.
If something happens, you can automatically restore your website files individually, or all at once.
To restore your website file backup from the Sucuri dashboard:
When restoring your files, the website backup server will overwrite your existing files with the one from the backup date you have selected. Depending on the size of your website, this can take several minutes. On your dashboard, you will see that the restoration is complete. As well, an email will be sent.
You can only restore one option at a time – files or database. You will need to wait for one restore to complete before restoring another. We recommend restoring files first and secondly the database.
If something happens to your website, you can automatically restore your website databases.
To restore your database backup from the Sucuri dashboard:
When restoring your database, the website backup server will overwrite your existing database with the one from the backup date you have selected. Depending on the size of your website, this can take several minutes. You will receive an email once the database restoration has been completed.
There are two ways to get support – chat and ticket system.
Tickets are worked on in the order they are received. However, each ticket is handled personally by one of our analysts! Once someone has finished working on your case, you will be provided with an update via the ticket system. This message will also reach you via email.
Our Product Support Team primarily assists clients with any issues 24/7/365 via chat while also providing assistance with email inquiries at various stages of the customer lifecycle.
To submit a general new support ticket:
If your site is currently under attack or has been hacked, this is when a malware removal request is needed.
To submit a malware removal request ticket:
Our analysts will respond quickly to your request. The time in which it takes to remediate the issue is based upon the service level agreement (SLA) of your plan. Our plans have response time increments of 4 hours, 6 hours, and 12 hours (as well as custom plans for enterprise).
Once we receive your ticket, we will begin scanning your website. Regular updates will be sent to you via email and will appear on your dashboard under the Support section in the upper right-hand corner of your Sucuri account.
SLA is based on response time, not resolution. It is difficult to estimate resolution time due to the complexities of various infections and attacks. If at any time the current plan is not meeting your needs, you can upgrade to another plan.
From the Sucuri website, you can chat with our team during business hours. You can access a full-page version of live chat here.
Let the sales team know you are a customer looking for help, and they will pass you to our product support team.