Sucuri Security – Auditing, Malware Scanner and Security Hardening

The free version does not do what is advertised. Didn't protect my site from malware and multiple sites (using this plugin) have been hacked.

There's much better alternatives to use.

This is a great plugin for securing and monitoring your WordPress website. I have the free version installed on around 20 sites and the Pro Firewall through custom Name Servers on a handful of other sites (Pro costs around $199/year per site at the time of this review). I most often use the default version of the plugin for monitoring and logging with my own custom .htaccess rules and .htaccess firewall for hardening.

NOTE: Be careful when setting up functionality and hardening your settings through the plugin. Most of the 1* reviews are from people breaking their sites and getting themselves locked out by not understanding what the plugin settings do/affect and how to properly use the plugin's settings. When in doubt, don't enable every single security setting and just use the bare minimum until you back test your own site.

I'm trying to upload a new website for a client of mine and I keep getting blocked by the firewall, even tho' I'm the administrator of the website. I get it, you want to make the website as secure as possible, but c'mon, blocking the administrator from accessing even the media upload (for SVGs) it is too much.

IMHO is better than other security plugins out there and has prevention measures / hardening and post hacking measures that are great :) I only hope is not abandoned Regards

Sucuri keeps my wordpress out of danger, notifying me at all times of any incident. When I rest, he continues to work and when we meet again, he greets me every morning telling me that my website is clean. An exceptionally good plugin, especially useful, honest, and free. You cannot ask for more. Thank you very much Sucuri!

Regular updates are key. The world has a lot of nasties out there. Keeps my charity sites running. Why do people hack charities? Thanks Sucuri, you're a part of keeping our impoverished kids in school. First plugin I install on a new site.

Thanks to the developers. The site works very fast. It can be seen that after installation, the speed has noticeably improved. Very easy to set up. When logging in to wp-admin prohibits logging in. If you need real protection and speed then this is the one

We will continue to use it

"SUCURI: You need to confirm that you understand the risk of this operation." Would it kill you to, somewhere in the plugin, say HOW that can be confirmed? Or really go wild and actually put a link beside the warning? This is the classical problem of developers who are so obsessed with showing off how much cleverer that they are than everyone else, they don't do anything that is actually clever or useless.

I purchased the Pro Plan, tried to merge with my website and I failed because of lack of support from my webhosting. Then I decided to give up and asked Sucuri to cancel my Plan and refund. They offered me to solve it for me, I accepted and they did it smoothly and perfectly. I realized that I never needed a hand from my webhosting for this. So everything works fine. Later I got problem with loading PDFs from my site (too many redirects error), I opened ticket and the staff was very helpful, fixed my Sucuri settings and explained how and why. Everything works fine now. Also before Sucuri I had my other security to block attacks. I had every day lots of blocked IPs on my websites firewall - after I merged my website with Sucuri, my websites firewall shows ZERO blocked IPs. Sucuri blocks em all before they get to my page.