Sucuri is a Delaware based company that offers complete website security via the cloud. The company’s team of security experts are globally-distributed in over a dozen countries around the world and operating 24×7 to monitor for and stop security threats.
The company only has 2 main products; Sucuri Firewall and Complete Website Security. The Sucuri Firewall runs on a globally distributed Anycast network that is managed around the clock by the Sucuri security team. The Firewall protects your website from DDoS attacks at both the network and application layer while improving performance by caching your site content at the edge. Sucuri’s Complete Website Security offering includes all the above plus additional features like malware detection and removal. Both plans include 24x7x365 support.
Sucuri is very feature rich and protects your site against just about any type of security threat, including zero day. Some of the more critical features include:
- SSL Certificate
Sucuri provides every customer, under the Professional plan, an SSL certificate for their website. Customers have the option to leverage previously purchased SSL certificates as well, under the Professional plan. Leveraging Secure Socket Layer (SSL) certificates ensures the integrity of data in transit between browsers and the web server.
- Advanced Website Protection
Our cloud-based protection platform, a custom Website Application Firewall (WAF) / Intrusion Prevention System (IPS), proactively mitigates attacks against a website. Stop attacks including: Distributed Denial of Service (DDoS), Brute Force, and automated attacks looking to exploit software vulnerabilities.
- Continuous Scanning and Monitoring
The monitoring platform utilizes a proprietary approach to scanning websites. Capable of identifying any Indicator of Compromise (IoC), the Sucuri detection technology is able to quickly identify and alert website owners in the event of any security incident.
The chart below shows the feature parity between the Sucuri Firewall and the Complete Website Security offering:
Sucuri Malware Scanning
For WordPress users, Sucuri offers a robust free plugin you can use to easily configure your website security. You will need a free API key in order to start using it, however.
The plugin comes with malware scanner that will continuously scan your site for common malware, website errors, outdated themes and plugins, and whether your site has been blacklisted on any services that flag malware infected websites. After you run the initial scan, the results will be available under Sucuri Security > Malware Scan and will be updated every 20 minutes.
The Sucuri Firewall can also be configured using the WordPress plugin, but you will need to become a paid customer to access this feature. Pricing starts around $10/month, which is very reasonable for what you get.
Sucuri Site Hardening
The Site Hardening feature of the WordPress plugin allows you to check on a various of potential vulnerabilities in your site and harden any weak points.
The available options of this feature include:
- website firewall protection
- ensuring that you are using the latest versions of WordPress and PHP
- remove visible WordPress version
- protect the uploads directory
- restrict access to the wp-content and wp-includes directories
- updating and using security keys
- checking information leakage through the readme file
- database table prefix
- default admin account and password
In addition to protecting you from security threats, Sucuri comes with a variety of features that can clean an already infected website. For example:
- WordPress uses a combination of security keys to encrypt data saved in browser cookies. Sucuri provides an easy way to replace all these security keys, invalidate all existing sessions and forcing all users to log in again.
- You can reset the password of any user.
- You can reset all existing plugins and then perform all available updates on a fresh install.
- The ‘Last Logins’ feature will display all the latest login activities on your website. You can see the username, IP address, date/time, etc for each login attempt.
Sucuri Pros and Cons
Now that we’ve covered the main features of Sucuri it’s time to review the good and the bad. To start, Sucuri is a veteran in the security world and has an excellent reputation spanning 6 years. They aren’t just a WordPress plugin but a full-blown security platform used by bloggers and large enterprises alike. In our opinion, the quality and depth of Sucuri’s security offering is far superior to Wordfence. This is partially because it blocks just about every type of attack including zero-day threats right out of the easy-to-use box. But more importantly, it does not slow down your WordPress site, but rather makes it much, much faster. Again, this is because Sucuri security services operate on top of a CDN so that attacks can be blocked and your static content can be cached at the edge, rather than on your server. But with the good, comes the bad.
Sucuri is higher cost than Wordfence. This shouldn’t come as a shock, since the basic version of Wordfence is just a free WordPress plugin. However, even the paid version of Wordfence is slightly cheaper. The Sucuri Firewall service starts at $10/month for bloggers and includes WAF, DDoS protection, and CDN. For the full security suite which includes malware detection and cleanup (among other additional features) plans start around $17/month. These price points are lower than just about any other cloud security provider, including our favorite, Incapsula. But if you’re looking for something that is free or has only a one-time cost, then Sucuri may not be for you.