Sucuri Security is a WordPress auditor, malware scanner, and security hardening plug-in that is automatically installed with every Managed WordPress site on versions Ultimate, Pro5, Pro10, Pro25, and newer. The following article will you through where this plugin can be located, and how to utilize some of the basic features.
Finding the plugin
- Log into your Media Temple Account.
- Select the blue ADMIN button associated to your Managed WordPress service.
- Locate your desired site. Click the three dot icon and select WP Admin.
- Select Sucuri Security.
WordPress integrity provides general information regarding your site, including the PHP version, WordPress Version, and your Hosting Provider. Additionally, you will be warned if your core files are found to have been modified.
If your site has been migrated recently, it's possible the WordPress Core File scanner may show your core files as having been recently changed and may not always indicate a compromise.
The Sucuri plugin scans your website for malware files that might be injected in your site. If any is found, a warning message will appear.
A Real Time Blacklist (RBL) is a third-party listing of IP addresses. If your site has been compromised, it's possible that one of these blacklists will mark your site/IP address, this can affect your site rankings, or even prompt warnings when users attempt to visit your site. The Sucuri plugin will search your IP address periodically to see if it's listed on one of these lists.
WordPress Security Recommendations
Attackers can take advantage of various vulnerabilities in your WordPress installation. Sucuri will scan you site and inform you of various methods to harden your WordPress architecture.
With the purchase of Security Pack users will be able to input a Firewall API Key to control their WAF from within the plugin. Once the API Key is saved additional options become available.
- Audit Logs: View requests made to your website.
- IP Access: Blacklist IP addresses from accessing your website.
- Clear Cache: Clear the WAF cache.
- API Key: Prevents attackers from being able to delete audit logs.
- The API Key can be emailed to the address associated to the wp-admin user.
- Data Storage: Manage the logs for Sucuri.
- Log Exporter: Export the logs for Sucuri
- Reverse Proxy: Enable the reverse proxy to inspect incoming (HTTP/HTTPS) requests.
- IP Address Discoverer: Automatically modify global server variable (if Sucuri Firewall is enabled)
- Timezone Override: Select a desired timezone for logs.
- Import & Export Settings: Copy and upload Sucuri settings as JSON-encoded data.
- Reset Security Logs, Hardening and Settings: Resets Sucuri settings.
- Scheduled tasks: Shows the frequency in which scans are performed.
- Can force a task to execute at a specific time using the drop-down.
- WordPress Integrity Diff Utility: Compares actual content vs original content for files provided by WordPress.
- WordPress Integrity (False Positives): Shows files that have been marked as false positives.
- Ignore Files And Folders During The Scans: Select files to be ignored during scans.
- Hardening Options: Quickly enable hardening options through this panel.
- Whitelist Blocked PHP Files: Certain hardening options may block PHP files from executing. This feature allows users to manually whitelist PHP files.
The following can be utilized if you believe you have recently been compromised or have had malware injected to your site:
- Update Secret Keys: Invalidates cookies, requiring all signed-in users to re-login.
- Reset User Password: Force resets for wp-admin users.
- Reset Installed Plugins: Resets installed plugins in case malicious code has been injected into them.
- Available Plugin and Theme Updates: View / Download the latest version of your installed plugin and themes.
- Alerts Recipient: Add email addresses that will receive alerts from Sucuri.
- Trusted IP Addresses: Forces plugin to stop sending alerts for specified IP addresses.
- Alert Subject: Format the subject of the alert.
- Alerts Per Hour: Configure the maximum amounts of alerts that can be sent per hour.
- Password Guessing Brute Force Attacks: Configure the maximum amounts of failed logins attempts before the plugin will determine a brute force attack is occurring.
- Security Alerts: Select scenarios where an alert will be sent.
- Post-Type Alerts: Alerts will be sent when selected pages or posts are updated. These can be disabled by entering a post ID.
API Service Communication
- API Service Communication: Communicates with a remote API service for safe data storage.
- Malware Scan Target: If required, manually update your URL for the malware scan.
- WordPress Checksums API: If required, manually update your URL for the WordPress integrity scan.
- Environment Variables: Shows server/site information (PHP version, PHP limits, OS, etc).
- Access File Integrity: Shows contents of the .htaccess file.
- How to use the WordPress Security Plugin (Sucuri Official)
- Sucuri Security - Auditing, Malware Scanner and Security Hardening (WordPress Official)