With millions of active installations around the world, the WordPress platform is an attractive target for hackers. Sucuri Security is a free plugin designed to protect your WordPress installation from malware, known exploits and intrusion attempts.
The standard edition of the plugin supports features such as security activity auditing, file integrity monitoring, remote malware scanning, blacklist monitoring as well as recovery support should your website be compromised. The premium edition adds a comprehensive website firewall.
A core integrity check scans your installed WordPress files and folders for suspicious additions or file changes. These core checks comprise two elements – a HTTP request that communicates with an official WordPress API service and the implementation of a checksum reader. The plugin analyses the checksum to detect if a file has been added, modified, or deleted.
Meanwhile, an event monitor logs a variety of security-relevant actions that are triggered by WordPress. These include events such as a user authenticating, or failing to authenticate, a file uploaded, a post or page published and so on. You can choose to be notified by email whenever one of these events occur, allowing you to investigate further.
Malware scanning searches for malicious code embedded on the pages of your site. It can detect and report known malware, blacklist status, website errors and out of date software, reducing the risk of intrusion and data loss.
To learn how to install and configure Sucuri Security for WordPress, check out this HostPapa knowledge base article: How to install and set up the Sucuri Security plugin in WordPress.
For further questions, or if you need help, please open a support ticket from your HostPapa Dashboard. Follow this link to learn how.