Using Sucuri Antivirus for WordPress

A couple of weeks ago, I talked about how there’s no such thing as the perfect WordPress host. In the end, it comes down to the requirements of your project that will dictate what host is best for your project.

But what happens when you find yourself placed in this dilemma:

There’s a host that you want to use because of some of the features, but it doesn’t fit the bill for the rest of the project.

Case in point: One of the things that’s popular right now is to have software such as a malware or a virus scanner. And who would fault anyone for wanting that?

I’m a fan of it and it’s something I recommend to most anyone running a web application. In my mind, anything that saves user input of any type should have something like this.

That said, one of the hosts that I often recommend does not have this built-in. So I’ve opted to go with Sucuri Antivirus.

Sucuri Antivirus

I’m a big fan of the service.

Sucuri Antivirus

According to the product’s website:

We will secure your website from hackers, so you don’t have to. Our security experts will thoroughly scan, clean, monitor & protect your website 24/7.

And for the last few months of using the service, I can say Sucuri upholds their end of the service. In fact, I get a weekly report on exactly what the service has found on my server.

Sucuri Antivirus Report

So far, so good, right?

Ultimately, this is a set it and forget it type of service. For the price and the peace of mind, I can’t recommend it enough if your host doesn’t offer this.

If you’re not running some type of security software on your server, then I highly recommend Sucuri’s offerings especially if you’re in the WordPress-space.

7 Replies to “Using Sucuri Antivirus for WordPress”

  1. We’ve had a lot of issues with website hacking and malware and everyone keeps recommending sucuri – including Siteground (our host). The problem is that we run 16 sites and so it would cost us around $3000/year.

    Do you have a recommendation for a different sofware or host that provides good security at a normal price?

    We have become pretty expert at finding and cleaning the malware itself but the hackers have inserted some sort of backdoor into our sites so it’s easy for them to hack us again and again.

    Thanks!

    1. We’ve had a lot of issues with website hacking and malware and everyone keeps recommending sucuri – including Siteground (our host). The problem is that we run 16 sites and so it would cost us around $3000/year.

      If you’re experiencing this kind of hacking and malware on a decent host, then I’d say to also take a look at some of the themes and plugins you’re using.

      If this is happening on a sever that has built-in malware scanning (like SiteGround), then the next place to look is the quality of the software you’re using to power the site. WordPress is generally pretty good, but if you’re seeing this kind of stuff for a number of your sites and you’re using themes that aren’t well-built (that is, they are cheap and/or they don’t follow the WordPress coding standards and/or they haven’t been professionally audited and/or they aren’t served through a reputable marketplace), then your problem is likely there.

      Do you have a recommendation for a different sofware or host that provides good security at a normal price?

      If you’re already using SiteGround, then I don’t. They are a good host and they have some built-in scanning software that should be running each week (or each night) and emailing you the results.

      I wouldn’t recommend moving away from them. I’d recommend taking a look at the quality of the themes and plugins you’re using.

      We have become pretty expert at finding and cleaning the malware itself but the hackers have inserted some sort of backdoor into our sites so it’s easy for them to hack us again and again.

      It may not be them inserting the backdoor – it may be that the themes are easy to exploit. I think you’d be surprised at the tools that are available for sniffing out how a site is built and then providing just enough for a malicious visitor to know where to pinpoint their attack.

      Hope this helps!

    2. First, Tom-Thank you so much for this article and shout-out. We appreciate you calling attention to this topic.

      Second, Myra-We have several different products that you could probably use. In total, you’d likely find it unnecessary to spend $3000/yr. We would appreciate the opportunity to discuss your needs further and help you put an end to those hacks. I would be more than happy to set you up with one of our consultants, personally. Feel free to contact me: michael@sucuri.net

  2. Price seems high to me. Maybe if you have a large site it isn’t too bad. I have about 25+ small personal sites.

    But for smaller blogs or websites $199/yr may put Sucuri Pro out of reach. The free version is a better bet for those that can’t justify $199. Sucuri + Wordfence may do the trick.

  3. Awesome article, Tom. We are WordPress web developers that provide a maintenance package for our clients that includes daily backups, site monitoring and updates, and a Sucuri license to monitor the unknown bad things that seem to happen to every site.

    Whether you have a host that provides these services, or pay for an independant service, we highly recommend making Sucuri part of your solution for keeping your site safe from external forces.

    Thanks for starting this conversation.

    1. Awesome article, Tom. We are WordPress web developers that provide a maintenance package for our clients that includes daily backups, site monitoring and updates, and a Sucuri license to monitor the unknown bad things that seem to happen to every site.

      Thanks for the kind words, David!

      I think using Sucuri is wise because they’re the experts at catching things that most of us simply aren’t equipped to do so. I’m a big fan of letting those who specialize in an area do their thing, you know? And they do it well.

      Thanks for starting this conversation.

      And thanks for chiming in! It’s nice to hear from others who’ve had good experiences.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.