One of the most important things you need to take care on your site is its security. If you frequent WordPress related forums or groups you will often run into posts that ask for help after a malware infection or hear about security vulnerabilities discovered in WordPress plugins or, more rarer cases in the WordPress core itself. Many of these issues could be avoided by using a security related plugin on your installation. This is what our plugin of the day is about today.
If you haven’t heard of Sucuri, you will be relieved to hear they are a leading online security brand. WordPress security is among their fields of interest. This free plugin includes an array of tools to help you tighten security on your site and monitor it efficiently. Its activity auditing feature tracks any changes made on your site that might be security related, for example user logins and modifications. Another important thing the plugin does is monitor file integrity. Once its activated it creates a “good” state of all important files on your site and if at some point in the future it notices a modification of these files it will let you know.
Modifications often occur from malicious attacks and knowing about them will help you respond to the issue effectively. A malware scanner is also built in to the plugin making malware detection very easy. The plugin provides effective security hardening options like preventing PHP execution in the uploads folder or restricting access to PHP files in the wp-content and wp-includes directory and many more. Some helpful post-hack tools are also available to you such as creating new security keys, changing user passwords and resetting plugins. All of the above are included in the plugin for free.
There is also an add-on service which is a website firewall (Cloud WAF), this is a subscription based service and provides you with DDOS attack protection, brute force attacks, software vulnerability exploitation and more.