.st0{fill:#FFFFFF;}

Sucuri – Improved web security and Malware cleanup service 

By  Nitesh Kunnath

Flashback

A year back when we were hosted on MDD Hosting server, a malware intruded in our WordPress admin directory. Although we secure the admin directory using a strong password combination, the malware seemed to be more tough than expected which modified a lot files in the WordPress core files and plugins making the site blacklisted with Google and other web-servers. Our visitors informed us of the malware outbreak and we started to work on removing the same from our servers. When we were clueless about the malware infected files, the guys at MDD Hosting then suggested us of Sucuri where they offer free malware scan of the site. We just had to enter the domain name, and sucuri scanned the site and listed out the infected files to work on. We were successful on the malware removal process with great help from MDD Hosting support team and Sucuri malware file detection, but the malware experience was obviously dreadful to what we ever experienced over the infections to the hosting server.

Sucuri

Sucuri website security scanning monitoring service

Sucuri is a web based application which helps you to monitor your websites against malware and any unauthorized changes to your websites. It provides a one stop solution for DNS, WHOIS, SSL and other malware attacks on your website. It offers you a real time analytics and monitor any changes to your web server files, DNS, WHOIS and SSL settings. Sucuri is one of the most essential service one should grab owing to the real time monitoring nature against any unauthorized changes to your web server files, and any malware attacks to the website. Our skills and knowledge with respect to securing our web server has a limitation on various factors like 24×7 monitoring/securing our web server, extreme blocking of unauthorized intruding IP’s, securing our files with the latest web security standards. This is where Sucuri steps in and comes to your rescue to take over the responsibilities in securing your websites.

Sucuri provides their most efficient online malware scanner (for websites) to the general public for FREE (limited access). The online Free website scanner provides a detailed examination of your website files, malware status, blacklist status and the URL’s scanned from your website. These Free services are limited to some features and to experience the true potential of a tight web security from Sucuri, you should try out their premium subscription packages which is reasonable to what it offers. We will explain you further on what grounds Sucuri proves beneficial to your website with respect to securing the website from external threats.

Website Monitoring

Sucuri provides regular monitoring of your website with frequent checks for malware and blacklist status every 4 hours. It ensures that there is no malware, malicious javascripts, malicious iframes, suspicious redirections, Blackhat SEO spam and link injections in your website.

Website Monitoring-Sucuri
Website Monitoring Service by Sucuri

Ensuring your website is clean from malwares and other threats helps your website to be not listed as blacklisted sites by Google, Norton, Phish tank, AVG, Opera browser, SiteAdvisor, Sucuri Malware Labs, Yandex and ESET. Blacklisted sites usually are bad for website ranking, popularity and online reputation of your website. A blacklisted website when visited, shows a warning that it is not safe to browse the landing site. Here is an example of how a blacklisted website looks like in google chrome:

Malware Infected Website Notification in Google Chrome
Malware Infected Website Notification in Google Chrome

Server Side Scanning

Server Side Scanning by Sucuri
Server Side Scanning by Sucuri

Server Side Scanning is another unique feature offered by Sucuri. Server Side Scanning as the name suggests, scans your website server for any suspicious files, ensuring your website is safe from any backdoor access. It audits every file change event helping you to monitor if there is some suspicious change to the server files. Enabling this feature on your server is very simple. All you have to do is upload a small .php file provided by Sucuri to the root directory of your website and the feature gets enabled. This feature is premium and are offered only to the paid subscribers of Sucuri services.

WordPress Audit log Plugin

Wordpress Audit Log plugin by Sucuri
WordPress Audit Log plugin by Sucuri

Sucuri offers an additional security for the self hosted WordPress (CMS) blog owners by examining any changes to the wordpress files and plugins. It alerts you if there are any changes made to the wordpress core files which could have resulted in a possible hack attack. Every changes made to the WordPress files and system will be logged into the Sucuri audit log for better control over the wordpress install. Often hackers make a backdoor to your website server and injects files with file names resembling original wordpress files such as “wp-user-old.php”. An average user do not suspect such file names to be a malware and hence do not take appropriate actions. Sucuri scans out such files and if any files aren’t matching with the WordPress Core files, it instantly alerts the website owner with frequent mails and twitter notifications (if configured).

Sucuri Block and White Lists

Sucuri WordPress plugin is provided with an unique security with respect to IP blocking and whitelisting. If Sucuri finds any hack attempts or suspicious activity from an IP, it instantly block access to your website from that particular IP making your website safe from hackers and spammers. After we installed the plugin, we noticed that a lot SPAM bots have been blacklisted by this plugin and thus the SPAM comments on our website minimized. Also these IP’s were trying to access areas which they are not supposed to be a part. This plugin is one of the best plugin we found for WordPress security of its purpose.

1-Click Hardening

Although WordPress is much secured, we shouldn’t give hackers even a small loophole where they could intrude and get hold of the wordpress files. We often do monitor our website security, set a strong login password, password lock the wp-admin directory, and many more steps in securing our wordpress install. But we may forget to implement some protective steps on our wordpress install like protecting our uploads directory, disabling access to the readme file of wordpress where hackers could get the wordpress installed version information. Even though if we remove the readme file traces from the installation, a future wordpress update will re-install those files.

Sucuri 1-click hardening tool provides the following features all in just one single click:

Verify WordPress Version

The tool will verify the wordpress version installed and alerts you if you are running an outdated version of wordpress.

Remove WordPress Version

It checks if your WordPress version is being hidden from being displayed in the generator tag.

Protects upload directory

It checks if your upload directory (usually wp-contents/uploads/) is browsable and checks if it allows the execution of .php files. If your upload directory is browsable and allows PHP execution, just a single click on the option will fix the loophole and secure the uploads directory.

Restrict access to wp-content

This option blocks direct PHP access to any file inside wp-content making your wordpress install more secure. If your theme is using timthumb to generate thumbnail pictures or have any similar picture regenerating scripts running, please do not activate this option as it will break those features. If you do enable this option, just remove the .htaccess file from wp-content and the option will get disabled.

Restrict access to wp-includes

This option will block direct PHP access to any file inside the wp-includes directory of your wordpress installation.

Verify proper usage of the secret keys

It checks whether you have proper random keys/salts created for WordPress. They should be created when you first install WordPress and regenerated if you have been hacked recently.

Remove readme.html (information leakage)

The readme.html file contains your installed wordpress version which is an information leak to hackers. This option will disable access to the readme.html file.

Change default database table prefix

By default when you install wordpress, the database prefix is “wp_” which should be changed to something which isn’t common with the wordpress installs. You may change your table prefix to some random names as “god_”, “k91_” or anything which will be tough for hackers to guess out. This option in the plugin will check if you are using the default “wp_” table prefix. The option will auto fix the default table prefix to something more secure.

Change default admin username

This option will check if you are using the administrator default username “admin“, and if so it directs you to change the username to something different than “admin“.

Verify PHP version

This option will check if your server is running the latest PHP version and if not, alerts you to make the appropriate changes to the web environment.

Note: On activating all these above mentioned 1-click hardening options, we found that if there is any wordpress update or plugin update, all we could see is the notification but when we attempt to update the update module disappears or restricts of any update service. The cause for this action we believe to be the “.php execution prevention” this plugin performs which restricts any file to be modified. Currently we have to deactivate Sucuri wordpress plugin to perform any wordpress update or plugin update and reactivate the Sucuri plugin. We have notified this issue to the sucuri team and they will soon be coming up with a better workaround of this situation.

Malware Cleanup Service

Scuri offers their clients an unlimited infected page cleanup service for their website which is covered under the sucuri plan along with blacklist removal. We haven’t yet had any situation for using this part of the service, but you can imagine having a professional security experts cleaning up your website all for a very nominal price which otherwise could have costed $200 per hour just for consultation. Although after so much security and monitoring if ever your websites which is covered under the sucuri plan you subscribed gets infected with malware or hacked, you just have to fill up a malware removal request form provided under Sucuri Dashboard and the sucuri team will handle the rest. If ever Google and other services blacklist your site due to malware infection in the meantime or any other case, the sucuri team will also handle the blacklist removal for your website. Here is the screenshot of what the “Malware Removal Request” form looks like:

Sucuri Malware Request Form
Sucuri Malware Request Form

Sucuri Cloud Proxy

Sucuri Cloud Proxy

Sucuri Cloud Proxy is yet another paid service from Sucuri team. It offers a powerful security layer to your website. It blocks all the attacks before they could reach your website harming anything. Even if your scripts are outdated and unsecured, the cloud proxy service prevents any infections and reinfections affecting your website. Although we always suggest you to update your web scripts regularly for ensuring maximum safety. Cloud Proxy includes a full web application firewall protection, IPS (intrusion prevention system), virtual patching and log monitoring. All these services are provided via cloud and thus you need not have to install anything on your end.

A visitor visiting your website is passed through a high speed sucuri cloud proxy layer which blocks all the potential threats and attacks to your website making your website really secure and safe.

This service is not pre-supplied/included with any of the Sucuri packages but provided as an add-on to the package you are subscribed. This service is charged at a nominal fee of $9.99 per month with dedicated tech support. Each subscriber of Sucuri services are offered with a free trial of Cloud Proxy service and after the trial gets expired, will be charged with $9.99 per month.

Sucuri Website Backups

Sucuri offers regular website backup service with their most secured backup solutions. The backup solution is platform agnostic, thus pulling all your server files and database content remotely into the secured cloud backup solution. All it requires a FTP or SFTP to be enabled in order to perform daily backup of all your server files.

This service too are offered as an add-on to the sucuri packages with a nominal fee of $5 per site per month.

Alerting Service

If ever your website security is compromised or any unusual activity is detected, Sucuri will alert you via direct short message service (SMS), Instant Messaging (IM), Twitter, and Rich Site Summary (RSS). You will be the first person to know if any unusual activity is detected on your website. Apart from malware, blacklist status and unusual activity alerts, they also alert you of any DNS change, whois change and SSL change.

Pricing

We are currently testing out with the Premium plan of Sucuri Services which costs $89.99 per year and include 1 Website monitoring. Hence the monthly cost may figure out to around $7.50 for a website. It is better to pay $7.50 per month and keep it secure rather getting your website hacked and then pay heavy charges in three digit number ($$$) to cleanup your site from any professional team or individual. The price-sheet of Sucuri services are as mentioned below:

Sucuri Malware cleanup service Pricing
Sucuri Malware Cleanup Service Pricing

They also have custom pricing plans if you have more websites than what the “Business” plan covers.

Verdict

Each day we hear numerous websites getting hacked globally. Sucuri, being in the industry from 2010 have the best experience with website cleanup and other security related solutions. It is much better to be alerted from a security service like Sucuri about your website getting hacked rather than your users alerting you the same or after Google blacklists your website for potential threat to users visiting your website. Many top publications such as CNN, PC World, TechCrunch, TheNextWeb uses Sucuri services and recommend the same to every website owners who wish to have a better security of their websites and care about their website security. We too are using Sucuri services and the features offered had never let us down.

Website Security Badge

Sucuri Website Badges

Show off the world that your website is secured with Sucuri and are malware free with Sucuri’s Website badge. You can find our security seal from Sucuri at the Footer of our website which mentions this website as “Sucuri Verified Site – Verified to be malware free”.

Give Sucuri services a try and keep your websites malware free.

Sucuri - Improved web security and Malware cleanup service

10

Server side scanning

10.0/10

Malware detection rate

10.0/10

Ease of use

10.0/10

Protection Level

10.0/10

Value for money

10.0/10

Pros

  • 1-Click Harden protection
  • WordPress protection features
  • Free Malware cleanup service with the plan
  • Cloud Proxy service
  • Free instant malware alert service

Cons

  • Nil so far

About the author

Administrator - GizmoLord.com

Follow me:

  • We use Sucuri free malware scanner and it is really a nice service from them. Well, you have covered all the features of sucuri which I was not aware of.

  • {"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
    >