Subscribe

General Sucuri Review

Let’s Start with a Video. The Sucuri Tour.


Some Backstory on My Websites Being Hacked

First thing I normally do in the morning is check on my various websites. Out of some level of vanity, I like to type in their specific keywords and see how they rank in Google. Well, this particular morning, that is exactly what I did…and nearly did a triple-take at the small, underlined text just below the name of my website. It read: “This site my be compromised.”

What the –?

When you discover you’ve been hacked, many emotions filter through you: denial, outrage, resignation, and so on. Needless to say, I spent the rest of the day in a fog, doing endless research, trying to find out what to do. Of course, it became an obsession, to the point where I neglected focusing on other important aspects of my business, like doing time sensitive estimates, invoices, and business planning.

Well, looking back, it was only a matter of time. Hacking is so common. Plus, I’d neglected to keep WordPress updated, and all of my website forms had no captchas assigned (let he who is without sin cast the first stone, folks). And according to customer service at my hosting provider, I would need to go through every individual file on my server. Not so much. I set out to find effective malware scan plugins for my WordPress sites.

Hence, Sucuri Security.

This is when I stumbled upon Sucuri.net. To be honest, I’d never heard of people being able to removed malware for you. Say what? I gave their free scanner a try, and it turned up very detailed results about the malware infecting my site, as well as their locations on my server. Sucuri promised to have it removed in about 4 hours, and to monitor my website every 4 hours for me. It would easily have taken me weeks to remove it on my own, and even then I wouldn’t have had peace of mind because the malware could easily come back. Just to do my due diligence, I did some additional research and found some quality reviews, and within an hour, had decided to go with Sucuri. I almost cried real tears of relief that morning, trembling cup of tea in hand. After signing up, I lay down to take a nap, having slept very little the night before, trying to figure out what to do.

When I woke up 2.5-3 hours later, I had a couple emails in my inbox informing me that they had not only removed the malware from both of my sites, but they had also “hardened” some weak areas as well. I was amazed. For the specifics of the various ways they “harden” your site (including through the use of their WordPress plugin), they discuss it in detail on their site.

Price

Their pricing is extremely reasonable, considering the services they offer. At present, they have three tiers: they will monitor 1 website for $89.99/year, 2-5 websites for $189..99/year, and 6-10 websites for $289.99/year. Beyond that, they have custom plans that they can make fit to whatever amount of websites you have. Now, here’s the important part to understand: once you pay for the year, they will service your website as many times necessary for that one year. This is crucial, folks. I signed up for the service in order to have my site cleaned, but considered it a bonus that they would fix it again if it got infected a month later. Shoot, if it gets infected on a monthly basis (which is highly unlikely), they will clean it up, month after month. Sweet.

Just for kicks, I scanned other website security sites for comparison and was shocked at their steep prices, especially since some of them didn’t even include clean up services. What the heck? I saw some as pricey as $1000.00 a year, and offered the assurance that they would monitor your site, give you a pretty seal, and offer you suggestions if you website got hacked. Suggestions? Let me tell you, when my site was hacked, I wasn’t looking for suggestions, I was looking for immediate solutions, dagnabbit. Suggestions, puh. Okay, I’m done ranting.

Monitoring

Not only that, but they monitor my site for me, 24 hours a day, 7 days a week. And if my websites get infected again, they will fix it again…and again. And again. And it’s at no additional charge once I signed up for the service. As I mentioned, it takes them only 4 hours to fix a website on average. For me, it was less.

Once you sign up and log in, below is the Sucuri dashboard:

Sucuri Dashboard

Sucuri will monitor your website at 3, 4, 6, 12, and 24 hour intervals. Check it out:

Sucuri Monitoring Intervals

Alerting

In the event that they find malware on your website, they have a handful of ways to alert you: through sms text message alerts, email, Twitter, Instant Message (IM) Alerts, and RSS alerts. Here are they are from the dashboard view, when you’re logged in.

Sucuri Alert Screenshot 1

 

Sucuri Alert Screenshot 2

Sucuri Alert Screenshot 3

Sucuri Alert Screenshot 4

Sucuri Alert Screenshot 5

Malware Removal

Let’s say you Sucuri sends you a notification in one of the above ways, alerting you to the fact that malware has indeed infected you website again. Sucuri will remove it for you, but you must submit a “Malware Removal Request,” as seen below. Some people see it as a negative that Sucuri doesn’t jump the gun and remove it for you, but I personally like the fact that they won’t act without my explicit consent.

Sucuri Removal Screenshot 1

Sucuri Removal Screenshot 2

 

So In Conclusion…

There’s nothing worse than finding out that your website’s been hacked. And there’s no telling the full extent of what the hacker has done, because they are very, very intelligent. Some simply want to vandalize your website with unwanted porn/viagra links in the code, while others store your info. They can do virtually anything, including creating “back doors” to your website via your server, so that even once you’ve deleted infected files “A” and “B”, they can easily reinfect your website.

It is for this very reason that I would recommend Sucuri. They remove the malware and strengthen your site, and eliminate the things you would not normally find on your own, including those back doors. In addition, they offer quite a few educational resources on their site, seeking to educate us about the different threats out there.

So in a nutshell, I would recommend Sucuri, especially for the small business owner or web designer. There you have it.

Visit Sucuri.net

Still Have a Question? Ask Away.

6 comments
BoE6
BoE6

What are the other techniques that they offer to "harden" your website? That sounds interesting.

This is an amazingly descriptive review of Sucuri. I love the screenshots that you added in.

Sarahk26
Sarahk26

This was so detailed, thanks! I haven't gotten to that stage yet where my website's been hacked, but as you said, it's only a matter of time. To be honest, I didn't really think about it too much before. This is a great service that you've provided to all of us- I will be sure to keep Sucuri in mind in the future, just in case.

Chamira
Chamira moderator

Yep, they offer different techniques to "harden" your site, which is quite useful, actually. And even if your site gets hacked again, they'll take care of it within hours, once you submit the malware removal request. Afterwards, they give you a list of steps to take to safeguard your site against another attack, which is cool.

mandyallenemail
mandyallenemail

My site was hacked once too.  The whole thing was a complete nightmare.  Wish I'd have known about this before then, it may have prevented it happening.

Chamira
Chamira moderator

Thanks! Their descriptions of how they harden your site can get a bit technical, but through the use of their Wordpress plugin, it gives you simplified options with the click of a mouse (which is why they call it "One Click Hardening on their site). Depending on the options you select, you can have Sucuri automatically strengthen your configuration file and location verification, harden the readme file and PHP verification, and other useful features as well. In essence, their plugin acts as a Web application firewall, and keeps an audit log of all the activity that goes on inside of Wordpress, including login failures, which can be quite telling if someone is trying to hack into your Wordpress dashboard.

 

I'm glad you like the screenshots. I tried to be thorough :)

Chamira
Chamira moderator

You're very welcome! The more detailed, the better.  And like you, I didn't really think about it until it happened, eek! Sadly, for most people, it really is only a matter of time.

A Big Thank You

We want to give IconFinder a huge thank you. The less time we have to spend on finding images for this site, the more we can focus on pumping it full of information to help you keep your website safe.

Affiliate Link Information

We were so impressed with Sucuri's services that we signed up to be an affiliate. Therefore, the links on this website connected to Sucuri.net are, indeed, affiliate links, as well as other services that equally impressed us.