We just released some major updates to our Free WordPress plugin that we recommend all WordPress users check out.
Before the update, the plugin was just a simplified way to reach and scan a site using Sitecheck, now it is doing a lot more:
- WordPress core integrity checking – This feature allows you to scan all WordPress core files to see if any of them have been modified.
- WordPress last login – This option allows you to see the last login for each user, and where it came from including date, time and IP address. It is very powerful when you need to audit a site and see how it was compromised.
- Post-hack options – If your site has been hacked, this option allows you to change all users passwords, reset keys, and take the basic steps to prevent more issues.
- More Hardening – We added more hardening options to help secure your site.
These are just some of the changes. Note that all these features are included in our Premium plugin, so current Sucuri users do not need to install this free version.
For everyone else, please check it out here: Sucuri WordPress Plugin
If you have any questions about the plugin, feel free to leave us a comment, or email us – info@sucuri.net.
18 comments
what’s the path to access the “post-hack” options in the premium version of the plugin?
If you’re running the latest version which is available at http://wordpress.sucuri.net for existing Sucuri users, you will see a new menu item for the post-hack.
These are really nice additions. I was asked to test the plugin a while ago and report back to someone on whether it was worth using or not. My opinion at the time was that it wasn’t of much use as it didn’t seem to do anything particularly useful. These additions change that. I will now be recommending this plugin to anyone who asks about security plugins.
Thank you, Ryan! We’re working hard to add relevant features while reducing the noise you find in some alternative plugins. If you have recommendations, feel free to let us know anytime!
This is outside the scope of your plugin, but I’ll mention the idea here anyway ….
A system which checks the file hashes, but from OUTSIDE of the WordPress installation, preferably from a different server entirely (via read only SSH) or from another user account on the same server would be very useful. This would avoid the problem of hackers catering for your plugin during their attacks.
The hash checks from within the plugin are most likely sufficient, but it’s not the perfect solution for those looking for an uber locked down/monitored system.
I have done work with governments and other organisations who are hyper aware of security issues and would probably pay good money for a product like that.
Nice guys good to see innovation oozing out 🙂
Does the WordPress integrity check work with all international WP versions or just with the original US version?
Want to know that as well! Thanks 🙂
Yes, it does! Or it should at least. If you see any issues, let us know.
I wonder if it this becomes possible: what would stop a hacker if it gets access and modifies the sucuri plugin and fools the end-user into thinking all is well? I suppose there is only so much that can be done with a plugin.
Yes, there is only so much we can do in there. For a more comprehensive solution, you would need an external firewall, like our CloudProxy WAF: http://cloudproxy.sucuri.net
I would like to know how to disable this feature. I find it quite annoying, and for my site not necessary.
Sorry should have made myself clearer…just the last user login feature.
I’m constantly looking for a security/antivirus/malware plugin that will alert me to malware on my site that I may not have caught. For me, the alerts are a top priority as I can remove issues myself. A plugin that cleans up those files for me, that’s just gravy, but not necessary.
Just a few hours ago, one of my hobby sites was hacked; it had 2 new php files uploaded and the header.php in WooThemes’ OnTopic theme was modified… …it’s a new site, hardly any traffic at all, so I decided to hold off on cleaning things up and instead, try testing all the security/malware/antivirus plugins available.
Sucuri scanned my site and gave me a clean bill of health. No malicious or suspicious anything found anywhere. Quettera did the same. So did AntiVirus. I tried a fourth but the plugin itself failed and wouldn’t let me access any of it’s admin pages to run an actual scan.
As for the hack itself:
– The r57shell.php file was uploaded to my wp-content and renamed to test.php. Easy to find.
– There was a new file called Cp57aDqRa899.php in my public_html directory, which was really easy to spot by eye as well.
– And finally, the code inserted into the header.php in my WooThemes OnTopic directory was put in a shitty place, so instead of firing, it just displayed the first couple of lines under the site’s header, which alerted me that something was wrong.
So basically, had the issues not been as obvious as they were, not a single one of the plugins available out there would have made a lick of difference or even managed to give me a heads up that I’d been hacked.
Oh, and finally, does anyone know if the ‘hardening’ procedure that the Sucuri Free plugin recommends has any conflicts when working with WooCommerce?
Nice set of features, but you should check the Apache error log before releasing the plugin….you generate a lot of input there:
ex:
WordPress database error Duplicate key name ‘id’ for query ALTER TABLE wps2_sucuri_lastlogins ADD UNIQUE KEY id(id) made by require_once(‘path-to-dirwp-load.php’), require_once(‘path-to-dirwp-config.php’), require_once(‘path-to-dirwp-settings.php’), do_action(‘plugins_loaded’), call_user_func_array, sucuriscan_lastlogins_table_exists, dbDelta
PHP Notice: Use of undefined constant SUCURI_LASTLOGINS_TABLEVERSION – assumed ‘SUCURI_LASTLOGINS_TABLEVERSION’ in [dir-path]pluginssucuri-scannersucuri.php on line 744
these two (from what I’ve seen so far) keep repeating and fill the log file, which is not nice at all… 🙂
I saw the update and installed it during the week, nice roundup of the new features guys.
Nice set of features. I’ve used to date and I am very satisfied
I would like to know how to disable this feature. I find it quite annoying, and for my site not necessary. The information in this article give me many useful things. Really thank you.
Comments are closed.