WordPress site securityprotects your business and consumer data from hackers and digital threats. The challenge? Security issues aren’t always under your control.
Consider the recentGodaddy违反这使超过120万WordPress用户受到了妥协。Godaddy采取了安全措施,但仍然是网络攻击的受害者。
While it’s impossible to completely eliminate risk, the use of WordPress security plugins can provide a measure of protection against attacks, regardless of their origin or intent.
但是哪个插件适合您?在本文中,我们将处理两个最受欢迎的安全插件 -Sucuri和wordfence— and see how they stack up when it comes to site security.
Sucuri和WordFence:基础知识
Sucuri和wordfenceare both WordPress security plugins you can download and install on your site to detect and defend against potential threats. They’re considered the top two plugins in the WordPress security space — as a result, they offer similar functions to help protect your site.
The differences are in the details. For example, while Sucuri offers a variety of post-attack actions to help reduce the risk of future compromise, Wordfence provides real-time monitoring of users to help pinpoint attacks before they begin. In effect, these are two sides of the same coin — which works best for your site depends on current needs around data protection, attack detection, and remediation.
For each plugin, we’ll compare and contrast four key areas: Ease of use, firewall defense, active alerts, and pricing.
探索WordFence
Let’s start with an exploration of Wordfence.According to the plugin’s official site, the plugin has been downloaded more than two hundred million times and regularly blocks nearly nine billion attacks per month.
WordFence全都与WordPress安全性有关 - 该插件专为WordPress站点设计,并包括端点防火墙和用于捍卫WordPress部署的恶意软件扫描仪。它还具有实时威胁防御供稿,可通过最新的恶意软件数据更新防火墙功能。
Ease of Use
Getting started with Wordfence is straightforward. Download the plugin and install it, then agree to the terms of service, provide your email address for security notifications, and you’re good to go. Wordfence also includes a setup wizard to help guide you through the process and get everything up and running.
The biggest potential drawback? A cluttered and somewhat unintuitive interface. While all the data and features you need are there, it’s not always easy to find.
防火墙防御
As noted above, Wordfence includes a dedicated WordPress firewall that’s regularly updated to help monitor your site for potential attacks and provide immediate notifications. When it’s first activated the firewall enters “learning mode,” which lets it understand how users access your site and helps pinpoint potentially malicious behavior —meaning it can actively improve defense the longer it runs.
挑战?最初,只有在您的WordPress站点加载时,防火墙才活跃。您可以将其更改为通过“扩展模式”进行连续监视,但这需要手动设置。还值得注意的是,WordFence防火墙基于端点,这意味着它只能在已经到达您的网站后阻止流量。
Active Alerts
Alerts in Wordfence are straightforward. First, they’re highlighted next to the plugin name itself in your admin dashboard. When you click through to the plugin, you’ll get a list of alerts organized by severity. Simply click on a notification to learn more about its potential risk and how to fix it. You’ll also get notifications of critical events via email, and you can set the severity of an event that will trigger the email.
价钱
wordfenceoffers different pricing tiers depending on the number of licenses you buy and the length of coverage you choose.
A single license is $99 per year, while buying 2-4 saves you 10%, 5-9 saves 15%, 10-14 saves 20%, and 15 or more comes with a 25% discount. You can also save 10% off your initial purchase if you buy two years of coverage up-front, or 20% if you purchase three years.
Evaluating Sucuri
Sucuri, meanwhile, offers a WordPress security plugin as part of its larger suite of security services. It includes website hardening features to frustrate attackers, active malware scanning to detect threats, and core file integrity checks to ensure your site security is up to snuff.
Ease of Use
Sucuriis also easy to use. Download and install the plugin and it automatically performs a quick scan for any active security threats. The interface is streamlined and simple with a minimum of extra windows or pop-ups.
防火墙防御
Sucuri使用基于云的网站应用防火墙(WAF),这意味着它不断活跃,不需要网站所有者维护。它还能够在到达网站之前检测和拦截流量,以帮助停止恶意软件和勒索软件的传播。
It does, however, require you to modify your domain name DNS settings to ensure all traffic is routed through Sucuri’s servers.
Active Alerts
Sucuridisplays the current status of your WordPress files in the upper right-hand corner of the plugin page. The middle of the page contains details about audit logs, iFrames, links, and scripts, and under the Settings tab you can modify the number of alerts you receive per hour and the events that trigger these alerts — such as the number of failed logins per hour.
价钱
Sucuri提供了三层定价:基本,专业和业务。基本计划为每年$ 199.99,专业计划为每年299.99美元,业务计划为每年499美元。
随着安全扫描频率的增加,Premium计划还包括更快的恶意软件删除SLA。尽管基本计划的恶意软件删除SLA时间为30小时,但业务计划可在短短6个小时内提供分辨率。
替代WordPress安全插件
Don’t like either of the protective plugins we’ve described above? Other WordPress security options include:
1.Defender
Price:Free, with paid plans available
Defender已下载了100万次,并提供了带有IP阻塞,恶意软件扫描和蛮力登录保护的防火墙,这一切都是免费的。您还可以以每月49美元的价格升级到Defender Pro,以访问更多的深入支持和报告选项。
2.All in One WP Security and Firewall
Price:Free
This plugin is free, versatile, and popular. It provides malware and vulnerability scanning along with database backups and firewall protection.
The caveat? If you want more advanced features, you’ll need to activate them by editing your .htaccess file.
3.Jetpack
Price:Free, with paid plans available
Jetpack is an all-inclusive security solution that comes with spam and malware blocking along with activity logs and site stat reporting — all for free. Upgrading to Jetpack Premium, meanwhile, gets you daily scans and the ability to back up your site in real-time for easy restoration.
4.Security Ninja
Price:Free, with paid plans available
The Security Ninja plugin includes more than 50 security checks to help pinpoint potential problems on your WordPress site. Upgrade to Security Ninja Pro for $39.99 per month and these checks — along with fixes — are handled automatically.
5.Shield Security
Price:Free with paid plans available
The free version of Shield Security includes an application-layer firewall and automatic blocking of malicious actions and bots. Pay for ShieldPro, meanwhile, and you get access to dedicated technical support for increased site security.
Looking for even more plugin options? Check out our list of greatWordPress security pluginsto help protect your site.
最终获胜者是…?
视情况而定。
Both Sucuri and Wordfence offer a host of great security services and solutions, but which one is right for you depends on your needs.
For example, if a cloud-based firewall that stops malicious traffic before it hits your site is your biggest priority, Sucuri is your security plugin of choice. If you need a cost-effective security platform with robust alerts and notifications, meanwhile, Wordfence may be the better bet.
无论您选择哪种插件(WordFence,Sucuri或其他防御选择),正确的解决方案是提供安心而不会破坏银行的解决方案。
Originally published Dec 22, 2021 7:00:00 AM, updated December 22 2021
Topics:
WordPress SecurityRelated Articles
