I have been using Sucuri since almost 2 years and thought of writing a review for the service. In this post, I will cover both – the good and the bad about sucuri. Might be a lengthy post.
The most necessary part – Sucuri WAF.
If you are someone who receives even 5000 views per day on your site, then you should consider Sucuri firewall or Web application firewall. Why? Because robots will attack your site consistently once u reach certain traffic. I know several bloggers who have more then 100 attacks in a day. These might be DDOS or malware or any other types. Even behind Sucuri WAF, I was infected with malware twice in last 2 years. But I had the malware protection plan so sucuri saved my site. If you cant afford a malware scanner in the start, you should definitely have a WAF at least.
The second most necessary part – Speed and performance
Yes – most of us use CDN’s. And many of us look for cheaper alternatives. But did u know, that for just $10, you could afford a WAF and a CDN. Sucuri acts like a proxy and it caches your pages in its server. I have found its image delivery and overall page caching to be fantastic.
A firewall has to cache your pages. This is done so that your website is not affected when a DDOS attack happens. The DDOS happens on sucuri’s server instead. Thus saving your own server a lot of bandwidth.
In this, there is one point I will add – change your login URL. Change it to something other then wp-admin. Whether u use firewall or not, this is a very important step for your wordpress install.
The problematic part – Caching duration
This is something I discovered recently and I was surprised by it. Sucuri will cache your pages for 4 hours and ur images for 3 days. Additional caching is not provided by sucuri at all. I tried changing the site cache headers and changing sucuris caching to respect site headers. But sucuri will not respect those headers for static. And in dynamic, sucuri will cache wp-admin pages too.
So the best caching is the SITE ENABLED caching which is 4 hours of page cache and 3 days of static image caching. This is far less then a CDN delivers. NOTE – I don’t have a problem with this caching. But sometimes it slows down sucuri and this they should understand themselves. Caching static for long period of times is a fantastic way to control server resources… their own server resources.
Problematic part number 2 – The service
The service of sucuri is average. Maybe it is good in other parts. But one of my friends and myself saw that they had issues but they do not agree to issues in their system. As Sucuri is owned by godaddy, It seems logical to assume that their growth has stopped and now they are only focused on revenue. So possibly this is the reason that initially service is great for setup and initial reaction wll be great, but like cloudways, expect service to be average – not the best out there.
If ever you need a firewall, then sucuri is one of the best in the business. I have checked cloudflare. And cloudflare has a lot of bells and tinkers. If u want something simple and straight, then sucuri is one of the best out there.