Tools for checking your website
Trail Websites recommends using a security plugin like Wordfence or Sucuri to protect your WordPress based website. Both companies now offer free site scanners you can use to quickly check whether your website has any glaring security risks. Before I give you the links, a few notes:
- No single tool can tell you if your site is 100 percent safe. Keep software updated, do regular backups, use strong passwords and do all the other reasonable things that make a website safe.
- These are valuable tools but they are also sales tools. Keep that in mind when reading the results. Whether they find any issues or not, there will be at least a subtle push to add their security plugin to your site. We encourage you to consider doing exactly that because it is a good safety practice, not because they say so in the free test results.
Wordfence just launched https://www.gravityscan.com/. They will ask you to sign up for a free account to get expanded results and so they can market to you by email. This tool just launched and demand is high so it could take a few minutes for your request to make it through the queue for scanning. Be patient, the results are worth the wait if they help you find and address weaknesses. Wordfence seems to want Gravityscan to exist as a free service with its own brand. They don’t hide the relationship. They do sell a scheduled scan for $10 / month as a “Pro” version of the service so you don’t need to keep remembering to run the scan yourself. Our recommendation: install Wordfence on your site. Even the free version does a more complete scan, more often, and sends you instant alerts for problems along with periodic reports. Wordfence focuses exclusively on WordPress though Gravityscan will provide useful reports for sites running on other solutions.
Sucuri has been operating https://sitecheck.sucuri.net/ for a while now. They do not ask you to sign up for an account but they do surround the test experience with more advertising for their products and services and, unlike Wordfence’s Gravityscan, make no attempt to position the tool as separate from their brand. Sucuri is a little more expensive than Wordfence and they no longer offer a free product. Sucuri is especially useful if you use a range of platforms and want one security tool since they support WordPress, Drupal, Magento, Joomla, Microsoft ASP.NET, phpBB and Bulletin.
Need help securing your WordPress website and keeping it secure? Consider having Trail Websites manage your website for you.