Many of you may have noticed emails coming from Sucuri letting you know that hack attempts have been attempted on your site. This is from a recent plugin that we have added to customers sites to help heighten the security that we already have in place on our setup.
If the emails are too much for you, they can be adjusted within the WordPress dashboard under Sucuri Security, and then Settings, and Alerts. Please see below for settings that you may want to adjust to cut down on any/all emails from the plugin
We advise keeping this plugin enabled as it is very handy in helping to detect if files have been changed or if bots/hackers are attempting to brute force your logins. You can read more about Sucuri and everything else that they offer on their website.
Settings that should be adjusted to reduce or stop alert emails.
- Maximum Alerts Per Hour – Set this to the lowest value.
- Consider Brute-Force Attack After – Set this to the lowest value.
- Event Description – This is the section that will help most with reducing the emails. Make sure to uncheck “Receive email alerts for failed login attempts (you may receive tons of emails)” and “Receive email alerts for password guessing attacks (summary of failed logins per hour)” if you want to cut back the bulk of emails as the servers will handle blocking these attacks for you.
- The most important feature to keep enabled would be “Receive email alerts when a file is modified with theme/plugin editor” that way you know if any files have been altered by a possible code injection.