Have you ever wondered what is the worst that can happen to your website? If you are a WordPress user, you probably have and that’s why you’re here now, going through our analysis of these two security services - to see which from Sucuri vs Sitelock is best for your site.

sucuri vs sitelock

We’ll be completely honest with you; nothing can be worse than your platform being maliciously attacked, compromised, infected, and finally being delisted or deindexed from Google.

If your site is detected as hacked, your website WILL get demoted. We know, at CollectiveRay.com we've cleaned plenty of hacked websites.


This site may be hacked

But even if your domain does not get demoted - that stark warning on search results will kill your traffic. People will, rightly, be cautious of visiting your domain.

And worse still, you will probably not see it coming because you were hardly aware of what was going on. You can probably agree with us that nothing hurts more than being knifed in the back when you least expect it.

So while you tirelessly work to a build a kick-ass business, remember that cybercriminals are working equally hard to gain access to it. It's their profession after all.

Did you know that the average website gets attacked 44 times per day?

The average website gets attacked 44 times per day

The last thing you want for your online presence is spamvertizing, links to spammy content such as UGG boots or Air Jordans, or even worse to have the personal information or your customers exposed to the rest of the word. That's beside dropping out of Google results.

Well, that was the bad news.

The good news is that there is something you can do about it. After this Sitelock vs Sucuri review, you will be informed enough to take the right decision to protect your site. You will no longer have to worry about cybercriminals lurking, waiting to attack and compromise your business.

More importantly, you'll be able to make the best decision on whether to go for Sucuri or Sitelock as your choice of security service to protect your business.

In fact, in this article, we’ll be reviewing two of the leading security services to help you get a clear understanding of what you will be working with. You'll see in details what level of protection each of these services can offer.

Let’s dive right in.


  Sucuri Sitelock
Price From $9.99/month From $109.99/year (excluding multi-year or bulk discounts)
Free Version Yes Yes
Real-time scan Yes Yes
Website Firewall Yes Yes
Latest threats update Yes Yes
System Security Tweaks No No
Core Code Changes No Yes (Vulnerability patching)
Cloud-based / vs Website Both Both
Cool Feature CDN for added performance Vulnerability patching
What we liked  DNS Cloud-based protection takes brunt of attacks  Brute-force attack blocking
   DDOS protection  Vulnerability patching
   Zero-day exploits protection  True Code SAST
   Core integrity checks  
What we didn't like  Some features a bit pricey  Some dodgy reviews
     More expensive that Sucuri and not as popular
Overall 🏆  
Website Visit Sucuri Visit Sitelock

So what exactly are we comparing? 

Key Factors for comparison

In this review, we will be looking at which service between Sucuri vs Sitelock, satisfies our web security concerns. For this to happen we will check if they tick off every box in our key factors:

You’ll discover that the main reason why we’re getting a security plugin is to make sure we get the following benefits

  • Detection - How well is the service equipped to detect threats which are aimed at your domain? And how well does it rate in terms of hacks which have ALREADY occurred, maybe your site is already hacked.
  • Protection - Besides detecting threats, we obviously want to protect against them
  • Quick Response - How fast the company is to reach a hacking incident and how quickly they are able to help you resolve such an incident.
  • Backups - Does the service provide backups as part of the whole feature set?
  • Pricing - How much does the service cost? Is it perpetual license? Does it need to be renewed monthly or yearly
  • Customer Satisfaction - How does it look in terms of customer satisfaction? What are the reviews that the company and service gets in general?

Those are the most important factors to consider when you are looking to make a purchase.

Now let’s begin this Sitelock vs Sucuri comparison.

What are Cloud-based Website Security Services?

Both of these products are cloud-based website security and protection solutions.

But what does this really mean?

In essence, rather than having a plugin which is installed on your server, which happens with most web security plugins, these two plugins work as a reverse proxy.

Before getting lost in technical terminology, let's simplify this as much as we can. These services actually take the brunt of traffic sent to your site, both legitimate and malicious.

See a diagram below depicting how they work.

Cloud based website security - How it works

The services then use various technologies to root out all the malicious traffic and only send the good traffic to your domain.

This is a significant and great way of doing web security.

The reason that this is an excellent setup is this: a server which is under attack or suffering a number of malicious actions can easily get overwhelmed when it is hosted on standard services. Even with a security plugin in place, most hosting services will not be able to handle the wave of traffic sent to it.

On the other hand, cloud-based protection services are built to withstand this kind of assault, so they can never be overwhelmed by this.

Not only that, but they are literally fully optimized to kill any bad traffic to your server.

Who are SiteLock?


Bragging a 4.5-star rating, the SiteLock service stands out as one of the most popular, old-timers, having been around for about 10 years.

They bagged this years’ (2018) Cyber Security Excellence Awards for ‘Best Website Security Solution’ you’ll agree with me that it has rescued many websites from the dumps.

WINNER gold 2018 cyber security excellence awards

It doesn’t mean though that it’s flawless. Let's give it a closer look.

Before we start this review, have a look at the below video about how it actually works:

1. Ease of Access

The plugin requires that you log in to SiteLock’s platform and perform the integration process. The integration requires a number of steps:

  1. Verification of your domain by using either by adding a META tag on your domain or 
  2. Adding a file to the root of your domain

Sitelock - verify domain

Once the domain has been verified you will then need to perform DNS changes to start sending traffic to their service. Once the DNS settings have been done, you'll need to give it up to 24 hours for your domain to finally get fully protected.

DNS setup

Once this is done, you get access to a 24 badge that displays your protection status, which is great to instill confidence in your customers, that you care about the protection of your infrastructure, and you care for any data that they might give you when buying from you.

Let’s go straight to the features that make this service what it is, matching them against our key factors.

Sitelock website security updated

2. Detection & Response

In terms of this requirement, we can find the following feature set

  •   Website Scanning - This feature offers an in-depth check of all files and pages of your site which check for any existing, known and potential vulnerabilities like
    1. XSS cross-site scripting attacks,
    2. SQLi or SQL injection attacks,
    3. checks for any SPAM on your site which might mean that you have been hacked already, and such suspicious activity as external redirects or dodgy content,
    4. checks for any old applications and plugins used by your CMS or platform (which could cause problems).
    5. Most importantly, it also checks whether there is any malware already on your domain - to make sure this is identified and cleaned as soon as possible.
      Malware alert
  •   Infinity - this is a feature that continuously scans for malware and removes immediately. This is an exclusive product by Sitelock, which essentially keeps watch over your site by continuously scanning the contents of it, to make sure that if any malware hits, it is remedied immediately. This is actually an award-winning feature, the one which we have mentioned above. Given that this industry is very competitive, picking up such an award is a clear indication that this is an excellent offering. 
  •   True code SAST - this is another service which is catered more towards SaaS applications. Essentially, it keeps an eye on your own application which you have developed and any 3rd party services which your app integrates with. If any vulnerabilities are detected, you will be adviced immediately so that your developers can actually fix them asap.

3. Protection

Let's have a quick a look at the features offered by Sitelock in terms of protection of your website and web applications

  •   Smart Plus - Secure Malware Alert & Removal Tool (SMART) - is programmed to scan and clean web files every day. This feature included an automated CMS core patching, essentially catering for fixing any known vulnerabilities in specific versions of CMSes such as WordPress, Joomla, Drupal and others. This service actually replaces vulnerable files with their fixed patches automatically - a very neat service! It also actually goes beyond the CMS, to 3rd party plugins such as WooCommerce and Magento.


  •   Malware Removal - This service is actually a full-blown service which fixes threats and malware from your site. Essentially, if you have detected strange issues or know that your website is hacked, this service removes any threat. The service caters for various types of hacks including but not limited to, malware, defaced sites, backdoors (hackers controlling your site), phishing pages, pharma spam and malicious redirects.
  •   Trueshield Web App Firewall - This feature is a cloud-based firewall. Their technology actually detects human traffic and bot traffic, essentially killing off any automated malicious traffic and letting humans through. This is another very comprehensive service which is able to cater for the Top Ten Online Threats such as
    1. SQL Injections,
    2. Misconfigured Security,
    3. Cross-Site Scripting,
    4. Broken Authentication and Session Management,
    5. Exposure of Sensitive Data,
    6. Using components with known vulnerabilities,
    7. Cross-Site Request Forgery,
    8. Missing Function Level Access Control
    9. etc.
      Trueshield dashboard

4. Customer Satisfaction

Reviews of this plugin will most likely lead you to what the customers say when they talk about SiteLock. It's quite unfortunate that most of the reviews we are getting are negative with complaints like subsequent attacks hitting their domain even after integrating this security plugin.

What's worse is that SiteLock did not detect the attacks, and if it did, no warning was sent to the users. That’s not all. Some users have complained of blocked bots. So does this suggest that SiteLock is only excellent at cleaning but poor in being protective?

We're always wary of very negative customer reviews because a lot of people might have a specific issue or something circumstantial which broke their site. Be wary of negative reviews - we always recommend going for a trial, before making a judgment.

Still, we would prefer to find few if any negative reviews

Stick around to find out what we think.

5. Sitelock Pricing

SiteLock is available with 4 payment plans with two options: monthly or yearly subscriptions. Pricing is something which is not fixed - it varies depending on the services you choose so it's best to get in touch with them directly and request a quote for your specific use-case.

However, in general, you can find the following pricing plans:

sitelock pricing


  Restores your site from a blacklist and
  Offers protection against DDoS attack
  Boosts Website navigation speed
  Offers daily scans and clean-up of your files
  Offers instant malware removal on already affected sites
  Are PCI compliant
  Offers unlimited expert support


  Wrongful billing
  Customer dissatisfaction (Lots of negative impressions)

Visit Sitelock now

Onwards with our comparison, we now focus on the competitor, so that we can continue our Sucuri vs Sitelock article. 

Who are Sucuri?

Sucuri logo

This company stands out as leading favorite in online website security. With a clear objective to maintain customer satisfaction, they have put up excellent features in place to offer their customers:

  •   Protection - to protect and stop any potential hacks before they occur
  •   Detection - to inform the owner or webmaster of any potential security issue such that mitigating action can take place before any compromise happens
  •   Response - features which handle any existing compromise or hack and to remove any existing malware
  •   Back-up - to restore your setup if things are at a point where they are beyond repair, they will restore your site to a clean version (and then apply any additional protection)
  •   Performance - given that their very nature also includes a CDN, they offer your website increased performance to speed up your loading times and response.

How sucuri works

Having been in the industry for years, they have mastered their customer’s security challenges with a record standing at 98% customer satisfaction. They have taken steps to avail themselves of a large team of experts to take care of their customer’s needs, all over the world.

Read More: Our extensive reviews of Sucuri vs Wordfence - Which WordPress Security Plugin Is Worth Your Money? (2019)

Their global recognition and extensive research resources give them a positive reputation among small and large businesses alike, and even in the enterprise; the likes of PC World, Mashable and Forbes lead the thousands of customers that swear by Sucuri for their websites’ assured security.

Check out Sucuri now

Let's take a closer look at what they offer

Remember we mentioned earlier in this topic that Sucuri have narrowed their objectives to ensure they meet customer biggest concerns; detection, protection, performance, response and backups?

Let’s see if they have what it takes to do this.

1. Detection

Get alerted if vulnerabilities or hacks have happened and monitoring on-the-fly

Here, you get the following features that will help you monitor for hacks and any form of blacklisting:

  •   Server-side scanner
  •   Conditional Malware Detection
  •   Continuous Monitoring

2. Protection

No more Future Hacks

You can enjoy the protection from hacks and attacks with these features:

  •   Malware & Attack prevention
  •   DDoS attack Mitigation
  •   Brute Force Protection

3. Response

Assistance for hacked sites

We love the fact that doors are not only open to those seeking preventive measures, but those already affected too. Here you find the following cool features:

  •   Hack cleanup
  •   Blacklist warning Removal
  •   SEO spam repair

5. Pricing

Sucuri have expanded their feature set to accommodate all website owners. By providing 4 unique plans, they have a package that is suitable for all types of web users. We’ll break it down for you.

  •   Platform - This plan has a 3-tier pricing plan that is ideal for bloggers for a minimum of $199.99
  •   Agency Solutions - Web professionals with up to 1000 client base can take this plan up. It offers discounts for those who handle many clients and have no time to handle security matters.
  •   Firewall - If you are budget conscious, then this plan is for you. It also has a 3-tier pricing plan with a basic minimum of $9.99
  •   Custom Enterprise Solutions - Large organizations require a dedicated support system and the company offers this plan that features round the clock security support, all day, all year.

What more do they offer?

6. Backup

For an extra $5 a month, you can get your preferred back up schedule automated and securely stored in the cloud.

7. Enjoy Better Page Performance

Everyone appreciates a fast-loading website, and to be assured of the same you know you won't need to top up your cup of coffee while a page loads.

In fact, if your pages take more than 3 seconds to load, you might have already lost your potential customer.

Here’s something we think you’ll like; this feature doesn’t require you to install it. With a simple DNS change, their CDN is activated which instantly boost the loading time of your pages - making them load faster. 

Incidentally, if you're looking to set up a CDN, mostly for performance reasons, you may want to have a look at this article on CollectiveRay: https://www.collectiveray.com/wp/tips/free-cdn-wordpress.

Setting up Sucuri

How to set up using the WordPress plugin

To install the security plugin, simply log on to the administration of your WordPress, select plugins, click to add new then search for Sucuri Security and install it. Once in, proceed you can navigate easily to the plugins dashboard and choose your plan. You’ll immediately start receiving alerts about relevant activity affecting your site.

Setting up the WordPress plugin

Setting up the Cloud-based Service

Setting up the cloud-service is not as easy as installing a plugin, but it's not too complicated either. You'll need to tweak the DNS settings of your domain to point them to the DNS provided by the security provider. These will then pass all traffic to them, so that it can be fully filtered and secured before being forwarded to your own website. 

Of course, any malicious traffic or attacks, or attempts at hacking your site are killed off at their servers.

Change dns records


 Sucuri prides itself on being a reputable brand. This itself offers a brand assurance of quality security protection.
 There is a tailor-made plan for every user. This will this save you time and spare you from taking in features you really don’t need (and paying extra for stuff you don't need).
 The Sucuri service does not slow down your website. In fact, one of its features is that it actually improves performance with a little DNS change - due to the fact that the service is also a Content Delivery Network.
 Sucuri offers a stronger defense to threats that local security plugins. We particularly like that it defends against zero-day threats - this is a real game-changer because this is where and when protection is needed the most.

Check out Sucuri now


What do others think of them?

We've picked up a few testimonials from customers who are truly happy with this service. Syed Balkhi, founder of WPBeginner.com (one of the largest and most visited WordPress related websites) says about moving to Sucuri. WPBeginner serves about 300,000 user (on average) and has more than 9 million page views per month!

Syed Balki - Sucuri testimonial

 "Our server load has come down on WPBeginner - insanely! Security is a big thing and is the primary reason we use Sucuri, but the added benefit is the speed aspect - because everything goes through the WAF and it’s that much faster."

"For me, the biggest advantage of using Sucuri is that I don’t have to get a server admin anymore. I don’t need a 5th admin, because before, the 5th admin’s job was to monitor the server and recognize and mitigate any attacks. I had a 5th admin, part-time and I was paying $2,500/month to keep him on retainer."

Try Sucuri Security for WordPress

 Here's another Sucuri testimonial from the founder of hostingpill.com:


"With Sucuri, I have peace of mind that the website is being monitored 24/7 and we will be alerted if something goes wrong. 

Page load time is a huge factor of online experience. If you decide to use the Sucuri CDN service, you can expect increased customer satisfaction rates, more page views, increased conversion rate and decreased bounce rate."


hostingpill sucuri testimonial




So, who wins the challenge between Sitelock and Sucuri?

We have tried to be as fair as we can in our review. However, it is not our intention to bombard you with too much information but to help you make an informed decision when you finally get down to secure your website.

You will probably with us that both the SiteLock and Sucuri are excellent security plugins for the very reason that they are constantly updated to ensure round the clock protection.

And any website security service is always better than having none at all.

Both have managed to build excellent relationships with their users through their quick response to queries and concerns.

If we had to take a gut feel decision, the number of overall negative reviews of Sitelock pushes us towards Sucuri.

It is for this primary reason that we give the win to Sucuri. By offering its users a large team of readily available security experts, we owe it to them to recognize and appreciate that they are not only a big brand; they are also true to their purpose.

Sucuri has strategically managed to meet the needs of their users located all over the world for assurance of better assistance.

Between the two, Sucuri leads in term of threat detection, protection against malware and overall customer satisfaction. They have more sophisticated and stronger features that actually deliver their promise, unlike SiteLock’s claims to do more, but maintains a low satisfaction rate.

So, if you are looking to get a plugin for your business website or individual use, we recommend Sucuri as the most ideal to ensure you have a fast and prolific site.

Summary of Sitelock vs Sucuri

Understanding the benefits of these two powerful plugins clearly lays out the danger you could be saving your site from, or jumping into depending on what plugin you now swear by.

We have shortened the chase for you and presumably rescued you from the dilemma that had you all over the place in confusion. Following this review, you have our go-ahead to download your Sucuri security plugin, and buy your preferred plan.

And when you finally do, ensure your plan selection seamlessly caters for all your needs and meets our key factors. Finally, now that you are fully aware of it, get yourself protected immediately. You can then sit back, and enjoy working on your website knowing you have earned the peace of working on a secure platform.

Check out Sucuri now   Visit Sitelock now


One more thing... Did you know that people who share useful stuff like this post look AWESOME too? ;-)
Please leave a useful comment with your thoughts, then share this on your Facebook group(s) who would find this useful and let's reap the benefits together. Thank you for sharing and being nice!

Featured On

Inc Magazine Logo  

Sitepoint logo  

CSS Tricks logo   

webdesignerdepot logo   WPMU DEV logo   

and many more!


Get Started Now With ShutterstockShutterstock

Best Rated Caching Plugin

Make your website faster 

Monstrous B-Day Party

CLICK HERE for discounts!

Monstrous bday party

How to make your website FAST!

Step-by-step - free email course, how to make your website load in less than 1 second 


The Outstanding HungryJPEG Bundles

AWESOMENESS! Bundles of premium font + graphic packs at more than 96% OFF!  Get a bundle for just $9 - ONLY!

The Hungry JPEG Awesome font bundles


Work with CollectiveRay.com

CollectiveRay (formerly known as DART Creations) is interested in developing partnerships with mutual benefit. If you like the stuff we publish and would like to develop a relationship, we'd be happy to hear from you. Go on - drop us a line - we'd love to hear from you :-)


Disclosure: CollectiveRay is funded personally out of pure passion for helping people working with websites. We do however generate some income through recommendations of products. This means if you click on a link and purchase an item we link to, we will receive a small sum out of that sale. We usually partner with vendors to make your purchase cheaper than buying direct.


InMotion Hosting CollectiveRay Deal

who are we?

CollectiveRay is run by David Attard - working in and around the web design niche for more than 12 years, we provide actionable tips for people who work with and on websites. We also run DronesBuy.net - a website for drone hobbyists.

David attard

Follow us on Social

Follow us on Facebook   Subscribe to our RSS Feed   Follow us on Twitter


Where are we hosted?

This site is proudly powered by FAST VPS InMotion Servers and given an insane speed thanks to StackPath CDN!

Web Hosting stackpath