I used SiteGround once and I really like everything you can do within their panel but I consider it kinda expensive.
SiteGround has a security plugin that you can use even if you are not using SiteGround to host your WordPress Sites.
These are my thoughts about the SiteGround Security plugin.
Table of Contents
SG Security Review
Before you read my SiteGround Security review, understand that you can have a pretty secure site without using any security plugins.
You can read my post about securing your WordPress website without any plugins by clicking the button below
Now let’s check what the new kid on the block has to offer
SG Security: The Dashboard
I like how the design looks, it is like a bringing a little bit of SiteGround to your WordPress dashboard.
You will see some advertisement which is probably their way to attract new customers.
I like when stuff is 100% free but you have to understand that building a plugin like this requires a lot of work.
SG Security: Site Security
The Site Security Section looks pretty clean and it has clear instructions for WordPress users.
I understand what they all mean since these are security measures that I have found in other WordPress Security plugins.
I like the “Lock and Protect System Folders” and the “Advanced XSS Protection” functionalities.
SG Security: Site Login Security
The Login Security also has a pretty clean interface. There are a couple of options that you can switch on and off and some options that you have to configure.
You can limit the login access to certain IP addresses so make sure you have an static IP address so you don’t block yourself out.
If you don’t wanna do that, you can limit failed login attempts to 3 or 5, or you can create custom login URL
SG Security: Activity Log
The activity log has the option to check the traffic coming to your site, users connected and users blocked.
You can block an IP address but this is not something I recommend because it is time consuming and attackers can connect to your site using a VPN.
SG Security: Post-Hack Actions
I like the Post-Hack actions section but I wouldn’t say that you have to use it unless you have been hacked.
If you have doubts, you can reinstall all the free plugins and now you are sure that there is nothing wrong or malicious in them.
You can also force a Password reset and log out all users.
My Honest Take on SiteGround Security
I don’t think I will ever use this security plugin because it is kinda basic.
- I have implemented security at the application level and at the CDN level, so I don’t think my site will be more secure by toggling on the security features found site security section of the plugin.
- I have blocked access to my login pages and to all PHP files so I don’t really need the whole login security section.
- If you want more-detailed data, you can create a Cloudflare Firewall rule that logs more details from visitors, So I probably wouldn’t find much use for the Activity Log Feature.
- Since I have a content site, I can reinstall the four to five plugins that I use in case one of my sites get hacked and reset my passwords easily, so post-hack actions section is not something I really need
Conclusion
I really like what you can do with this plugin. It is not complicated to use therefore it is recommended for those who don’t want to learn the ins and outs of WordPress Security.
I thought that the plugin was gonna get better and better but the plugins hasn’t changed that much since the last time I checked it.
