Sucuri Docs > Plugins > Plugin Email Alerts

Plugin Email Alerts

The Event Monitor is an important feature of the Sucuri WordPress plugin. The Event Monitor is a tool that logs many of the actions triggered by WordPress. Logged events include the following:

  • User successfully authenticates
  • User fails to authenticate
  • File is uploaded
  • Post or page is created
  • Post or page is published
  • Widget is activated
  • Plugin is installed
  • Theme is changed
  • Settings are modified

The complete list of events is extensive. You can read more in the official WordPress documentation for Hooks, Filters and Actions.

The Sucuri plugin does not monitor every event triggered by WordPress, only the ones that we consider relevant for security. Additionally, we monitor global setting changes and core WordPress updates.

Disable Email Alerts

You may find that the plugin is too sensitive to some of your site’s regular events like user authentications or post/page publications.

The plugin provides a good method to understand the background WordPress tasks. If you find you are receiving too many alerts, you can modify the settings.

Settings -> Alerts -> Alert Events.

Alert Events

Deselect the alerts you do not want to receive.

Even if you disable the email alerts, the plugin will keep monitoring the events triggered by WordPress and the information will be sent to our API service which powers the “Audit Logs” panel located in the plugin’s dashboard page.

Change Email Recipient

When you create the API Key, the admins email address is automatically used for sending out notifications. If you would like to change the recipient:

  1. Go to Sucuri Settings -> Alerts -> Alert Events

    Alert Settings

  2. Paste the email address in the text box

  3. Click **Add Recipient**

    Email Recipient

Failed Login Alerts

If you are getting a lot of *Failed Logins* emails, you are probably under a Password Guessing Attack. You can either disable the alerts for failed logins or install a firewall.

Our Web Application Firewall, or WAF, can protect you against Brute Force Attacks, DDoS Attacks and many other forms of attacks. Learn more here.

The plugin considers your website under a Password Guessing Attack after it detects more than thirty failed login attempts within the same hour.

You can increase this default number by doing the following:

  1. Go to Sucuri Settings -> Alerts -> Password Guessing Brute Force Attacks
  2. Click on the drop-down menu next to **Consider Brute-Force Attack After**
  3. Select the number of Failed Login Attempts you would like to be considered as an attack.

    Brute Force

It is recommended to disable the email alerts for failed logins and enable the alerts for brute force attacks. This will force the plugin to collect all of the failures per hour and send a single email notification.

You can also install our firewall, which is recommended to secure your site from malicious attacks!

Was this article helpful?