Xavier Gimeno Torrent on "[Plugin: Sucuri Security - Auditing, Malware Scanner and Security Hardening] Generate API Key & Storage is not writable messages"

@monickels not sure if it was a typo but in your comment you said "It does not have 755 permissions", if that is true then you are saying that the directory can't be used by the plugin to write the settings. Generally 0x755 is enough, but in some servers it requires 0x775 or even 0x777 but all this depends on the default configuration of your hosting provider.

@xaviergimeno the message "A total of 2 alert events were changed" is part a bug and part expected behavior. Right now the plugin is not checking if it was able to write the new settings before it displays that message, I just fixed this here [1] feel free to install the development version of the plugin or wait until the changes are publicly release with a new version.

For the time being, you can check if the plugin can actually use the directory and file mentioned above executing the code that you can store in the root of your site. Make sure to delete this file after you run the test:

<?php
$dir = 'wp-content/uploads/sucuri';
$file = $dir . '/sucuri-settings.php';
header('Content-Type: text/plain');
printf("Dir %s writablen", (is_writable($dir) ? 'is' : 'is not'));
printf("File %s writablen", (is_writable($dir) ? 'is' : 'is not'));

[1] https://github.com/Sucuri/sucuri-wordpress-plugin/pull/18/commits/f9fab29
[2] https://github.com/cixtor/sucuri-wordpress-plugin/archive/master.zip