The WP Cerber
Professional grade WordPress security plugin. Protects from brute force attacks by limiting the number of login attempts through the login form, XML-RPC / REST API requests or using auth cookies. Restricts access with the Black IP Access List and the White IP Access List. Tracks user and intruder activity with powerful notifications.
Pack of useful and five star rated features you’ll love
- Limit login attempts protecting WordPress against brute force attacks
- Permit or restrict access by White IP Access List and Black IP Access List
- Stop spammers and bots: reCAPTCHA for WordPress and WooCommerce forms
- Rename wp-login.php and hide dashboard /wp-admin/
- Make hidden Custom login URL
- Stop user enumeration
- Restrict access to the REST API and XML-RPC with the IP Access Lists
- Hardening: disable XML-RPC, WP REST API and feeds any kind
- Support fail2ban for advanced mitigating botnet attacks
See full list of security features
WP Cerber is an always-improving security plugin that gains new features every month. The author with his world-class engineering experience constantly iterates upon every part of plugin’s security algorithms making the plugin smarter and more reliable with every new release. Subscribe to Cerber’s newsletter to get early access to the latest technologies.
New features Instant mobile and browser notifications with Pushbullet. Get notified instantly via push notifications when an important event happens on your WordPress. Read more how to set up. Ability to choose a 404 page template. The plugin will try to use the 404 template from the active theme, and this is a default behavior [...]
WP Cerber allows you to easily enable desktop and mobile notifications and get all those notifications from your WordPress instantly and for free. In a desktop browser, you will get popup messages even if you logged out of your WordPress. Last posts from WordPress security blog WP Cerber 4.5 03/22/2017 Instant mobile and [...]
Two-Factor Authentication plugins for WordPress allow you to use a mobile phone to verify yourself before you get inside.
This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters [...]
How does WP Cerber protect websites?
By default, WordPress allows unlimited login attempts through the login form, XML-RPC or by sending special cookies. This allows passwords to be cracked with relative ease via brute force attack.
WP Cerber blocks intruders by IP or subnet from making further attempts after a specified limit on retries is reached, making brute force attacks or distributed brute force attacks from botnets impossible.
You will be able to create a Black IP Access List or White IP Access List to block or allow logins from a particular IP address, subnet or range.
Moreover, you can create your custom login page and forget about automatic attacks to the default wp-login.php, which require constant attention and consumes significant server resources. If an attacker tries to access wp-login.php they will get a 404 Error response and, optionally, will be locked out for a configured period of time.
WP Cerber tracks time, IP addresses and usernames for successful and failed login attempts, logins, logouts, password changes, blocked IPs and actions taken by itself.
You can hide WordPress dashboard (/wp-admin/) when a user isn’t logged in. If the user isn’t logged in and they attempt to access the dashboard by requesting /wp-admin/, WP Cerber will return a 404 Error.
Massive botnet brute force attack? That’s no longer a problem. WP Cerber automatically activates Citadel mode after several unsuccessful login attempts and prevent your site from making further attempts to break in with any username.
What does “Cerber” mean?
Cerber is derived from the name Cerberus. In Greek and Roman mythology, Cerberus is a multi-headed dog with a serpent’s tail, a mane of snakes, and a lion’s claws. Nobody can bypass this angry dog. Now you can order WP Cerber to guard the entrance to your site too.See people reviews from around the world Download plugin from WordPress.org
Last posts from WordPress security blog
- WP Cerber 4.5 03/22/2017
- Instant mobile and browser notifications with Pushbullet 03/20/2017
- Best WordPress Plugins for Two-Factor Authentication 03/15/2017
- WordPress 4.7.3 – six security issues has been fixed 03/06/2017
- WordPress notifications made easy 03/01/2017