Posted By admin


Armed with state of the art security features the plugin effectively defend WordPress against hackers attacks

  • Limit login attempts when logging in by IP address or subnet Class C
  • Monitors logins made by login forms, XML-RPC, REST API requests or auth cookies
  • Permit or restrict logins by White IP Access list and Black IP Access List by IP address, IP range or subnet
  • Automatically detects bots, robots and hackers with a set of traps
  • Log all activities related to the logging in and logging out process
  • Antispam: reCAPTCHA for WordPress and WooCommerce forms
  • Hide wp-login.php from possible attacks and return 404 HTTP Error
  • Hide wp-admin (dashboard) and return 404 HTTP Error when a user isn’t logged in
  • Make Custom login URL for logging in (rename wp-login.php)
  • Immediately block IP or subnet when attempting to log in with non-existent username
  • Disable automatic redirecting to the login page
  • Disable WordPress REST API
  • Disable XML-RPC: block access to the XML-RPC server including Pingbacks and Trackbacks
  • Disable feeds (block access to the RSS, Atom and RDF feeds)
  • Restrict access to the XML-RPC, REST API feeds by White Access list by IP address, IP range or subnet
  • Stop user enumeration (block access to the pages like /?author=n)
  • Proactively block IP subnet class C for a suspicious IP address
  • Citadel mode for massive brute force attack
  • Play nice with fail2ban: write failed attempts to the syslog or custom log file
  • View and filter out activity list by IP, username or particular event
  • Extra WHOIS information for IP: country, abuse contacts, network owner and much more
  • Handles site/server behind reverse proxy
  • Configurable email notifications with rate limiting
Do you have an idea for a cool new feature you would love to see in WP Cerber? Feel free to submit your idea here: New Feature Request
Download plugin from

P.S. Initially the plugin was created as a better alternative to Limit Login Attempts plugin.