WP Cerber is 100% free and open source security plugin. It is available for download from the wordpress.org plugin repository. The plugin works out of the box and will start protecting your WordPress immediately after activation.
You can easily install the plugin from the WordPress dashboard. Just follow these steps.
- Log in to the WordPress dashboard of your site.
- Go to Plugins > Add New.
- Type Cerber in the Search Plugins box and press Enter.
- Find a tile with a Cerber dog and click the Install Now button on that tile.
- On the next page click Activate Plugin link.
- Done! WP Cerber is now active and has started protecting your site.
- After you have activated the plugin it’s recommended to customize the set of security settings. Please check the Main Settings tab, the Hardening tab and make a list of prohibited logins (usernames).
- If your website is under Cloudflare service you need to customize settings: Cloudflare and WP Cerber.
- Set up a notification email address and make sure that you receive notification letters from the plugin. This vital setting will help out your in some cases.
- If you want to reinforce your protection I do recommend read this how-to: Turn your WordPress into Fort Knox.
- If you use some caching plugin like W3 Total Cache or WP Super Cache, you need to exclude your Custom login URL from being cached by these plugins.
- If you use the Jetpack plugin or another plugin that needs to connect to wordpress.com, you need to unlock XML-RPC. To do that go to the Hardening tab, uncheck Disable XML-RPC, and click the Save changes button.
To install plugin manually via FTP
- Download the latest version of the plugin in a ZIP archive from WordPress repository.
- Extract files from the archive.
- Upload the WP Cerber folder to the plugins directory in your WordPress installation by using FTP or any file manager in your hosting control panel.
- Activate the WP Cerber through the WordPress admin interface (Plugins page).
Let's make things clear with these intruder activities that happens every day with any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?