What’s happening on the support forum
- Login attempt with a non-existent user name 06/22/2017 4:32:00 PMReplies: 0 Hi, Since Thursday 15/06/17, they have been trying with massive attacks, to connect to the administrator of my site http://www.conexionesrir.com, I have added and continue doing it, IPv4 addresses range with dash. So far, 855 connection attempts have occurred. As it is a laborious job, I wanted to know if it is possible that all these addresses that I have in the Black List of Accesses Ip, can be useful to you, to generate blockages, and prevent this same, happening to other websites. Waiting for your response. Regards, Angela Chavarri
- Multisite Cron 06/21/2017 9:44:00 PMReplies: 1 Hi, I have a large multisite and it seems that a hourly wp_cron is created for each site in the network. Every hour, when cron kicks off, all these events fire and the database gets hit hard with DELETE and OPTIMISE calls on the same CERBER_LOG_TABLE table. Is this necessary? Thanks, Conor
- Use alternative to 404 page after lockout 06/20/2017 10:58:00 AMReplies: 3 Hello, Thanks for the great plugin. Would it be possible to add in functionality to select any page to show users after they’ve been locked out (not just a 404 page)? Thanks Peter
- Notice and Warning messages in place of home page 06/19/2017 1:29:00 PMReplies: 5 I have three identical instances (cloned them using updraftPlus). One of them has a problem with Cerber by the looks of it. Instead of showing the home page i get the following two error messages displayed: Notice: Trying to get property of non-object in /var/www/html/wp-content/plugins/wp-cerber/wp-cerber.php on line 1040 Warning: Cannot modify header information – headers already sent by (output started at /var/www/html/wp-content/plugins/wp-cerber/wp-cerber.php:1040) in /var/www/html/wp-includes/pluggable.php on line 1210 When I navigate to a page directly I do see my content though. Any idea?
- Exclude page from reCaptcha? 06/17/2017 6:16:00 PMReplies: 2 Hello! I wanted to ask you if there’s any way I could exclude a page I have on the frontend, that has a login form, from having the reCaptcha. Please let me know. Thanks!
- People can still find my custom login page… (part 2) 06/16/2017 4:26:00 PMReplies: 2 Hi. I posted a question a little while ago, which seemed like it was resolved, but I’m still getting attacked from IPs belonging to Russian ISPs, constantly. Even though I’ve added a Custom login URL, disabled wp-login.php and XML-RPC, how are they’re still able to find the login and attempt to hack our site? I wish there was a way to just black list all of Russia.
- Activities are no longer recorded 06/16/2017 10:11:00 AMReplies: 1 Hello, I had to disable Cerber when I moved my page to a new URL. After that I have the plugin activated again. Most of the settings were preserved. However, the activities are no longer displayed. What can be the cause and how can I fix this? Hoping for answer and wish a good day,
- How am I getting lockouts with a custom url? 06/15/2017 3:07:00 PMReplies: 1 I use a custom login url, and I have “Block direct access to /wp-login and return a 404 page” checked. In theory, I would assume nobody should be able to be blocked for trying to login since nobody should be able to find the login url. Is there something I’m missing?
- Deleted custom login – now I can’t get into the site 06/14/2017 5:00:00 PMReplies: 3 I had configured a custom URL which was working just fine. e.g. http://www.mysite.com/ahlogin I needed to disable it to debug another plugin, so I went into main settings and removed the text “ahlogin” from the Custom login URL, and saved the setting. Then I was unable to get into my site with either http://www.mysite.com/wp-admin or http://www.mysite.com/ahlogin I had to delete the WpCerber plugin in order to get back into wp-admin. FYI – I was using V4.8.1 because I was hesitant to upgrade to 4.8.2 until I watched the boards for any new potential bugs. Suggestions on how to recover and be able to turn on/off the Custom URL without running into this problem?
- Some setup queries/observations 06/12/2017 4:28:00 PMReplies: 1 Hi, Love the plugin! I just have a couple of things which I’ve noticed and am wondering if it’s normal or whether I’ve got something misconfigured… So I disabled /wp-login.php and created a custom login page, I’m using the 404 page from my theme, but when I try and go /wp-login.php the 404 is displaying with no styling, looking at the source it’s like it’s not including any header or footer, just the middle section of the html? When I first got blocked, instead of immediately redirecting me to the 404 page, I got the login page with an empty error message on without the username/password fields which seems a bit odd? I tried logging in a few times to get myself blocked, then I removed my block and now when I go to my login page in a the same browser, with a new session, I’m immediately getting a message saying I only have one attempt remaining even though my settings allow for 3 – is this intentional? Many thanks Kevin
- PHP Fatal error 06/11/2017 1:14:00 AMReplies: 3 Hi Gioni, more errors are showing up in the error log: PHP Fatal error: Call to undefined function cerber_is_admin_page() in /home/public_html/wp-content/plugins/wp-cerber/settings.php on line 50 Thank you for your time!
- <span class="resolved" aria-label="Resolved" title="Topic is resolved."></span>Database errors 06/09/2017 7:38:00 PMReplies: 2 2 errors showed in the error log after updating cerber: [09-Jun-2017 13:14:32 UTC] WordPress database error Can't DROP 'begin_end'; check that column/key exists for query ALTER TABLE cerber_acl DROP INDEX begin_end made by require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), include_once('/plugins/wp-cerber/wp-cerber.php'), cerber_upgrade, cerber_upgrade_db [09-Jun-2017 13:14:32 UTC] WordPress database error Duplicate key name 'begin_end_tag' for query ALTER TABLE cerber_acl ADD INDEX begin_end_tag (ip_long_begin, ip_long_end, tag) made by require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), include_once('/plugins/wp-cerber/wp-cerber.php'), cerber_upgrade, cerber_upgrade_db Thank you for your time!
- <span class="resolved" aria-label="Resolved" title="Topic is resolved."></span>Contact Form 7 sudedenly incompatible 06/09/2017 11:31:00 AMReplies: 5 This morning, contact form7 plugin stopped working. the submit button leads into an endless ‘please wait’ animation. after disabling the cerber plugin, it works again. any idea?
- <span class="resolved" aria-label="Resolved" title="Topic is resolved."></span>Ban all IPs (of the world) but leave mine whitelisted? 06/09/2017 10:02:00 AMReplies: 5 Hi! Thanks for your plugin! I would like to restrict my website for the entire world and give access only to certain IPs. Would it be possible to do that with your plugin? If so, can you please tell me how? Thank you so much!!!!
- <span class="resolved" aria-label="Resolved" title="Topic is resolved."></span>Bug. 404 on admin.js 06/09/2017 12:18:00 AMReplies: 1 On page load of all views/pages within WP Admin a 404 is returned for the request to /wp-content/plugins/wp-cerber/assets/admin.js?ver=4.8.1 This file is enqueued on line 1440 of dashboard.php The file does not exist in the plugin. Thanks for plugin.
Last posts from WordPress security blog
- How to fix errors with database tables 06/16/2017
- WP Cerber 4.8.2 06/08/2017
- WP Cerber 4.8 05/29/2017
- WP Cerber 4.7.7 04/28/2017
- Brute-force, DoS, and DDoS attacks – what’s the difference? 04/10/2017
Let's make things clear with these intruder activities that happens every day with any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?
WP Cerber allows you to easily enable desktop and mobile notifications and get all those notifications from your WordPress instantly and for free. In a desktop browser, you will get popup messages even if you logged out of your WordPress. Last posts from WordPress security blog How to fix errors with database tables 06/16/2017 [...]
I’m a self-employed developer who builds software products and services using WordPress for more that seven years. I enjoy partnering with others for interesting and challenging projects. If you’re interested in, feel free to contact me.