What people are saying
Why are people enjoy it? Because the plugin is continuously developing by the author with more than 15 years of experience in implementing security solutions. Check out how the rated five star plugin protects WordPress around the world.
This has to be by far one of the best security plugins for WordPress. A simple and easy to use system to block users trying to gain access to your site. Many other security plugins have too many options and require too much configuration which end up breaking things. As soon as we activated this plugin it stated working. I love the simplicity of this plugin and if you are configuring your sites properly then you dont need all the features which are in plugins like Wordfence so I would highly recommend this for any developers.
My company has been configuring this plugin on all our client sites for the past 5 months, and it’s been a real gem in our security toolbox. Today, I had a personal site mustering through a sudden brute-force attack, which I was able to stop immediately in its tracks by creating a custom login URL via this plugin.
After using the tools I now see how often dubious persons want to log on to my website in the administration. Last night it was destined within three hours more than 20 attempts. Beautiful is here that one sees the name of the user with which he wants to login. I gladly send my best regards from Germany, keep it up.
This is the best plugin I have used to mitigate bruteforce attacks.
It returns 403 error codes for admin login failures, xmlrpc login failures and 404 code for non used wp-login. This is exactly what is needed to detect and block attacking IPs when used in conjunction with the server application fail2ban and configserver firewall.
For those without fail2ban and cfs the plugin has a web application firewall to block attacking IPs for each wp installation separately.
After installing this plugin two other plugins became redundant…
– Disable XMLRPC (I only used this because xmlrpc was vulnerable to bruteforce attack)
– WPS Hide login (wp-cerber also does this)
I just can’t say enough good things about this plug in, I was being hit heavy with brute force attacks and while I have other security in place it was bogging down my site. The support was fast, efficient and thorough, just an awesome security plugin and author.
What makes this plugin really cool for those like me is the being to control your black and white list. It compliment’s Sucuri Security plugin beautifully. I also have Simple Security Firewall, the 3 work in perfect concert.
Meets all my needs: custom login URL, blocking wp-login.php and ?author=n, prohibited usernames, login/logout/attempts/blocking informative log, black and white lists. It’s not overwhelmed with a lot of obscure option checkboxes, but allows to customize all you need. It just has as many settings as it gets, no more no less. All features are well thought out. All my bots are now blocked immediately without numerous attempts. Attacks even became less frequent since I installed WP Cerber, not sure why :). I replaced 3 other plugins with this one. It’s easily configurable and works just well for me.
Whenever you try to build a serious website for say e-commerce, you’re soon spending money so to have plugins as good as this to protect your site for free is a major bonus. Love this plugin and it does exactly what you need it to do. Thank you, Gioni, very much appreciated.
This is the best login attempt plugin out there. It has many features that only premium plugins have. It is very flexible and easy to use. There is virtually nothing to configure out of the box, you can just enable it and you’re going….but if you do want to get into the fine details, there are many options and configurations that allow you to get it working just like you want it to. Thank you for providing this to the community!
torralaqFollow Cerber’s page on Facebook See more reviews from WordPress.org users
Last posts from WordPress security blog
- Brute-force, DoS, and DDoS attacks – what’s the difference? 04/10/2017
- WP Cerber 4.5 03/22/2017
- Instant mobile and browser notifications with Pushbullet 03/20/2017
- Best WordPress Plugins for Two-Factor Authentication 03/15/2017
- WordPress 4.7.3 – six security issues has been fixed 03/06/2017
Let's make things clear with these intruder activities that happens every day with any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?
WP Cerber allows you to easily enable desktop and mobile notifications and get all those notifications from your WordPress instantly and for free. In a desktop browser, you will get popup messages even if you logged out of your WordPress. Last posts from WordPress security blog Brute-force, DoS, and DDoS attacks – [...]