WP Cerber Security & Antispam
Professional grade WordPress security and anti-spam plugin. Protects website against brute force attacks. Block harmful requests. Restricts access with a Black IP Access List and a White IP Access List. Tracks user and intruder activity with powerful email and mobile notifications.
Pack of useful and five star rated features you’ll love
- Limit login attempts to protect WordPress against brute force attacks
- Traffic Inspector screens all suspicious requests and blocks them if they can harm a website.
- Malware scanner & integrity checker.
- Anti-spam and anti-bot engine for comment, contact and registration forms
- Restrict access with White IP Access List and Black IP Access List
- Stop spammers and bots: reCAPTCHA for WordPress and WooCommerce forms
- Rename wp-login.php and hide dashboard /wp-admin/
- Make hidden Custom login URL
- Stop user enumeration
- Restrict access to the REST API and XML-RPC
- Hardening WordPress: disable XML-RPC, WP REST API and feeds any kind
- The plugin supports fail2ban for advanced mitigating botnet attacks
See the full list of security features
Constantly improving security solution
WP Cerber is an always-improving WordPress security plugin which gains new features and improvements every single week. The author with his world-class engineering experience constantly iterates upon every part of plugin’s security algorithms making the plugin smarter and more reliable with every new release. Subscribe to Cerber’s newsletter to get early access to the latest technologies.
How does WP Cerber Security protect websites?
By default, WordPress allows unlimited login attempts through the login form, XML-RPC or by sending special cookies. This allows passwords to be cracked with relative ease via a brute-force attack.
The plugin blocks intruders by IP or subnet from making further attempts after a specified limit on retries is reached, making brute force attacks or distributed brute force attacks from botnets impossible.
With the plugin, you can create a Black IP Access List and White IP Access List to restrict logins from a particular IP address, subnet or IP range.
Moreover, you can create your Custom login page and forget about automatic attacks, which require constant attention and consumes significant server resources. If an attacker tries to access wp-login.php they get a 404 Error response and, optionally, are locked out for a configured period of time.
WP Cerber Security tracks time, IP addresses and usernames for successful and failed login attempts, logins, logouts, password changes, blocked IPs and actions taken by itself.
You can hide WordPress dashboard (/wp-admin/) when a user isn’t logged in. If the user isn’t logged in and they attempt to access the dashboard by requesting /wp-admin/, the plugin returns a 404 Error page.
A massive botnet brute force attack like CVE-2018-6389? That’s no longer a problem. The plugin automatically activates Citadel mode after several unsuccessful login attempts and prevent your site from making further attempts to break into with any username.
What does “Cerber” mean?
Cerber is derived from the name Cerberus. In Greek and Roman mythology, Cerberus is a multi-headed dog with a serpent’s tail, a mane of snakes, and a lion’s claws. Nobody can bypass this angry dog. Now you can order WP Cerber to guard the entrance to your site too.See people reviews from around the world Download plugin from WordPress.org