Posted By Gregory

Configuring exceptions for the antispam engine

Usually, you need to specify an exception if you use a plugin or some technology that communicates with your website by submitting forms or sending POST requests programmatically. In this case, Cerber can block these legitimate requests because it recognizes them as generated by bots. This may lead to multiple false positives which you can see on the Activity tab. These entries are marked as Spam form submission denied.

How to exclude specific requests from inspection

To exclude specific requests from inspection by Cerber, you need to specify a query string (a request URI) that is used for sending POST requests to your website. This string must not include the hostname or the website domain. The Cerber antispam engine looks for the specified string in an HTTP request URI and if a request URI contains specified above string, the antispam engine doesn’t inspect the request.

To exclude specific HTTP requests from inspection go to the Antispam admin page and enter some unique part of requests string (query path) to the Query whitelist setting. You need to use some part that uniquely identifies all requests you want to exclude.

Query whitelist supports regular expressions, one pattern per line. To specify a REGEX pattern, enclose a whole line in two { } braces. For instance to exclude requests to the file-upload.php script with a single numerical GET parameter user_id add this string:


Note: to specify the slash / character in a REGEX expression, you need to escape it with backslash \ this way: \/

WordPress anti-spam settings

WordPress anti-spam settings

See also: How to stop spam user registrations on your WordPress

Last posts from WordPress security blog

I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments
There are currently no comments.