Configuring exceptions for the anti-spam engine

Usually, you need to configure anti-spam exceptions if you use a technology that communicates with your website by submitting forms or sending POST requests programmatically. In such cases, the Cerber’s anti-spam engine can block legitimate requests because it recognizes them as generated by bots. This leads to false positives, which you can see on the Activity tab. Such log entries are marked as Spam form submission denied.

How to exclude requests from inspection

To exclude specific POST requests (form submissions) from inspection, go to the Anti-spam admin page and enter a unique part of a request URI into the Query whitelist setting field. Here are a couple of examples.

Exception #1 Permits any requests with the Request URI that starts with the specified string e.g. /ps/wc-ajax=whatever_till_the_end

Exception #2 Permits any requests if the Request URI matches the specified REGEX pattern e.g. /file-upload.php?user_id=23432

Anti-spam for WordPress exceptions

Anti-spam for WordPress – configuring exceptions

How to identify the Request URI

Go to the Live Traffic admin page. Find a legitimate request you need to whitelist and take its Request URI from the Request column. If your Request URI contains dynamic GET parameters like on the screenshot below, you may need to use REGEX.

Request URIs on the Live Traffic page in the WordPress dashboard

Request URI on the Live Traffic page in the WordPress dashboard

Regular expressions

Query whitelist supports regular expressions, one pattern per line. To specify a REGEX pattern, enclose a whole line in two { } braces. For instance, to exclude requests to a file-upload.php script with a numerical GET parameter user_id containing a number, add this string:


Note: to specify the slash / character in a REGEX expression, you need to escape it with backslash \ this way: \/

WordPress anti-spam settings

WordPress anti-spam settings

See also: How to stop spam user registrations on your WordPress

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered here: G2.COM/WPCerber.

I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.

View Comments
There are currently no comments.