Posted By Gregory

Configuring exceptions for the anti-spam engine

Usually, you need to specify an exception if you use a plugin or some technology that communicates with your website by submitting forms or sending POST requests programmatically. In this case, Cerber can block these legitimate requests because it recognizes them as generated by bots. This may lead to multiple false positives which you can see on the Activity tab. These entries are marked as Spam form submission denied.

How to exclude specific requests from inspection

To exclude specific POST requests (form submissions) from inspection by WP Cerber, you need to specify a query path and/or query string (a request URI) that is used for sending POST requests to your website. The specified string must not include the website domain.

Request URIs on the Live Traffic page in the WordPress dashboard

Request URIs on the Live Traffic page in the WordPress dashboard

The antispam engine looks for the specified strings in the request URI and if it contains one of those strings, the antispam engine doesn’t inspect and doesn’t block the request.

To exclude specific HTTP requests from inspection, go to the Antispam admin page and enter some unique part of the request URI to the Query whitelist setting. You need to enter any part of the request URI that uniquely identifies all requests you want to exclude.

Query whitelist supports regular expressions, one pattern per line. To specify a REGEX pattern, enclose a whole line in two { } braces. For instance, to exclude requests to a file-upload.php script with a single numerical GET parameter user_id that contains a number, add this string:


Note: to specify the slash / character in a REGEX expression, you need to escape it with backslash \ this way: \/

WordPress anti-spam settings

WordPress anti-spam settings

See also: How to stop spam user registrations on your WordPress

Last posts from WordPress security blog

I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments
There are currently no comments.