Security Blog

WP Cerber Hooks

List of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin). Filters cerber_msg_reached Applied to the message for a user if they reached the limit on login attempts. First argument is the mesage. The second argument [...]






How to

How to set up reCAPTCHA

What is reCAPTCHA and how does it work? reCAPTCHA is a human verification mechanism which created and maintained by Google as a free anti-spam service. When you enable reCAPTCHA for a form on your website, a couple of JavaScript scripts will be loaded from Google’s servers every time a web page with the form is being [...]


Security Blog

Cloudflare and WP Cerber

If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Check My site is behind a reverse proxy in the main WP Cerber Security plugin settings. Exclude the Custom login URL you have set in the WP Cerber settings from [...]




Releases

WP Cerber 2.9

What is new? Added ability to check and block prohibited usernames (logins). You can specify list of usernames (logins) on a new settings tab called Users. The plugin will immediately block any attempt to log in and will lock out any IP address have tried to use those logins. It’s recommended to have at least following [...]



Releases

WP Cerber 2.7.2

Small issues in the plugin were fixed Fixed bug for non-English WordPress configuration: the plugin is unable to block IP in some server environment. If you have configured language other than English you have to install this release. Fixed two small bugs related to 1) unable to remove IP subnet from the Access Lists and 2) getting IP [...]




Releases

WP Cerber 2.7

What’s new in the most powerful and flexible solution to mitigate brute force attacks and hardening WordPress New: Now you can easily view extra WHOIS information for IP addresses in the activity log including country, network info, abuse contact, etc. New: Added ability to disable WordPress REST API, see Hardening WordPress New: [...]