This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick [...]
Yes, you heard it right. Subscriptions to events work like a subscription to a newsletter or following someone on Facebook. Once you have subscribed to a specific activity you will get a notification letter by email and a push notification with each event. You can create as many subscriptions as you need. You can easily [...]
What’s new Do you want to keep eye on specific activity on your website? I have good news for you! Track them like a PRO. Use powerful subscriptions to get email notifications according to filters for events you have set. Filter out activities that you are interested to monitor and then click Subscribe. Done. Read more. [...]
If you ever receive a letter any kind that requests to create, download or install some PHP code on your website you must ignore it.
New New setting Date format field allows you to specify a desirable format for displaying dates and time. To specify a format use special characters from the list: Recognizable characters in the Date format setting Updates Updated code for ‘registration_errors’ filter to handle errors right way. The French translation has been updated. [...]
The plugin has a special setting – Date format. It allows you to specify what format to use to display dates and time on admin pages: Activity log, Traffic Inspector and in notification emails. The setting is located in the Preferences section on the Main settings admin page. If the Date format setting field is empty, the date and [...]
Do you have a WordPress powered website? Congratulations! You offer a great tool for hackers. It’s called WordPress REST API and it is enabled by default. REST API is a technology that allows performing almost any action or administrative tasks on a website remotely. The WP REST API is enabled by default starting [...]
New features reCAPTCHA for WooCommerce forms. How to set up reCAPTCHA. IP Access Lists has got support for IP networks in three forms: ability to restrict access with IPv4 ranges, IPv4 CIDR notation and IPv4 subnets: A,B,C has been added. Read more: Access Lists for WordPress. Cerber can automatically detect an IP network of an intruder [...]
Time to update! According to reports WordPress 4.7 and earlier are affected by eight security issues and now they are fixed Security Blog Cloudflare add-on for WP Cerber Security Blog WordPress 5.4.1. A security update fixes seven XSS vulnerabilities Security Blog Two-Factor Authentication for WordPress Help What is RID and how to use it
Welcome a new version with reCAPTCHA and WordPress hooks that allow you to fine tune Cerber better Now you can use Google reCAPTCHA to protect WordPress registration form from spam registrations. Also reCAPTCHA available for lost password and login forms. How to setup reCAPTCHA. The registration process, WordPress registration [...]
A list of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin). Filters cerber_msg_reached Applied to the message that is displayed for a user if the user has reached the limit to the number of login attempts. The [...]
As you already know, there is a small but powerful feature called a list of prohibited logins/usernames. This is a comma-separated list of usernames you do not want to be used on your website in any circumstances. That’s it? Nope, there is no “just in case” features in the WP Cerber Security plugin. But how [...]
An IP Access List (commonly referred to as ACL) enables you to restricts access to the WordPress admin dashboard, vital WordPress features, protect login and registration forms from accessing by unwanted computers and bots. WP Cerber supports two types of access lists: White IP Access List and Black IP Access List. Both access [...]
You can create your own Custom login page (rename default wp-login.php) in no time. After you have configured the Custom login URL, the plugin will display wp-login.php page with the newly configured URL.
What is reCAPTCHA, anyway? Google’s reCAPTCHA is a human verification mechanism that created and maintained by Google as a free web service. WP Cerber supports reCAPTCHA for WooCommerce and WordPress forms as an anti-spam feature. Why does reCAPTCHA not protect WordPress from bots and brute-force attacks? It’s [...]