I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.
Cloudflare and WP Cerber
If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Check My site is behind a reverse proxy in the main WP Cerber Security plugin settings. If you have set Custom login URL, you have to exclude it from CloudFlare’s [...]
Notifications on WordPress user logs in
It can be easily done by having the jetFlow.io plugin installed and using a tiny workflow. Security Blog Two-Factor Authentication for WordPress WordPress Security How To Restrict access to WordPress REST API Security Blog Get WordPress protected: rename the plugins folder Security Blog Cerber Security Scanner Settings
A better way to automate WordPress
I am pleased to announce an absolutely new automation plugin that has recently arrived. The jetFlow plugin is an automation tool that brings power of workflows to your WordPress powered site. This new plugin allows you to automate almost any task or business process without coding knowledge. Furthermore, you can fine tune any aspect of [...]
WP Cerber 2.9
What is new? Added ability to check and block prohibited usernames (logins). You can specify list of usernames (logins) on a new settings tab called Users. The plugin will immediately block any attempt to log in and will lock out any IP address have tried to use those logins. It’s recommended to have at least following [...]
WP Cerber 2.7.2
Small issues in the plugin were fixed Fixed bug for non-English WordPress configuration: the plugin is unable to block IP in some server environment. If you have configured language other than English you have to install this release. Fixed two small bugs related to 1) unable to remove IP subnet from the Access Lists and 2) getting IP [...]
Turn your WordPress into Fort Knox
This article assumes that we want to get a bulletproof protected website powered by WordPress. It’s not necessarily to do all the following steps word for word and point by point exactly as described. But I do recommend that if you want to create your own Fort Knox. Security Blog Get WordPress protected: rename the [...]
Limit login attempts without a plugin?
You can find plenty of comments and advice on that on the Internet. But is it real? WordPress Security How To Restrict access to WordPress REST API Security Blog Two-Factor Authentication for WordPress Security Blog How to protect WordPress effectively: a must-do list Security Blog Get WordPress protected: rename the plugins [...]
WP Cerber 2.7
What’s new in the most powerful and flexible solution to mitigate brute force attacks and hardening WordPress New: Now you can easily view extra WHOIS information for IP addresses in the activity log including country, network info, abuse contact, etc. New: Added ability to disable WordPress REST API, see Hardening WordPress New: [...]
Hardening WordPress with WP Cerber
All suggested settings are highly recommended for most websites on the Internet. If you need, for some reason, these functions are being accessible from a particular computer or an IP network you can easily add them to the White IP Access List. Disable REST API The plugin restricts access to the WordPress REST API. The ability [...]
Know more about intruder’s IP
To enable retrieving, check option: Drill down IP. To view the information click on a particular IP address on the Activity tab. Technical details To get extra information like country, company, network info and abuse contact WP Cerber uses requests to a limited set of external WHOIS servers which are maintained by appropriate [...]
WP Cerber 2.0.1.6
What’s new in the best plugin to mitigate brute force attacks and hardening WordPress Important Note: This release brings a lot of changes to the code – let me know if something goes wrong via support form. You can roll back to the last stable version here: Downloads. New: Added Reason column on the Lockouts screen which will [...]
Plugin Inspector
Want to know more about plugins you have installed on your blog? The Plugin Inspector plugin is an easy way to check plugins installed on your WordPress and make sure that plugins do not use deprecated WordPress functions and some unsafe functions like eval, base64_decode, system, exec, etc. Some of those functions may be used [...]
WP Cerber 1.8 with full support fail2ban
What’s new in the best plugin to mitigate brute force attacks and hardening WordPress New! added Hostname column for the User Activity and Lockouts tabs. New! added ability to write all failed login attempts to the specified file or to the syslog file. Use it to protect site with fail2ban. Note: you need root access to the server to [...]
How to protect WordPress with Fail2Ban
By using WP Cerber Security and Fail2Ban together you can reinforce protection at the most effective level. That allows you to protect a WordPress from brute-force and DoS attacks at the OS level with iptables. Read more about attacks: Brute-force, DoS, and DDoS attacks – what’s the difference? Note: you have to have the root [...]
WP Cerber 1.7 with admin interface improvements
Added ability to remove old records from the user activity log automatically. Check out Keep records for field on the settings page. This setting determines how many days’ WP Cerber will keep log records. Log will be cleaned up automatically on a schedule. Added pagination for the User Activity and the Lockouts screens. Added ability to [...]