WordPress Security
Posted By Gregory

Cloudflare and WP Cerber

How to make them play nice together on your WordPress


If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together.

  1. Enable My site is behind a reverse proxy on the Main Settings page.
  2. If you have configured the Custom login URL, you have to exclude it from caching by Cloudflare’s servers. Do that by adding a rule on the Page Rules settings page in your Cloudflare account settings as described here: https://support.cloudflare.com/hc/en-us/articles/200172316-How-do-I-exclude-a-specific-URL-from-CloudFlare-s-caching-

Integration with the Cloudflare firewall

Consider using an optional Cloudflare add-on to synchronize locked out malicious IP addresses and access-lists entries with the Cloudflare cloud-based firewall.

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.

Spotted a bug or glitch?

We’d love to fix it! Share your bug discoveries with us here: Bug Report.


I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.

View Comments

Leave a Reply to Joseph
Cancel Reply