Cerber Security Features
Armed with state of the art security algorithms Cerber Security effectively defends WordPress against hackers attacks and spam any kind
- Limit login attempts when logging in by IP address or subnet Class C
- Monitors logins made by login forms, XML-RPC, REST API requests or auth cookies
- Restricts access with rich GEO country rules
- Restrict access with White IP Access List and Black IP Access List by IP address, IP range or subnet
- Detects bots and hacker activity by using a set of traps
- Malware scanner & WordPress integrity checker
- Automatic cleanup of malware and suspicious files
- Manage multiple WP Cerber instances from one dashboard.
- Traffic Inspector screens all suspicious requests and blocks them if they can harm a website.
- Log all activities related to the logging in and logging out process
- Protects WordPress accounts with Two-Factor Authentication (2FA)
- Spam protection: reCAPTCHA for WordPress and WooCommerce forms
- Hide wp-login.php from possible attacks and return 404 HTTP Error
- Hide wp-admin (dashboard) and return 404 HTTP Error when a user isn’t logged in
- Make Custom login URL for logging in (rename wp-login.php)
- Limits the number of registrations from one IP address
- Block WordPress user accounts
- Block user registration with a set of prohibited usernames or by specifying REGEX username patterns.
- Role-based access control for WordPress REST API
- Protects registration forms with reCAPTCHA and Cerber anti-spam and bot detection engine
- Immediately block IP or subnet when attempting to log in with non-existent username
- Disable automatic redirecting to the login page
- Disable WordPress REST API
- Disable XML-RPC: block access to the XML-RPC server including Pingbacks and Trackbacks
- Disable feeds (block access to the RSS, Atom, and RDF feeds)
- Restrict access to the XML-RPC, REST API feeds by White Access List by IP address, IP range or subnet
- Stop user enumeration via author pages
- Stop user enumeration via REST API
- Protection against (DoS) attack CVE-2018-6389
- Proactively block IP subnet class C for a suspicious IP address
- Citadel mode for massive brute force attack
- Play nice with fail2ban: write failed attempts to the syslog or a custom log file
- Provides an additional security layer with a special Cloudflare add-on
- View and filter out activity list by IP, username or a particular event
- Extra WHOIS information for IP: country, abuse contacts, network owner and much more
- Handles site/server behind a reverse proxy
- Configurable email notifications with rate limiting
P.S. Initially the plugin was created as a better alternative to WordPress Limit Login Attempts plugin.
Have any questions?
If you have a question regarding WordPress security or WP Cerber, leave them in the comment section below.