WP Cerber Security 1.8
What’s new in the best plugin to mitigate brute force attacks and hardening WordPress New! added Hostname column for the User Activity and Lockouts tabs. New! added ability to write all failed login attempts to the specified file or to the syslog file. Use it to protect site with fail2ban. Note: you need root access to the server to [...]
How to protect WordPress with Fail2Ban
By using WP Cerber Security and Fail2Ban together you can reinforce protection at the most effective level. That allows you to protect a WordPress from brute-force and DoS attacks at the OS level with iptables. Read more about attacks: Brute-force, DoS, and DDoS attacks – what’s the difference? Note: you have to have the root [...]
WP Cerber Security 1.7
Added ability to remove old records from the user activity log automatically. Check out Keep records for field on the settings page. This setting determines how many days’ WP Cerber will keep log records. Log will be cleaned up automatically on a schedule. Added pagination for the User Activity and the Lockouts screens. Added ability to [...]
Hardening WordPress with WP Cerber and NGINX
NGINX is a free, open-source, high-performance HTTP server. WP Cerber is a free, open-source, security plugin which protects WordPress powered sites from intruders and hackers. How to hardening WordPress using WP Cerber and NGINX together First of all, you need to set up a Custom login URL and check Block direct access to [...]
WP Cerber Security 1.6
New: beautiful widget for the dashboard to keep an eye on things. Get quick analytic with trends over 24 hours and ability to manually deactivate Citadel mode. French translation added, thanks to hardesfred. Hardening WordPress. Removed automatically redirection from /login/ to the login page, from /admin/ and /dashboard/ to the [...]
How to find hidden login page on WordPress
Let’s assume you’ve decided to hide your WordPress login page and wp-admin dashboard from hackers by hiding these pages with a simple plugin or a trick. Do you think it works and nobody knows your secrets? Don’t be so naive. Anyone can easily find out login and dashboard pages with the following simple tricks. [...]
WP Cerber Security 1.5
New feature you’re will love it: importing and exporting settings and access lists from/to the file. Limited notifications in the dashboard. WordPress Security How to limit the number of concurrent user sessions in WordPress WordPress Security Managing WordPress application passwords a hassle-free way WordPress Security WP [...]
What to do if your WordPress site has been hacked
Immediately change passwords. Your WordPress user account and all accounts with administrative privileges on the website. The MySQL password for your website database and the password for MySQL server administrator. FTP too, if it is enabled. Reinstall WordPress. Manually remove old one and install again (do not forget to make backup of [...]
Recommended security settings for WP Cerber
We provide you with settings based on best security practices. This settings suitable for most of the WordPress powered sites in the Internet. See screenshot below to see how it’s easy. Limit login attempts Attempts 3 allowed retries in 60 minutes Lockout duration 60 minutes Aggressive lockout Increase lockout duration to 24 hours [...]
Custom login page for WordPress
The custom login page feature is a great tool for reducing the attack surface and eliminating spam registrations. It’s the first thing you should enable on a newly installed WordPress. Another highly recommended security measure is renaming WordPress’s plugins folder. Why it matters and why it works According to our studies [...]
WP Cerber Security 1.4
Added support Multisite mode. Added Number of comments column on the Users screen in dashboard. Updated notification settings. Updated languages files. WordPress Security WP Cerber Bug Bounty Program WordPress Security Managing WordPress application passwords a hassle-free way WordPress Security How to limit the number of concurrent user [...]
WP Cerber Security 1.3
Fix issue with hanging up during redirect to /wp-admin/ on some circumstance. Fix minor issue with limit login attempts for non-admin users. Add Date of registration column on the Users screen in dashboard. Some UI improvements on access-list screen. Performance optimization & code refactoring. WordPress Security Managing WordPress [...]
How to hide wp-admin and wp-login.php from attacks
With WP Cerber Security you can do that with several clicks. Open WP Cerber main settings page. Turn on Disable automatic redirection to the login page when /wp-admin/ is requested by an unauthorized request Enter your desired custom login URL into the Custom login URL field Turn on Block direct access to wp-login.php and return HTTP 404 [...]
Migrating from Limit Login Attempts
If you have Limit Login Attempts is installed and now ready to switch more reliable and powerful solutions like WP Cerber you can do it in several clicks.
WP Cerber Security 1.2
Add localization & internationalization files. You can use Loco Translate plugin to make your own translation. Add Russian translation. Add headers for failed attempts to use such headers with fail2ban. WordPress Security WP Cerber Bug Bounty Program WordPress Security How to limit the number of concurrent user sessions in WordPress [...]