Security Blog

Development version 6.7.3

This is a bug fix version. A small bug in the Black Access List algorithm is fixed. The bug: if you add the wildcard *.*.*.* entry (all IPv4 addresses) to the Black IP Access List, all form submissions including any login form will be denied with the request forbidden message and HTTP 403 code no matter what IP addresses the White IP [...]


Releases

WP Cerber Security 6.7

Improvements Antispam engine algorithms have been updated to improve AJAX requests handling and reduce false positives. Improved compatibility with WooCommerce, Formidable Forms, Gravity Forms and AJAX file upload. Regular expressions are now available for the Traffic Inspector Request whitelist and Antispam Query whitelist. To specify a [...]


Development Versions

Development version 6.5.5

The antispam algorithm has been updated to improve AJAX requests handling. Improved compatibility with WooCommerce, Formidable Forms and Gravity Forms AJAX file upload. Use this link to download the development version of the plugin: https://my.wpcerber.com/downloads/wp-cerber.zip Security Blog How to protect WordPress effectively: a [...]


Development Versions

Development version 6.5.1

This version solves a rare issue with an undefined COOKIEPATH constant. If you come across this issue, usually you see the following messages in the web server error log file: PHP Notice: Use of undefined constant COOKIEPATH This version also enables logging any requests to the login page if the logging is in the Smart mode. Use this [...]



Releases

WP Cerber Security 6.5

This version brings a new, advanced and more effective way of loading plugin modules and the plugin security engine. This allows Cerber Security to intercept and inspect suspicious requests more effectively and protect WordPress against attacks that try to exploit a vulnerability in a plugin or a theme. It’s advised to enable loading in [...]



Development Versions

Development version 6.3

Use this link to download the development version of the plugin: https://my.wpcerber.com/downloads/wp-cerber.zip This version brings a new, advanced and more effective way of loading plugin modules and the plugin security engine. By default, Cerber Security loads itself in a Legacy, old mode. But from the version 6.3, the advanced way is [...]




Releases

WP Cerber Security 6.2

New features Protection against a denial of service (DoS) attack that exploits recently discovered vulnerability (CVE-2018-6389). It’s not a critical vulnerability and doesn’t allow a hacker to break into a victim website. It’s rather a flaw that allows anyone to put a WordPress powered website to its knees easily. Bad [...]



Development Versions

Development version 6.1.3

Improvements The Traffic Inspector algorithm detects malformed and double extensions like .php.jpg more precisely. Access Lists now accept IPv6 address in any form. You can enter a shortened IPv6 (short form) or a full IPv6. A full IPv6 will be shortened to the short IPv6 address representation. Bugs fixed If REST API is blocked, a [...]


Releases

WP Cerber Security 6.1

In case you missed: version 6.0 announcement. Improvements Traffic Inspector has got a Request White List setting. To exclude a particular request from inspection specify a request string without the website domain and query string (GET parameters). Read more. An Activity filter has been added to the Advanced search form on the Traffic [...]


Security Blog

Traffic Inspector in a nutshell

Traffic Inspector constantly screens all suspicious requests and blocks them before they can harm a website. This security algorithm is enabled by default and in the vast majority of cases requires no configuration. It is improved based on the knowledge we get during analyzing attempts to break-in and hacker attacks in our [...]