I’m getting “Probing for vulnerable code”
During its normal operations, the WP Cerber’s firewall inspects all incoming requests to your website and blocks suspicious and harmful ones. It’s normal to see requests marked as “Probing for vulnerable code”. Nowadays they occur regularly and mean the firewall recognized a request as malicious and denied it. You [...]
Development version 6.9
We’ve got good news to share! Cerber Security is known as a constantly evolving security solution and every new version of the plugin delivers better value. Now we’re tickled to announce a new development version with a new security tool: Cerber Security Scanner. You can download this stable version by using the link below. [...]
WP Cerber Security 6.7.5
Improvements A new button View Activity has been added to the user edit page in the WordPress dashboard. Miscellaneous code optimizations: performance of database routines and SQL queries have been improved. Updates A new translation to the Swedish language has been added. Thanks to Fredrik Näslund. The Polish language translation have [...]
Development version 6.7.3
This is a bug fix version. A small bug in the Black Access List algorithm is fixed. The bug: if you add the wildcard *.*.*.* entry (all IPv4 addresses) to the Black IP Access List, all form submissions including any login form will be denied with the request forbidden message and HTTP 403 code no matter what IP addresses the White IP [...]
WP Cerber Security 6.7
Improvements Antispam engine algorithms have been updated to improve AJAX requests handling and reduce false positives. Improved compatibility with WooCommerce, Formidable Forms, Gravity Forms and AJAX file upload. Regular expressions are now available for the Traffic Inspector Request whitelist and Antispam Query whitelist. To specify a [...]
Development version 6.5.5
The antispam algorithm has been updated to improve AJAX requests handling. Improved compatibility with WooCommerce, Formidable Forms and Gravity Forms AJAX file upload. Use this link to download the development version of the plugin: https://my.wpcerber.com/downloads/wp-cerber.zip WordPress Security How to limit the number of concurrent [...]
Development version 6.5.1
This version solves a rare issue with an undefined COOKIEPATH constant. If you come across this issue, usually you see the following messages in the web server error log file: PHP Notice: Use of undefined constant COOKIEPATH This version also enables logging any requests to the login page if the logging is in the Smart mode. Use this [...]
Restrict access to the WordPress REST API
WP Cerber Security allows you to restrict or completely block access to WordPress REST API which is enabled by default. To enable protection go to the Hardening tab and enable Block access to WordPress REST API except any of the following. This blocks access to the REST API unless you grant access to it in the settings fields [...]
WP Cerber Security 6.5
This version brings a new, advanced and more effective way of loading plugin modules and the plugin security engine. This allows Cerber Security to intercept and inspect suspicious requests more effectively and protect WordPress against attacks that try to exploit a vulnerability in a plugin or a theme. It’s advised to enable loading in [...]
How to stop spam user registrations on your WordPress
Enable an antispam engine for the registration form The fastest way to stop spammers is to enable the antispam engine for the WordPress registration form. To enable protection: Go to the Antispam plugin admin page Enable Protect registration form with bot detection engine in the Cerber antispam engine section If you have a [...]
Development version 6.3
Use this link to download the development version of the plugin: https://my.wpcerber.com/downloads/wp-cerber.zip This version brings a new, advanced and more effective way of loading plugin modules and the plugin security engine. By default, Cerber Security loads itself in a Legacy, old mode. But from the version 6.3, the advanced way is [...]
Clearing Activity and Live Traffic Logs
WP Cerber’s logs play an essential role in monitoring your website’s activity and traffic for potential threats and malicious actors. They help WP Cerber’s algorithms identify suspicious behavior and safeguard your site, but over time, these logs can grow significantly and consume valuable database space. This article [...]
How to protect WordPress against CVE-2018-6389 DoS attacks
We should say that this is not a critical vulnerability and doesn’t allow a hacker to break into a victim website. It’s rather a design flaw that allows anyone to put a WordPress powered website to its knees easily. Bad actors can use it to bring your online store down. The attack can be initiated from any computer by anyone. No special [...]
WP Cerber Security 6.2
New features Protection against a denial of service (DoS) attack that exploits recently discovered vulnerability (CVE-2018-6389). It’s not a critical vulnerability and doesn’t allow a hacker to break into a victim website. It’s rather a flaw that allows anyone to put a WordPress powered website to its knees easily. Bad [...]
Traffic Logging for WordPress
WP Cerber’s Traffic Inspector not only analyzes and blocks suspicious HTTP requests but also can optionally log them with request details, enabling you to inspect them manually. It uses a thoroughly designed high-performance logging engine. All logged requests are displayed on the Live Traffic page. The logging settings [...]