Security Blog
Useful information and technical details if you want to know more how to protect WordPress from modern threats effectively
WP Cerber Bug Bounty Program
Our customers trust us to protect their websites, and we are deeply committed to maintaining a secure and trustworthy approach to website protection. We take this trust and our reputation very seriously. That is why our priority is to develop secure software solutions and that is why have launched the WP Cerber bug bounty program. Main [...]
WP Cerber Software Repository
We have launched our own software repository as a part of our contingency plan to ensure uninterruptible software update process for our customers. What is it? The WP Cerber software repository is our special website where we publish updates to our plugins and add-ons allowing our customers update them from within WordPress dashboard in [...]
Update to the Cloudflare add-on
This update brings compatibility with WP Cerber 9.0. Previous versions of the add-on are not compatible with WP Cerber 9.0 or newer due to a bug that generates fatal PHP error. Download the add-on using this link: https://my.wpcerber.com/downloads/wp-cerber-cloudflare-addon.1.2.zip Read more: Cloudflare add-on for WP Cerber. Security [...]
Managing WordPress application passwords a hassle-free way
Using application passwords as a security measure was introduced in WordPress 5.6. This feature enables you and your users to generate and use separate passwords for accessing website APIs such as REST API. The WP Cerber plugin brings a set of tools to manage application passwords in an effective and secure way. In this article, we will [...]
How to limit the number of concurrent user sessions in WordPress
By default, WordPress has no limits applied to the number of concurrent sessions a user may create. This may pose a risk of compromising user security and personal data leakage. The professional version of WP Cerber enables you to enhance user accounts’ security by configuring a limit to the number of concurrent user sessions a [...]
WordPress 5.4.1. A security update fixes seven XSS vulnerabilities
Here we go. Multiple serious security issues affect WordPress versions 5.4 and earlier. Those issues include seven XSS vulnerabilities that exist for years in the WordPress core. Because this is a security release, it is recommended that you update your websites immediately. Along with a security plugin you have. Here is the list of [...]
Cloudflare add-on for WP Cerber
This optional add-on brings an additional security measure for your WordPress by providing integration with the Cloudflare cloud-based firewall. When enabled, it adds and removes IP addresses blocked by WP Cerber to and from the Cloudflare IP Access Rules continuously. This prevents malicious IP addresses from accessing the entire [...]
Browser cookies set by WP Cerber
When WP Cerber is installed on your website it can generate and set several browser cookies with the sole purpose of securing your website by detecting and mitigating malicious activity. All these cookies have randomly generated names and contain randomly generated values. No personal or sensitive data is stored in the cookies. Those [...]
Deleting personal data
Depending on configuration during its normal operations WP Cerber can accumulate information in the website database. This information can be considered as personal data in terms of applicable privacy law (such as GDPR). All that data can be deleted as well as exported by a user request from within the WordPress dashboard with easy, no [...]
Exporting personal data from logs
Depending on configuration during its normal operations WP Cerber can accumulate information in the website database. This information can be considered as personal data in terms of applicable privacy law (such as GDPR). All that data can be exported by a user request or deleted from within the WordPress dashboard with easy, no database [...]
Two-Factor Authentication for WordPress
Two-Factor Authentication or 2FA provides an additional layer of security requiring a second factor of identification beyond just a username and password. Two-factor authentication has long been used to control access to personal and financial data processed in banks or insurance companies; and today website owners are increasingly using [...]
How to protect WordPress effectively: a must-do list
A must-do list to get high-security and durable protection for your website. To get the most out of WP Cerber’s security algorithms, your should configure all the settings below. Do this thoughtfully because some settings may conflict with another plugin or your web server settings. In case of any problem, check the Activity log [...]
Manage multiple WP Cerber instances from one dashboard
A short introduction to a remote website management technology which is available since WP Cerber Security 8.0. How does it work The Cerber.Hub technology enables you to manage WP Cerber plugins, monitor activity, and upgrade installed plugins on multiple WordPress-powered websites from one, central WordPress website which is called a [...]
Registered users only mode
Enabling this mode forces users to log in before viewing your WordPress powered website. By default, if a user is not logged in, the user is redirected to the default login page. After successfully logging in, the user will be redirected back to the page they tried to view. To achieve this, enable Authorized users only. When a user opens [...]
Automatic cleanup of malware and suspicious files
This powerful feature automatically deletes trojans, viruses, backdoors, and other malware and recover infected files. Cerber Security Professional scans the website on an hourly basis and removes malware immediately, providing the best in class threat protection. Automatic cleanup of malware If the malware scanner detects malicious [...]