Security Blog
Useful information and technical details if you want to know more how to protect WordPress from modern threats effectively
WP Cerber Security Hooks
A list of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin). Filters cerber_msg_reached Applied to the message that is displayed for a user if the user has reached the limit to the number of login attempts. The [...]
Uso de listas de acceso de IP para limitar el acceso y proteger WordPress
An IP Access List (commonly referred to as ACL) enables you to restricts access to the WordPress admin dashboard, vital WordPress features, protect login and registration forms from accessing by unwanted computers and bots. WP Cerber supports two types of access lists: White IP Access List and Black IP Access List. Both access [...]
Cloudflare and WP Cerber
If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Enable My site is behind a reverse proxy on the Main Settings page. If you have configured the Custom login URL, you have to exclude it from caching by Cloudflare’s [...]
Notifications on WordPress user logs in
It can be easily done by having the jetFlow.io plugin installed and using a tiny workflow. Help ¿Qué es RID y cómo usarlo? Security Blog Administrar las contraseñas de las aplicaciones de WordPress sin problemas Security Blog Programa de recompensas por errores de WP Cerber Security Blog Cómo limitar el número de sesiones de [...]
Una mejor manera de automatizar WordPress
I am pleased to announce an absolutely new automation plugin that has recently arrived. The jetFlow plugin is an automation tool that brings power of workflows to your WordPress powered site. This new plugin allows you to automate almost any task or business process without coding knowledge. Furthermore, you can fine tune any aspect of [...]
Convierte tu WordPress en Fort Knox
This article assumes that we want to get a bulletproof protected website powered by WordPress. It’s not necessarily to do all the following steps word for word and point by point exactly as described. But I do recommend that if you want to create your own Fort Knox. Security Blog Página de inicio de sesión personalizada [...]
Limit login attempts without a plugin?
You can find plenty of comments and advice on that on the Internet. But is it real? Security Blog Programa de recompensas por errores de WP Cerber Security Blog Cómo limitar el número de sesiones de usuarios simultáneos en WordPress Security Blog Administrar las contraseñas de las aplicaciones de WordPress sin problemas Help [...]
Fortalecimiento de WordPress con WP Cerber
All suggested settings are highly recommended for most websites on the Internet. If you need, for some reason, provide access to the functions and features listed on this page from a particular computer or an IP network, you need to add them to the White IP Access List. Disable REST API The plugin restricts access to the [...]
Know more about intruder’s IP
To enable retrieving, check option: Drill down IP. To view the information click on a particular IP address on the Activity tab. Technical details To get extra information like country, company, network info and abuse contact WP Cerber uses requests to a limited set of external WHOIS servers which are maintained by appropriate [...]
Plugin Inspector
Want to know more about plugins you have installed on your blog? The Plugin Inspector plugin is an easy way to check plugins installed on your WordPress and make sure that plugins do not use deprecated WordPress functions and some unsafe functions like eval, base64_decode, system, exec, etc. Some of those functions may be used [...]
Cómo proteger WordPress con Fail2Ban
English version: How to protect WordPress with Fail2Ban Al utilizar WP Cerber Security y Fail2Ban juntos, puede reforzar la protección al nivel más eficaz. Eso le permite proteger WordPress de ataques de fuerza bruta y DoS a nivel del sistema operativo con iptables . Lea más sobre ataques: ataques de fuerza bruta, DoS y DDoS: [...]
Fortalecimiento de WordPress con WP Cerber y NGINX
NGINX is a free, open-source, high-performance HTTP server. WP Cerber is a free, open-source, security plugin which protects WordPress powered sites from intruders and hackers. How to hardening WordPress using WP Cerber and NGINX together First of all, you need to set up a Custom login URL and check Block direct access to [...]
Cómo encontrar una página de inicio de sesión oculta en WordPress
English version: How to find hidden login page on WordPress Supongamos que ha decidido ocultar su página de inicio de sesión de WordPress y su panel de administración de wp a los piratas informáticos ocultando estas páginas con un simple complemento o un truco. ¿Crees que funciona y nadie conoce tus secretos? No seas tan [...]
What to do if your WordPress site has been hacked
Immediately change passwords. Your WordPress user account and all accounts with administrative privileges on the website. The MySQL password for your website database and the password for MySQL server administrator. FTP too, if it is enabled. Reinstall WordPress. Manually remove old one and install again (do not forget to make backup of [...]
Configuraciones de seguridad recomendadas para WP Cerber
We provide you with settings based on best security practices. This settings suitable for most of the WordPress powered sites in the Internet. See screenshot below to see how it’s easy. Limit login attempts Attempts 3 allowed retries in 60 minutes Lockout duration 60 minutes Aggressive lockout Increase lockout duration to 24 hours [...]