WordPress Security
How to protect WordPress from modern cybersecurity threats
Configuring the WP Cerber scanner settings
Cerber Security Scanner is a sophisticated and powerful tool that inspects every single file and every single folder on a website for traces of malware and backdoors, changed, and new suspicious files. The scanner verifies the integrity of WordPress, plugins, and themes and prevents them from being infected with unforeseen malware. When [...]
The WP Cerber scanner for WordPress
A manual scan mode To manually start scanning, go to the Site Integrity admin page and click either the Start Quick Scan button or the Start Full Scan button. Do not close the browser window while the scan is in progress. You can open a new browser tab to do something else on the website. Once the scan has finished, you can close the [...]
Traffic Inspector in a nutshell
Traffic Inspector analyzes incoming HTTP requests, recognizes suspicious, and blocks them before they can harm your website. This security algorithm is enabled by default and in the vast majority of cases requires no configuration. When Traffic Inspector is enabled, the firewall analyzes and blocks malicious and potentially [...]
Cerber Security Professional
Upgrading to Cerber Security Pro not only unlocks the features below but puts you on the upgrade path for unbeatable security features that we’re excited to share in the near future. As of now, our customers get these powerful features and abilities: Cloud-based protection with Global Black List maintained by Cerber Lab. Our cloud [...]
WordPress 4.9.1 Security and Maintenance Release
WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.
What’s new in WordPress 4.9
Account Security Improvements in WordPress 4.9 https://make.wordpress.org/core/2017/10/15/improvements-for-roles-and-capabilities-in-4-9/ WordPress Security Managing WordPress application passwords a hassle-free way Help What is RID and how to use it WordPress Security WordPress 5.4.1. A security update fixes seven XSS vulnerabilities [...]
How to stop spam form submissions on your WordPress
Cerber's anti-spam and bot detection engine is capable to protect all contact and registration forms on a website. It’s compatible with virtually any form.
Brute-force, DoS, and DDoS attacks – what’s the difference?
Let's make things clear with these intruder activities that happens every day on any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?
Best WordPress Plugins for Two-Factor Authentication
Two-Factor Authentication plugins for WordPress allow you to use a mobile phone to verify yourself before you get inside.
WordPress 4.7.3 – six security issues has been fixed
This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick [...]
Do not trust those fake domain confirmation emails
If you ever receive a letter any kind that requests to create, download or install some PHP code on your website you must ignore it.
WordPress 4.7.1 – eight security issues have been fixed
Time to update! According to reports WordPress 4.7 and earlier are affected by eight security issues and now they are fixed WordPress Security How to limit the number of concurrent user sessions in WordPress WordPress Security Cloudflare add-on for WP Cerber WordPress Security Browser cookies set by WP Cerber WordPress Security Managing [...]
WP Cerber Security Hooks
A list of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin). Filters cerber_msg_reached Applied to the message that is displayed for a user if the user has reached the limit to the number of login attempts. The [...]
Using IP Access Lists to limit access and protect WordPress
An IP Access List (commonly referred to as ACL) enables you to restricts access to the WordPress admin dashboard, vital WordPress features, protect login and registration forms from accessing by unwanted computers and bots. WP Cerber supports two types of access lists: White IP Access List and Black IP Access List. Both access [...]
Cloudflare and WP Cerber
If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Enable My site is behind a reverse proxy on the Main Settings page. If you have configured the Custom login URL, you have to exclude it from caching by Cloudflare’s [...]