How to defend WordPress from modern threats effectively
This is a bug fix version. A small bug in the Black Access List algorithm is fixed. The bug: if you add the wildcard *.*.*.* entry (all IPv4 addresses) to the Black IP Access List, all form submissions including any login form will be denied with the request forbidden message and HTTP 403 code no matter what IP addresses the White IP [...]
Traffic Inspector analyzes incoming HTTP requests, recognizes suspicious, and blocks them before they can harm your website. This security algorithm is enabled by default and in the vast majority of cases requires no configuration. When Traffic Inspector is enabled, the firewall analyzes and blocks malicious and potentially [...]
Upgrading to Cerber Security Pro not only unlocks the features below but puts you on the upgrade path for unbeatable security features that we’re excited to share in the near future. As of now, our customers get these powerful features and abilities: Cloud-based protection with Global Black List maintained by Cerber Lab. Our cloud [...]
Account Security Improvements in WordPress 4.9 https://make.wordpress.org/core/2017/10/15/improvements-for-roles-and-capabilities-in-4-9/ Security Blog Exporting personal data from logs Security Blog WordPress 5.4.1. A security update fixes seven XSS vulnerabilities Security Blog How to protect WordPress effectively: a must-do list [...]
Cerber's anti-spam and bot detection engine is capable to protect all contact and registration forms on a website. It’s compatible with virtually any form.
Let's make things clear with these intruder activities that happens every day on any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?
Two-Factor Authentication plugins for WordPress allow you to use a mobile phone to verify yourself before you get inside.
This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick [...]
If you ever receive a letter any kind that requests to create, download or install some PHP code on your website you must ignore it.
Time to update! According to reports WordPress 4.7 and earlier are affected by eight security issues and now they are fixed Security Blog Deleting personal data Security Blog Exporting personal data from logs Security Blog Manage multiple WP Cerber instances from one dashboard Security Blog Get WordPress protected: rename the plugins [...]
A list of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin). Filters cerber_msg_reached Applied to the message that is displayed for a user if the user has reached the limit to the number of login attempts. The [...]
An IP Access List (commonly referred to as ACL) enables you to restricts access to the WordPress admin dashboard, vital WordPress features, protect login and registration forms from accessing by unwanted computers and bots. WP Cerber supports two types of access lists: White IP Access List and Black IP Access List. Both access [...]
If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Enable My site is behind a reverse proxy on the Main Settings page. If you have configured the Custom login URL, you have to exclude it from caching by Cloudflare’s [...]
It can be easily done by having the jetFlow.io plugin installed and using a tiny workflow. Help What is RID and how to use it Security Blog Two-Factor Authentication for WordPress Security Blog Cloudflare add-on for WP Cerber Security Blog How to protect WordPress effectively: a must-do list