Security Blog
Useful information and technical details if you want to know more how to protect WordPress from modern threats effectively
How to stop spam form submissions on your WordPress
Cerber antispam and bot detection engine is capable to protect all contact and registration forms on a website. It’s compatible with virtually any form.
Brute-force, DoS, and DDoS attacks – what’s the difference?
Let's make things clear with these intruder activities that happens every day on any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?
Best WordPress Plugins for Two-Factor Authentication
Two-Factor Authentication plugins for WordPress allow you to use a mobile phone to verify yourself before you get inside.
WordPress 4.7.3 – six security issues has been fixed
This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick [...]
Do not trust those fake domain confirmation emails
If you ever receive a letter any kind that requests to create, download or install some PHP code on your website you must ignore it.
WordPress 4.7.1 – eight security issues have been fixed
Time to update! According to reports WordPress 4.7 and earlier are affected by eight security issues and now they are fixed Security Blog Get WordPress protected: rename the plugins folder Security Blog Cerber Security Scanner Settings WordPress Security How To Restrict access to WordPress REST API Security Blog Manage multiple WP Cerber [...]
WP Cerber Security Hooks
A list of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin). Filters cerber_msg_reached Applied to the message that is displayed for a user if the user has reached the limit to the number of login attempts. The [...]
Using IP Access Lists to protect WordPress
The IP Access Lists (commonly referred to as ACLs) restricts access to WordPress admin dashboard, vital WordPress features, protect login and registration forms from unwanted computers and bots. WP Cerber supports two types of access lists: White IP Access List and Black IP Access List. Both access lists are manually managed by [...]
Cloudflare and WP Cerber
If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Check My site is behind a reverse proxy in the main WP Cerber Security plugin settings. If you have set Custom login URL, you have to exclude it from CloudFlare’s [...]
Notifications on WordPress user logs in
It can be easily done by having the jetFlow.io plugin installed and using a tiny workflow. Security Blog Manage multiple WP Cerber instances from one dashboard Security Blog How to protect WordPress effectively: a must-do list Security Blog Two-Factor Authentication for WordPress Security Blog Cerber Security Scanner Settings
A better way to automate WordPress
I am pleased to announce an absolutely new automation plugin that has recently arrived. The jetFlow plugin is an automation tool that brings power of workflows to your WordPress powered site. This new plugin allows you to automate almost any task or business process without coding knowledge. Furthermore, you can fine tune any aspect of [...]
Turn your WordPress into Fort Knox
This article assumes that we want to get a bulletproof protected website powered by WordPress. It’s not necessarily to do all the following steps word for word and point by point exactly as described. But I do recommend that if you want to create your own Fort Knox. Security Blog Get WordPress protected: rename the [...]
Limit login attempts without a plugin?
You can find plenty of comments and advice on that on the Internet. But is it real? Security Blog Get WordPress protected: rename the plugins folder WordPress Security How To Restrict access to WordPress REST API Security Blog How to protect WordPress effectively: a must-do list Security Blog Manage multiple WP Cerber instances [...]
Hardening WordPress with WP Cerber
All suggested settings are highly recommended for most websites on the Internet. If you need, for some reason, these functions are being accessible from a particular computer or an IP network you can easily add them to the White IP Access List. Disable REST API The plugin restricts access to the WordPress REST API. The ability [...]
Know more about intruder’s IP
To enable retrieving, check option: Drill down IP. To view the information click on a particular IP address on the Activity tab. Technical details To get extra information like country, company, network info and abuse contact WP Cerber uses requests to a limited set of external WHOIS servers which are maintained by appropriate [...]