WordPress Security How To
WordPress security recipes and brief instructions how to protect your website with Cerber Security & Antispam plugin
How to block a WordPress user
In this post, we explain how to disable a WordPress user account without deleting it. You can do it with WP Cerber Security in a few clicks. Once a user is blocked, the user will not be able to log into the website. If you block a logged in user, the user will be automatically logged out and redirected to the home page of the website. [...]
Restrict access to WordPress REST API
WP Cerber Security allows you to restrict or completely block access to WordPress REST API which is enabled by default. To enable protection go to the Hardening tab and enable Block access to the WordPress REST API except any of the following. If you use Contact Form 7, Jetpack or another plugin that make use of REST API, you [...]
How to stop spam user registrations on your WordPress
Enable an antispam engine for the registration form The fastest way to stop spammers is to enable the antispam engine for the WordPress registration form. To enable protection: Go to the Antispam plugin admin page Enable Protect registration form with bot detection engine in the Cerber antispam engine section If you have a [...]
How to clean up the activity and live traffic logs
Note: the following operations cannot be rolled back. How to delete all Activity log records To completely delete all Activity log records go to the WP Cerber → Tools admin page and click the Diagnostic tab. In the Database info section find the following title: Table: cerber_log, rows: xxxx. Click the Delete all rows button next to it. [...]
How to protect WordPress against CVE-2018-6389 DoS attacks
We should say that this is not a critical vulnerability and doesn’t allow a hacker to break into a victim website. It’s rather a design flaw that allows anyone to put a WordPress powered website to its knees easily. Bad actors can use it to bring your online store down. The attack can be initiated from any computer by anyone. No special [...]
Traffic Inspector and logging how to
Quick recipes for Cerber Security Traffic Inspector. How to disable traffic logging To completely turn off the logging: go to the Traffic Inspector page, click the Settings tab and set Logging mode to Logging disabled. How to disable Traffic Inspector To completely turn off the inspection go to the Traffic Inspector Settings [...]
Instant mobile and browser notifications with Pushbullet
WP Cerber allows you to easily enable desktop and mobile notifications and get all those notifications from your WordPress instantly and for free. In a desktop browser, you will get popup messages even if you logged out of your WordPress. Security Blog How to protect WordPress effectively: a must-do list Security Blog Manage [...]
WordPress notifications made easy
Yes, you heard it right. Subscriptions to events work like a subscription to a newsletter or following someone on Facebook. Once you have subscribed to a specific activity you will get a notification letter by email and a push notification with each event. You can create as many subscriptions as you need. You can easily [...]
How to change date format on Activity page
The plugin has a special setting – Date format. It allows you to specify what format to use to display dates and time on admin pages: Activity log, Traffic Inspector and in notification emails. The setting is located in the Preferences section on the Main settings admin page. If the Date format setting field is empty, the date and [...]
How to catch bots and robots with a list of prohibited logins
As you already know, there is a small, but useful feature that called a list of prohibited logins/usernames. This is a comma-separated list of usernames you do not want to be used on your website in any circumstances. That’s it? Nope, there is no “just in case” features in the WP Cerber Security plugin. But [...]
How to set up reCAPTCHA
What is reCAPTCHA and how does it work? reCAPTCHA is a human verification mechanism that provides a free anti-spam service. It can be used alongside with the WP Cerber anti-spam engine. When reCAPTCHA is configured for a form on your website, a couple of JavaScript scripts are loaded from Google’s servers every time the [...]