Traffic Inspector in a nutshell
Traffic Inspector is a sophisticated context-aware web application firewall (WAF) that protects WordPress by analyzing and blocking malicious HTTP requests
Traffic Inspector analyzes incoming HTTP requests, recognizes suspicious, and blocks them before they can harm your website. This security algorithm is enabled by default and in the vast majority of cases requires no configuration.
When Traffic Inspector is enabled, the firewall analyzes and blocks malicious and potentially harmful requests. Those are included form submissions, requests with GET and POST parameters, requests to PHP scripts.
If the firewall detects a malicious or a possibly harmful request, the WP Cerber blocks the IP address, processing of the request is aborted and the 403 Access Forbidden response is generated. Such events are logged to the Activity log and if Traffic Logging is enabled, request details are logged to the Live Traffic log.
Little or no performance overhead
WP Cerber is designed with performance and security in mind. WP Cerber’s firewall does not slow down the performance of WordPress and doesn’t affect your website’s SEO ranking as well as search engine indexing because the firewall doesn’t inspect and doesn’t block ordinary requests to ordinary WordPress pages that visitors’ browsers or search engines’ crawlers do.
What requests are not inspected and are not blocked
- Requests that come from IP addresses in the White Access List if using the White Access List is enabled
- Requests that are whitelisted in the Request whitelist setting field
- Requests to ordinary WordPress pages, posts, categories and tags
How to exclude specific requests from inspection?
Sometimes, especially when you have a customized WordPress environment, or you have a plugin that utilizes a specific API, you might need to permit access to a particular PHP script without inspection by the firewall. In this case, if the plugin recognizes and marks a legitimate request as “Probing for vulnerable code”, you have to configure an exception.
Read more: I’m getting “Probing for vulnerable code”.
Alternatively, you can permit all requests from a particular IP address:
- Add an IP address you trust to the White IP Access List
- Go to the Traffic Inspector Settings page and enable Use White IP Access List
How to…
How to disable Traffic Inspector
To completely turn off the inspection go to the Traffic Inspector Settings page and disable Enable traffic inspection. Note: it’s not recommended, by doing that you turn off an essential protection layer for your WordPress. If you come across an issue with a php script, use the Request whitelist setting as described above.
Check out other WordPress security How to’s
Have any questions?
If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.
Spotted a bug or glitch?
We’d love to fix it! Share your bug discoveries with us here: Bug Report.
WP Cerber Security 1.6
WP Cerber Security 1.7
I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.
How to whitelist users? I.e. I have the situation that wpcerber is blocking ajax calls from Thrive Themes editors. This would be ok for every public request, but I should not be blocked when I am logged in.
The plugin doesn’t block standard AJAX requests. So it means Thrive Themes editor generates its own non-standard AJAX requests. You should ask the Thrive Themes editor developer for assistance. If the developer is not capable to help you, drop me a screenshot of the Activity log with those blocked AJAX requests on the support forum: https://wordpress.org/support/plugin/wp-cerber