WordPress Security
Posted By Gregory

WP Cerber Security Hooks

How to customize the plugin by using filters and actions


A list of WordPress hooks available in WP Cerber version 3.0 and above. It’s handy to use them to customize and fine tune Cerber without coding (e.g. with the jetFlow.io plugin).

Filters

cerber_msg_reached Applied to the message that is displayed for a user if the user has reached the limit to the number of login attempts. The first argument is the message. The second argument is an amount of minutes that user must wait until they will be allowed to log in again.
cerber_msg_remain Applied to the message that is displayed for a user if the user made an unsuccessful attempt to log in. The default message contains the number of remaining attempts. The first argument is the message. The second argument is a number of remaining attempts.
cerber_msg_prohibited Applied to the message shown to a user if they try to use a username from the list of prohibited usernames. The first argument is the message.  The second argument is a context of displaying. It can be:

  1. 'register' the message is being displayed on the registration form
cerber_msg_recaptcha Applied to the message shown to a user if the user failed to solve reCAPTCHA on a form. The first argument is the mesage. The second argument is a context of displaying. It can be:

  1. 'login' the message is being displayed on the WordPress login form
  2. 'register' the message is being displayed on the WordPress registration form
  3. 'lostpassword' the message is being displayed on the WordPress lost password form
  4. 'woocommerce-login' the message is being displayed on the WooCommerce login form
  5. 'woocommerce-lost' the message is being displayed on the WooCommerce lost password form
  6. 'woocommerce-register' the message is being displayed on the WooCommerce registration form

Read also: How to set up reCAPTCHA.

cerber_notify_body Applied to the text of an email notification letter and a mobile notification. Read more about push notification in WordPres.
cerber_404_template Applied to the filename of a PHP template file that is used to display 404 Not Found page. If no hook specified or the hook return a filename that doesn’t exist, the plugin uses the default 404 template (returned by get_404_template() function). To get this filter work, you need to select Use 404 template from active theme for the Display 404 page setting.

Actions

cerber_ip_locked Run every time when WP Cerber locks out an IP address. Passes one argument as an array which contains the locked out IP address and a reason – a textual explanation why it has been locked out.

do_action('cerber_ip_locked', array('IP' => $ip_address, 'reason' => $reason));

cerber_notify_sent Run after a notification email has been successfully sent by WP Cerber. The first arguments is the body of the email. The second one is: array( 'type' => $type, 'IP' => $ip, 'to' => $to, 'subject' => $subj )
cerber_notify_fail Run if WP Cerber is unable to send a notification email.

How to change the plugin messages with the filters above

To change any default message you need to define PHP filter for an appropriate hook. Place the code it to your active theme function.php file.


add_filter( 'cerber_msg_remain', function ($remain) {
  if ($remain > 1) return "You have $remain attempts remaining";
  return "You have only one attempt to log in";
} );

 

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.

Spotted a bug or glitch?

We’d love to fix it! Share your bug discoveries with us here: Bug Report.


I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.

View Comments
There are currently no comments.