Firewall
Update to the Cloudflare add-on
This update brings compatibility with WP Cerber 9.0. Previous versions of the add-on are not compatible with WP Cerber 9.0 or newer due to a bug that generates fatal PHP error. Download the add-on using this link: https://my.wpcerber.com/downloads/wp-cerber-cloudflare-addon.1.2.zip Read more: Cloudflare add-on for WP Cerber. Help How to [...]
Cloudflare add-on for WP Cerber
This optional add-on brings an additional security measure for your WordPress by providing integration with the Cloudflare cloud-based firewall. When enabled, it adds and removes IP addresses blocked by WP Cerber to and from the Cloudflare IP Access Rules continuously. This prevents malicious IP addresses from accessing the entire [...]
WP Cerber Security 7.9
We continue to improve the WP Cerber Security algorithms in responding to new cybersecurity threats and risks. Here is what you get in this version. New features Traffic Inspector has got a new error monitoring tool that works as an additional security layer. The plugin monitors suspicious requests that cause 4xx and 5xx HTTP errors and [...]
How to avoid blocking of legitimate requests
Protecting your website, during its normal operations, WP Cerber inspects all incoming requests to your website and blocks suspicious and harmful ones. On rare occasions, WP Cerber might erroneously block legitimate requests and prevents the website from functioning correctly. If you see legitimate requests that are denied as [...]
I’m getting “Probing for vulnerable code”
During its normal operations, the WP Cerber’s firewall inspects all incoming requests to your website and blocks suspicious and harmful ones. It’s normal to see requests marked as “Probing for vulnerable code”. Nowadays they occur regularly and mean the firewall recognized a request as malicious and denied it. You [...]
How to protect WordPress against CVE-2018-6389 DoS attacks
We should say that this is not a critical vulnerability and doesn’t allow a hacker to break into a victim website. It’s rather a design flaw that allows anyone to put a WordPress powered website to its knees easily. Bad actors can use it to bring your online store down. The attack can be initiated from any computer by anyone. No special [...]
WP Cerber Security 6.1
In case you missed: version 6.0 announcement. Improvements Traffic Inspector has got a Request White List setting. To exclude a particular request from inspection specify a request string without the website domain and query string (GET parameters). Read more. An Activity filter has been added to the Advanced search form on the Traffic [...]
Traffic Inspector in a nutshell
Traffic Inspector analyzes incoming HTTP requests, recognizes suspicious, and blocks them before they can harm your website. This security algorithm is enabled by default and in the vast majority of cases requires no configuration. When Traffic Inspector is enabled, the firewall analyzes and blocks malicious and potentially [...]
WP Cerber Security 6.0
New features Hacker attacks on websites get stronger and smarter because fast-growing technologies create new opportunities for hackers and cybercriminals. We cannot ignore those facts and that’s the reason we’ve implemented a new feature: Traffic Inspector. It’s a specialized request inspection algorithm that acts as additional [...]
Using IP Access Lists to limit access and protect WordPress
An IP Access List (commonly referred to as ACL) enables you to restricts access to the WordPress admin dashboard, vital WordPress features, protect login and registration forms from accessing by unwanted computers and bots. WP Cerber supports two types of access lists: White IP Access List and Black IP Access List. Both access [...]
Cloudflare and WP Cerber
If your site is behind the Cloudflare proxy service and your WordPress is protected by the WP Cerber plugin, you have to do two things to let them work well together. Enable My site is behind a reverse proxy on the Main Settings page. If you have configured the Custom login URL, you have to exclude it from caching by Cloudflare’s [...]