Releases
Posted By Gregory

WP Cerber Security 6.5


This version brings a new, advanced and more effective way of loading plugin modules and the plugin security engine. This allows Cerber Security to intercept and inspect suspicious requests more effectively and protect WordPress against attacks that try to exploit a vulnerability in a plugin or a theme. It’s advised to enable loading in Standard mode.

To enable this new mode go to the Main Settings plugin admin page and set the Load security engine setting to Standard mode.

Improvements

  • Traffic Inspector’s algorithms detect and deny any attempt to upload executable files (including PHP and JavaScript) or .htaccess file via any public form or POST request.
  • A new setting to disable email notifications about new versions of the plugin. It’s located on the Notification admin page in the Email notifications section.
  • Search in the traffic log. Now it’s possible to search in the User agent string and filter out the HTTP method (GET/POST).

Updates

  • Performance of the logging subsystem is improved: the DB query has been updated.
  • In the Smart mode if a user is not logged in, all requests to the admin dashboard are logged.
  • PHP versions older than 5.4 are no longer supported. The code itself is still compatible and can be installed on PHP 5.3.

Bags fixed

  • On a multisite WordPress installation with websites in subdirectories when a new user clicks on an activation link (wp-activate.php?key=code) they will be locked out.
  • If a user tries to log in with an email address and an incorrect password, the “Invalid username” message is shown instead of “Incorrect password”.

Last posts from WordPress security blog


I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments
There are currently no comments.