WP Cerber Security 8.4
Today’s cybersecurity landscape is changing and cybercrime is evolving. So it’s crucial to constantly improve our security arsenal. Every new release we make WP Cerber even stronger implementing multiple improvements to its security algorithms, some of them are visible, some of them are hidden under the hood.
More flexible country-based access policies
Get more flexible and granular control over which countries are permitted for logging into your WordPress. Now the country-based GEO access control engine allows configuring role-based access rules likewise the advanced role-based 2FA policies. In short, you can configure a list of countries from which users are permitted to log in for each role individually. For instance, administrators can only log in from Australia and Germany, while the rest of the users can log in from the US, Canada, and Brazil.
Role-based rules have higher priority than common rules for All Users. For IP addresses in the White IP Access List none of country-based GEO rules are applied.
If a login attempt is blocked due to a country restriction, in the Activity log that attempt is marked as “Blocked by country rule”.
Hint: To block access to the WordPress dashboard for logged in users, configure a policy on the User Policies admin page.
Users’ sessions management done right
WordPress does not have natively any feature to monitor and manage users’ sessions. But with WP Cerber session manager you get a powerful tool to manage them and control logged in users effectively.
Use bulk actions to terminate selected users’ sessions or to block a selected user. Use links in a row to navigate to the user activity log or to the log of all requests from IP address that was used for logging into the website. If you enable Cerber.Hub you can manage users’ sessions on any number of websites from one WordPress dashboard switching between them in a click.
Other improvements and updates
Access to users’ data via WordPress REST API is always granted for administrator accounts, meaning if “Stop user enumeration” via REST API is enabled, all users with the administrator role always have access to users’ data.
The custom login page feature has been updated to eliminate possible conflicts with themes and other plugins.
Handling of file system errors which can occur during malware scanning and integrity checking has been improved: additional diagnostic information is being logged to Cerber’s debug log if “Enable diagnostic logging” in the scanner settings is turned on.
Improved compatibility with operating systems that natively doesn’t support the PHP GLOB_BRACE constant. On such systems using the integrity checker produced a warning message in the server log: PHP Warning: Use of undefined constant GLOB_BRACE – assumed ‘GLOB_BRACE’.
What’s WP Cerber Security, anyway?
It’s a comprehensive, five-star rated, and always-improving security solution for WordPress. The plugin protects websites with advanced web application firewall (WAF), malware scanner, and anti-spam engine. Reinforced with analytical data from a specialized Cerber Security Cloud (CSC) in the professional version it provides a phenomenal level of security saving time and money for website owners.
CSC monitors cybercriminal activity around the worlds and maintains a real-time database of malicious IP addresses known for disseminating spam, attacking and penetrating websites, attempting to exploit software vulnerabilities and other similar forms of malicious activity.
See also: What was new in the previous version of the plugin