WP Cerber Security 9.6.2

We are in the process of updating the plugin’s admin UI, a task that requires significant effort. Initially, WP Cerber was built on the WordPress settings API, which, over time, has become inadequate for modern admin and settings UI needs. Relying on this API for years has limited our ability to introduce new settings and update admin page layouts. Introducing new types of settings and moving settings between admin pages presents particularly challenging obstacles. As a result, WP Cerber has accumulated considerable technical debt, which we are now addressing. While most changes are happening behind the scenes, we are halfway through releasing a new design for the admin dashboard.

A new admin tool

An Event Insight Tool is developed to provide WordPress website administrators with clear explanations of events logged in WP Cerber security logs. Using a dynamically updated knowledge base, the tool simplifies log interpretation, helping administrators quickly check and strengthen their site’s security. The tool generates pop-up explainers on the “Activity” and “Lockouts” admin pages

Currently, in its early stages, the tool may not always provide detailed information. In the weeks to come, there will be many updates and improvements to this tool.

Key features of the tool:

Provides precise, understandable explanations for each logged event, enhancing your comprehension of potential threats and anomalies.
Display the specific security settings WP Cerber applied in processing each request, offering transparent insight into the protective measures deployed for your site.
It helps you quickly adjust security configurations by guiding you to the corresponding plugin settings.

An Event Insight Tool is developed to provide WordPress website administrators with clear explanations.

The knowledge base is regularly updated based on the WP Cerber team’s expertise. This ensures the tool provides up-to-date, relevant information, enabling you to effectively counter security threats that WordPress faces nowadays.

New settings to configure exceptions

New settings have been introduced to configure header-based exceptions for WP Cerber’s anti-spam and firewall, enhancing the plugin’s flexibility. These exceptions use HTTP headers to identify requests that should bypass firewall or anti-spam inspections, allowing for seamless integration with external web applications and minimizing false positives. Such exempted requests will be highlighted with a green label “Header exception applied” in the Live Traffic log, assuming logging is active.

Various improvements and updates

WP Cerber now logs the reasons for blocking IP addresses with more accuracy. This improvement simplifies the process of identifying the root cause behind an IP address lockout. Previously, if a blocked IP address continued to send spam or suspicious requests, the recorded reason for blocking would update to non-informative “Multiple erroneous requests”.
To simplify the management of spam comments and associated plugin settings, a new activity log event, “Comment marked as spam,” has been introduced. This event is logged when WP Cerber identifies a comment as spam and moves it to the spam list. If the anti-spam settings are configured to deny spam comments, the event “Spam comment denied” is logged, and the comment is not moved to the spam list but is instead completely discarded.
A new quick filter, “Spam Events”, has been added to the Activity Log. By selecting this filter, you can easily view all spam-related events and the actions taken by WP Cerber’s anti-spam mechanism.

Improvements to the plugin admin UI

Introduced a dequeuing mechanism to detect and remove enemy JavaScript scripts that may be loaded by other WordPress plugins on WP Cerber admin pages. This mechanism is implemented to improve compatibility and prevent conflicts, thereby enhancing both performance and security. It guarantees a smoother and more reliable experience on the WP Cerber dashboard.
Updated the layout of certain plugin admin settings pages to make them more user-friendly. Also, updated translations to ensure better accessibility for a global audience.
Refined the wording of plugin settings to enhance clarity and facilitate a better understanding of WP Cerber’s behavior.

Fixed bugs

Fixed a minor PHP bug: “An error of type E_ERROR was caused in line 661 of the file /wp-cerber/cerber-lab.php.”
Fixed a minor PHP bug: PHP Warning: Undefined array key “net_connection_ip” in /wp-cerber/cerber-lab.php on line 330

Wonder what WP Cerber got in the previous version?

Review the release note for WP Cerber Security 9.6.1.

How to install WP Cerber on your WordPress

Enable automatic updates in the plugin settings or use this instruction on how to install WP Cerber if you do not have it on your website.

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.