Hoppa till innehåll
  • Om WordPress
    • Om WordPress
    • WordPress.org
    • Dokumentation
    • Support
    • Feedback
  • Logga in
  • Registrera
WordPress.org
WordPress.org

Svenska

  • Teman
  • Tillägg
  • Nytt
  • Support
  • Om...
  • Mönster
  • Engagera dig!
  • Skaffa WordPress
Skaffa WordPress

Tillägg

  • Mina favoriter
  • Betatestning
  • Utvecklare
Ladda ner

WP Cerber Security, Anti-spam & Malware Scan

Av Cerber Tech Inc.
  • Detaljer
  • Recensioner
  • Installation
  • Support
  • Utveckling

Beskrivning

Defends WordPress against hacker attacks, spam, trojans, and malware. Mitigates brute-force attacks by limiting the number of login attempts through the login form, XML-RPC / REST API requests, or using auth cookies. Tracks user and bad actors activity with flexible email, mobile and desktop notifications. Stops spammers by using a specialized anti-spam engine. Uses Google reCAPTCHA to protect registration, contact, and comments forms. Restricts access with IP Access Lists. Monitors the website integrity with an advanced malware scanner and integrity checker. Reinforces the security of WordPress with a set of flexible security rules and sophisticated security algorithms.

Funktioner du kommer att älska

  • Begränsar inloggningsförsök när man loggar in via IP-adress eller hela undernät.
  • Övervakar inloggningar som gjorts av inloggningsformulär, XML-RPC-förfrågningar eller auth cookies.
  • Permit or restrict access by IP Access Lists with a single IP, IP range or subnet.
  • Skapa anpassad URL för inloggning (byt namn på wp-login.php).
  • Cerber anti-spam engine for protecting contact and registration forms.
  • Detekterar automatiskt och flyttar skräppostkommentarer till papperskorgen eller förnekar dem helt.
  • Hantera flera WP Cerber-instanser från en adminpanel.
  • Tvåfaktorautentisering för WordPress.
  • Loggar användare, botar, hackare och andra misstänkta aktiviteter.
  • Säkerhetsskannern verifierar integriteten på WordPress-filer, tillägg och teman.
  • Övervakar filändringar och nya filer med e-postaviseringar och rapporter.
  • Mobil och e-postaviseringar med en uppsättning flexibla filter.
  • Advanced users’ sessions manager
  • Skyddar wp-login.php, wp-signup.php och wp-register.php från attacker.
  • Döljer wp-admin (adminpanel) om en besökare inte är inloggad.
  • Blockerar omedelbart ett inkräktar-IP vid försök att logga in med icke-existerande eller förbjudet användarnamn.
  • Begränsa användarregistrering eller inloggning med ett användarnamn som matchar REGEX-mönster.
  • Begränsa åtkomst till WP REST API med dina egna rollbaserade säkerhetsregler.
  • Blockera åtkomst till WordPress REST API fullständigt.
  • Blockera åtkomst till XML-RPC (blockera åtkomst till XML-RPC inklusive pingbacks och trackbacks).
  • Inaktivera flöden (blockera åtkomst till RSS, Atom och RDF-flöden).
  • Begränsa åtkomsten till XML-RPC, REST API och webbflöden med vit IP-åtkomstlista med en IP-adress eller ett IP-intervall.
  • Authorized users only mode
  • Blockera ett användarkonto.
  • Inaktivera automatisk omdirigering till den dolda inloggningssidan.
  • Stoppar uppräkning av användare (blockerar åtkomst till författarsidor och förhindrar att användardata läcker via REST API).
  • Proactively blocks IP subnet class C.
  • Anti-spam: reCAPTCHA för att skydda WordPress inloggning, registrerings och kommentarsformulär.
  • reCAPTCHA för WooCommerce och WordPress-formulär.
  • Osynliga reCAPTCHA för WordPress-formulär.
  • Ett speciellt Citadel-läge för massiva brute force-attacker.
  • Play nice with fail2ban: write failed attempts to the syslog or a custom log file.
  • Filtrera och inspektera aktiviteter efter IP-adress, användare, användarnamn eller en viss aktivitet.
  • Filtrera ut aktiviteter och exportera dem till en CSV-fil.
  • Rapportering: Få veckovisa rapporter till specifierade e-postadresser.
  • Begränsning av inloggningsförsök fungerar på en webbplats/server bakom en omvänd proxy.
  • Bli meddelad via mobila push-aviseringar.
  • Trigger and action for the jetFlow.io automation plugin.
  • Skydd mot (DoS) attacker (CVE-2018-6389).

Limit login attempts done right

Som standard tillåter WordPress obegränsade inloggningsförsök genom inloggningsformuläret, XML-RPC eller genom att skicka särskilda cookies. Detta tillåter lösenord att bli knäckta med relativt lätthet via brute force attack.

WP Cerber blocks intruders by IP or subnet from making further attempts after a specified limit on retries is reached, making brute force attacks or distributed brute force attacks from botnets impossible.

Du kommer att kunna skapa en svart IP-åtkomstlista eller vit IP-åtkomstlista för att blockera eller tillåta inloggningar från en viss IP-adress, IP-adressintervall eller ett undernät för varje klass ( ABC).

Dessutom kan du skapa din anpassade inloggningssida och glömma automatiska attacker till standard wp-login.php, som fordrar din uppmärksamhet och förbrukar mycket serverresurser. Om en angripare försöker komma åt wp-login.php kommer de att blockeras och få ett 404-felsvar.

Malware scanner

Cerber Security Scanner är ett sofistikerat och extremt kraftfullt verktyg som grundligt skannar varje mapp och inspekterar varje fil på en webbplats för spår av skadlig kod, trojaner, bakdörrar, ändrade och nya filer.

Read more about the malware scanner.

Integritetscheckare

The scanner checks if all WordPress folders and files match what exist in the official WordPress core repository, compares your plugins and themes with what are in the official WordPress repository and alerts you to any changes. As with scanning free plugins and themes, the scanner scans and verifies commercial plugins and themes that are installed manually.

Schemalagda skanningar med automatisk filåterställning

Cerber Security Scanner allows you to configure a schedule for automated recurring scanning easily. Once the schedule is configured the scanner automatically scans the website, deletes malware and recovers modified and infected WordPress files. After every scan, you can get an optional email report with the results of the scan.

Läs mer om schemalagda skanningar.

Tvåfaktorsautentisering

Two-Factor Authentication (2FA) provides an additional layer of security requiring a second factor of identification beyond just a username and password. When 2FA is enabled on a website, it requires a user to provide an additional verification code when signing into the website. This verification code is generated automatically and sent to the user by email.

Read more about Two-Factor Authentication.

Logga, filtrera ut och exportera aktiviteter

WP Cerber spårar tid, IP-adresser och användarnamn för lyckade och misslyckade inloggningsförsök, inloggningar, utloggningar, ändringar av lösenord, blockerade IP och åtgärder som vidtagits av sig själv. Du kan exportera dem till en CSV-fil.

Limit login attempts reinvented

Du kan dölja WordPress adminpanel (/wp-admin/) när en användare inte är inloggad. Om en användare inte är inloggad och de försöker få åtkomst till adminpanelen genom att begära /wp-admin/, kommer WP Cerber att returnera ett 404-fel.

Massiv botnet brute force attack? Det är inte längre ett problem. Citadel-läget aktiveras automatiskt en stund och förhindrar att din webbplats utsätts för fortsatta försök att logga in med något användarnamn.

Cerber anti-spam engine

Anti-spam and anti-bot protection for contact, registration, comments and other forms. WP Cerber anti-spam and bot detection engine now protects all forms on a website. No reCAPTCHA is needed. It’s compatible with virtually any form you have. Tested with Gravity Forms, Caldera Forms, HappyForms, Contact Form 7, Ninja Forms, Formidable Forms, Fast Secure Contact Form, Contact Form by WPForms.

Anti-spam skydd: osynlig reCAPTCHA för WooCommerce

  • WooCommerce-formulär för inloggning
  • WooCommerce-formulär för registrering
  • WooCommerce-formulär för förlorat lösenord

Anti-spam skydd: osynlig reCAPTCHA för WordPress

  • WordPress-formulär för inloggning
  • WordPress-formulär för registrering
  • WordPress-formulär för förlorat lösenord
  • WordPress kommentarformulär

Integration med Cloudflare

A special Cloudflare add-on for WP Cerber keeps in sync the list of blocked IP addresses with Cloudflare IP Access Rules.

Stay in compliance with GDPR

How to get full control of personal data to be in compliance with data privacy laws such as GDPR in Europe or CCPA in California.

  • Funktion för export av personuppgifter
  • Personal data erase feature
  • How WP Cerber processes browser cookies

Dokumentation och handledningar

  • Konfiguration av tvåfaktorautentisering
  • Så här skapar du notiser
  • Push-notiser med Pushbullet
  • Så här ställer du in osynlig reCAPTCHA för WooCommerce
  • Ändra tilläggets standardmeddelande
  • 2FA alternatives to the Clef plugin
  • Why reCAPTCHA does not protect WordPress from bots and brute-force attacks

Översättningar

  • Tjeckiska, tack till Hrohh
  • Tyska, tack till mario, Mike och Daniel
  • Holländska, tack till Jos Knippen och Bernardo
  • Franska, tack till hardesfred
  • Norska (bokmål) tack till Eirik Vorland
  • Portugisiska (Portugal), tack till Helderk
  • Portugisiska (Brasilien) tack till Felipe Turcheti
  • Spanska tack till Ismael Murias och leemon
  • Ukrainska, tack till Nadia
  • Ryska, tack till Yui
  • Italienska, tack till Francesco Venuti
  • Svenska, tack till Fredrik Näslund

Tack till POEditor.com för hjälpen att översätta detta projekt.

Kompatibilitet är inte verifierad

There are some plugins that were not checked to be compatible: Login LockDown, Login Security Solution, BruteProtect, Ajax Login & Register, Lockdown WP Admin, Loginizer, Sucuri, Wordfence, BulletProof Security, SiteGuard WP Plugin, iThemes Security, All In One WP Security & Firewall, Brute Force Login Protection

Ett annat tillförlitligt tillägg från den betrodda författaren

  • Tillägget Inspector avslöjar problem med installerade tillägg

Kontrollerar tillägg för föråldrade WordPress-funktioner, kända säkerhetsproblem och några osäkra PHP-funktioner

  • Översätt webbplatser med Google Translate widget

Make your website instantly available in 90+ languages with Google Translate Widget. Add the power of Google automatic translations with one click.
1. If you want to test out plugin’s features, do this from another computer and remove that computer’s network from the White Access List. Cerber is smart enough to recognize ”the boss”.
2. If you’ve set up the Custom login URL and you use some caching plugin like W3 Total Cache or WP Super Cache, you have to add a new Custom login URL to the list of pages not to cache.
3. Read this if your website is under CloudFlare

Deutsche
Schützt vor Ort gegen Brute-Force-Attacken. Umfassende Kontrolle der Benutzeraktivität. Beschränken Sie die Anzahl der Anmeldeversuche durch die Login-Formular, XML-RPC-Anfragen oder mit Auth-Cookies. Beschränken Sie den Zugriff mit Schwarz-Weiß-Zugriffsliste Zugriffsliste. Track Benutzer und Einbruch Aktivität.

Français
Protège site contre les attaques par force brute. Un contrôle complet de l’activité de l’utilisateur. Limiter le nombre de tentatives de connexion à travers les demandes formulaire de connexion, XML-RPC ou en utilisant auth cookies. Restreindre l’accès à la liste noire accès et blanc Liste d’accès. L’utilisateur de la piste et l’activité anti-intrusion.

Український
Захищає сайт від атак перебором. Обмежте кількість спроб входу через запити ввійти форми, XML-RPC або за допомогою авторизації в печиво. Обмежити доступ з чорний список доступу і список білий доступу. Користувач трек і охоронної діяльності.

Vad betyder ”Cerber”?

Cerber är härledd från namnet Cerberus. I den grekiska och romerska mytologin är Cerberus en hund med flera huvuden och har en ormsvans, ett hår av ormar och lejonklor. Ingen kan kringgå denna arga hund. Nu kan du beställa WP Cerber för att skydda ingången till din webbplats också.

Skärmdumpar

  • Adminpanelen: Nyligen registrerade viktiga säkerhetshändelser och nyligen utlåsta IP-adresser.
  • WordPress-aktivitetslogg med filtrering, exporta till CSV och kraftfulla notiser. Du kan se vad som händer just nu när en IP når gränsen för inloggningsförsök och när den är blockerad.
  • Aktivitetslogg filtrerades efter inloggning och specifik typ av aktivitet. Exportera den eller klicka på ”Prenumerera” för att bli underrättad för varje händelse.
  • Detaljerad information om en IP-adress med WHOIS-information.
  • Med dessa inställningar kan du anpassa tillägget enligt dina behov.
  • Vita och svarta IP-åtkomstlistor gör att du kan begränsa åtkomst från en viss IP-adress, nätverk eller IP-intervall.
  • Förstärker WordPress: inaktivera REST API, XML-RPC och stoppa användarens uppräkning.
  • Kraftfulla e-post-, mobil- och webbläsarnotiser för WordPress-händelser.
  • Stoppa spammare: synlig/osynlig reCAPTCHA för WooCommerce och WordPress-formulär – inga skräppostkommentarer längre.
  • Du kan exportera och importera säkerhetsinställningar och IP-åtkomstlistor på skärmen verktyg.
  • Vacker widget för WP-adminpanel för att hålla koll på saker. Få snabb analys med trender under de senaste 24 timmarna.
  • WP Cerber lägger till fyra nya kolumner på WordPress användar-skärmen: Datum för registrering, datum för senaste inloggning, antal misslyckade inloggningsförsök och antal kommentarer. För att få mer information klicka bara på lämplig länk.

Installation

Att installera tillägget WP Cerber Security görs på samma sätt som andra WordPress-tillägg.

  1. Install the plugin through Plugins > Add New > Upload or unzip plugin package into wp-content/plugins/.
  2. Activate the WP Cerber through the Plugins > Installed Plugins menu in the WordPress admin dashboard.
  3. Läs noggrant: Komma igång guiden

Viktiga notiser

  1. Innan du aktiverar osynlig reCAPTCHA måste du skaffa separata nycklar för den osynliga versionen. Så här aktiverar du reCAPTCHA.
  2. If you want to test out plugin’s features, do this on another computer (or incognito browser window) and remove computer IP address or network from the White Access List. Cerber is smart enough to recognize ”the boss”.
  3. If you’ve set up the Custom login URL and you use some caching plugin like W3 Total Cache or WP Super Cache, you have to add the new Custom login URL to the list of pages not to cache.
  4. Läs detta om din webbplats är under CloudFlare
  5. Om du använder tillägget Jetpack eller något annat tillägg som behöver anslutas till WordPress.com måste du låsa upp XML-RPC. För att göra detta, gå till fliken ”Förstärkning”, avmarkera ”Inaktivera XML-RPC” och klicka på knappen ”Spara ändringar”.

Följande steg är valfria men de tillåter dig att förstärka skyddet av din WordPress.

  1. Finjustering av inställningar för begränsade inloggningsförsök gör dem mer restriktiva enligt dina behov.
  2. Konfigurera din anpassade URL för inloggning och kom ihåg det (tillägget skickar e-post till dig med det).
  3. Once you have configured Custom login URL, check ’Immediately block IP after any request to wp-login.php’ and ’Block direct access to wp-login.php and return HTTP 404 Not Found Error’. Don’t use wp-admin to log in to your WordPress dashboard anymore.
  4. If your WordPress has a few experienced users, check ’Immediately block IP when attempting to log in with a non-existent username’.
  5. Specifiera listan över förbjudna användarnamn (inloggningar) som riktiga användare aldrig kommer att använda. De får inte logga in eller registrera sig.
  6. Konfigurera mobil- och webbläsarnotiser via Pushbullet.
  7. Hämta nycklar och aktivera osynlig reCAPTCHA för återställning av lösenord och registreringsformulär (även WooCommerce stöds).

Vanliga frågor

Kan jag använda tillägget med CloudFlare?

Ja. WP Cerber-inställningarna för CloudFlare.

Är WP Cerber Security kompatibel med WordPress multisite-läge?

Yes. All settings apply to all sites in the network simultaneously. You have to activate the plugin in the Network Admin area on the Plugins page. Just click on the Network Activate link.

Är WP Cerber Security kompatibel med bbPress?

Ja. Kompatibilitetsnoteringar.

Är WP Cerber Security kompatibel med WooCommerce?

Fullständigt.

Är reCAPTCHA för WooCommerce en gratis funktion?

Ja. Så här ställer du in reCAPTCHA för WooCommerce.

Finns det några inkompatibla tillägg?

Följande tillägg kan orsaka vissa problem: Ultimate Member, WPBruiser {no- Captcha anti-Spam}, Plugin Organizer, WP-SpamShield.
Tillägget Cerber Security kommer inte att uppdateras för att åtgärda eventuella problem eller konflikter relaterade till dem, du borde fundera på om du ska sluta använda ett eller alla av dem.
Läs mer: https://wpcerber.com/compatibility/.

Kan jag ändra URL för inloggning (byta namn på wp-login.php)?

Ja, lätt. Hur du byter namn på wp-login.php

Kan jag dölja mappen wp-admin?

Ja, lätt. Hur du döljer wp-admin och wp-login. php från eventuella attacker

Kan jag byta namn på mappen wp-admin?

Nej. Det är inte möjligt och rekommenderas inte av kompatibilitetsskäl.

Kan jag dölja det faktum att jag använder WordPress?

Nej. Vi uppmanar dig starkt att inte använda något tillägg som byter namn på wp-admin-mappen för att skydda en webbplats.
Akta dig för alla tillägg som döljer WordPress-mappar eller andra delar av en webbplats och hävdar detta som en säkerhetsfunktion.
De kan inte skydda din webbplats. Var inte dum, att dölja vissa saker gör inte din webbplats säkrare.

Can WP Cerber Security work together with the Limit Login Attempts plugin?

Nope. WP Cerber is a drop in replacement for that outdated plugin.

Kan WP Cerber Security skydda min webbplats från DDoS-attacker?

Nope. The plugin protects your site from Brute force attacks or distributed Brute force attacks. By default WordPress allows unlimited login attempts either through the login form or by sending special cookies. This allows passwords to be cracked with relative ease via a brute force attack. To prevent from such a bad situation use WP Cerber.

Finns det något WordPress-tillägg för att skydda min webbplats från DDoS-attacker?

Nej. Den här svåra uppgiften kan inte göras med hjälp av ett tillägg. Det kan göras genom att använda speciell hårdvara från ditt webbhotell.

Vad är målet med Citadel-läget?

Citadel mode is intended to block massive bot (botnet) attacks and also a slow brute force attack. The last type of attack has a large range of intruder IPs with a small number of attempts to log in per each.

Hur stänger man av Citadel-läget helt?

Ställ in gränsvärdesfält till 0 eller lämna dem tomma.

Vad är syftet med att använda Fail2Ban?

With Fail2Ban you can protect site on the OS level with iptables firewall. See details here: https://wpcerber.com/how-to-protect-wordpress-with-fail2ban/

Behöver jag använda Fail2Ban för att tillägget ska fungera?

Nej, det behöver du inte. Det är valfritt.

Can I use this plugin on the WP Engine hosting?

ja! WP Cerber Security finns inte på listan över otillåtna tillägg.

Är tillägget kompatibel med Cloudflare?

Ja, läs mer: https://wpcerber.com/cloudflare-and-wordpress-cerber/

Fungerar tillägget på webbplatser med SSL (HTTPS)

Absolut!

Det verkar som om gamla aktivitetsposter inte tas bort från aktivitetsloggen

That means that scheduled tasks are not executed on your site. In other words, WordPress cron is not working the right way.
Try to add the following line to your wp-config.php file:

define( ’ALTERNATE_WP_CRON’, true );

Jag kan inte logga in/jag är utlåst på min webbplats/Hur får man åtkomst (inloggning) till adminpanelen?

Det finns en specialversion av tillägget som heter WP Cerber Reset. Denna version utför bara en uppgift. Den återställer alla WP Cerber-inställningar till deras ursprungliga värden (exklusive åtkomstlistor) och avaktiverar sedan sig själv.

För att få åtkomst till din admintpanel måste du kopiera WP Cerber Reset-mappen till mappen för tillägg. Följ dessa enkla steg.

  1. Ladda ner wp-cerber-reset.zip-arkivet till din dator med denna länk: https://wpcerber.com/downloads/wp-cerber-reset.zip
  2. Packa upp mappen wp-cerber från arkivet.
  3. Upload the wp-cerber folder to the plugins folder of your WordPress using any FTP client or a file manager in your hosting control panel. If you see a question about overwriting files, click Yes.
  4. Logga in på din webbplats som vanligt. Nu är WP Cerber fullständigt inaktiverat.
  5. Installera om tillägget WP Cerber igen. Du måste göra det, för WP Cerber Reset kan inte fungera som ett vanligt tillägg.

Recensioner

Good Tool but poor Support

funix94 20 juni 2022
The plugin helps us to generate security. sometimes it is very sensitive. I find it a serious problem that the support sometimes takes 14 days or longer to respond even though you have purchased a premium license.

Great app

1skovanews 12 juni 2022
Second to none. Everything woks without a hitch

I am in dilemma

yard 10 juni 2022
Malware scan give me many strange and I think false and abuse warnings, is not possible save detailled malware scan log and many usefull settings are only in paid version

Security

mobileshalom 2 juni 2022
So far so good

Pésima atención al cliente.

calamuchitaportatil 2 juni 2022
Jamás responden una consulta.

You Deserve

ammarqayyum786 31 maj 2022
You Deserve Five Star!
Läs alla 588 betyg

Bidragsgivare och utvecklare

”WP Cerber Security, Anti-spam & Malware Scan” är programvara med öppen källkod. Följande personer har bidragit till detta tillägg.

Bidragande personer
  • Gregory

”WP Cerber Security, Anti-spam & Malware Scan” har översatts till 13 språk. Tack till översättarna för deras bidrag.

Översätt ”WP Cerber Security, Anti-spam & Malware Scan” till ditt språk.

Intresserad av programutveckling?

Läs programkoden, kika på SVN-filförvaret eller prenumerera på utvecklarloggen via RSS.

Ändringslogg

9.0

  • New: Different alerts can be sent through different channels. You can select delivering notifications through Pushbullet and email simultaneously, Pushbullet only, or email only. The settings are configured on a per-alert basis in the alert creation form.
  • New: Implemented a new ”Message format” feature and setting. You can reduce the number of links in WP Cerber’s messages or disable them completely to prevent sending sensitive data.
  • New: Implemented separate rate limiting settings for email and Pushbullet notifications.
  • New: Lockout notifications and appropriate threshold can be enabled for Pushbullet and emails separately.
  • New: Email reports and alerts can be sent via a separate SMTP server configured in the WP Cerber settings.
  • New: Implemented masking IP addresses and usernames (logins) in emails and mobile alerts.
  • New: Disabling login language switcher. If enabled, removes language switcher on the standard WordPress login page introduced in WordPress 5.9.
  • Improved: If WP Cerber is unable to load its saved settings from the website database, it uses hard-coded default values.
  • Improved: If you have configured the list of prohibited usernames (logins) and the username of an existing user is among prohibited ones, the user is now shown as BLOCKED on the ”Users” admin page, user edit page, Activity tab, and Live Traffic tab.
  • Improved: When multiple email addresses are specified for notifications, each email will be sent separately. No multiply recipients in a single email are used anymore.
  • Improved: The subjects of alerts now contain corresponding event labels.
  • Improved: The subject of WP Cerber’s emails have been unified. It begins with website name in square brackets plus the ”WP Cerber” string.
  • Improved: All test alerts and messages manually sent from the WP Cerber admin dashboard now contain *** TEST MESSAGE *** in the subject.
  • Improved: Displaying detailed information about PHP generated by phpinfo(). A new link is on the Diagnostic tab in the System Info section.
  • Fixed: An issue with multiple ”IP blocked” in the log if the reason for a lockout is changing.
  • Fixed: An issue with ”Site title” containing apostrophes.

8.9.6

  • New: A new alert creation dialog with a set of new alert settings enables you to create alerts with new limits: an expiration time, the maximum number of alerts allowed to send, and optional rate-limiting. The alert conditions can include the URL of a request now.
  • New: Deleting of WordPress application passwords is logged now.
  • New: Ability to monitor anti-spam, reCAPTCHA, and several other setting-specific events using links on the settings pages.
  • Improved: Meaningful and actionable messages on the log screens if no activity has been found in the logs using a given search filter.
  • Improved: If a WP Cerber feature requires a newer version of WordPress, such a feature will not be shown in the plugin admin interface anymore.
  • Fixed: A fatal PHP error occurs while logging in on a version of WordPress older than 5.5 and a user has more than one active session.
  • Fixed: A fatal PHP error occurs while using the reset password form on a version of WordPress older than 5.4.
  • Fixed: While opening the Tools admin page, a PHP error might occur on some web servers.
  • Fixed: While rendering the Activity tab, depending on the activities logged, the PHP warning can be logged in the server error log.
  • Fixed: When managing WP Cerber on a remote website via Cerber.Hub, the admin page footer incorrectly displays the version of WP Cerber installed on the main website.
  • Fixed: If the Site Title of a website contains some special characters like apostrophes, the subject of email alerts and notifications contains such characters in encoded form.

8.9.5

  • New: A new setting for WP Cerber’s anti-spam engine: ”Disable bot detection engine for IP addresses in the White IP Access List”.
  • New: A new setting for the reCAPTCHA module: ”Disable reCAPTCHA for IP addresses in the White IP Access List”.
  • Improved: Logging all user session terminations including those that occurred when an admin manually terminate user sessions or block users.
  • Improved: If a user session has been terminated by a website admin, the admin’s name is logged and shown in the Activity log.
  • Improved: Logging all user password changes including those made on the edit user admin page, and the WooCommerce edit account page.
  • Improved: Logging application passwords changes.
  • Improved: New status labels in the Activity log: ”reCAPTCHA verified” is shown when a user solves reCAPTCHA successfully
  • Improved: New status labels in the Activity log: ”Logged out everywhere” is shown when a user has completely logged out on all devices and of all locations.
  • Improved: Failed reCAPTCHA verifications are logged with form submission events they are linked to.
  • Improved: A new event is logged: ”Password reset request denied”. With possible statuses ”reCAPTCHA verification failed”, ”User blocked by administrator”, ”Username is prohibited”.
  • Improved: Handling reset of user passwords is improved to support changes in the WordPress core.
  • Fixed: A cookie-related bug that causes a fatal software error if a user has been deleted or their password has been changed in the WordPress dashboard by the website administrator while the user is being logged in.
  • Fixed: A bug with the WordPress lost password (reset password) form that prevents displaying error messages to a user.
  • Fixed: When the limit on the number of allowed concurrent user sessions is set to one, an attempt to log in with the user name and incorrect password terminates the existing session of the user.
  • Read more

8.9.3

  • Improved: The scanner: now checksums generated using manually uploaded ZIP archives have priority over the remote ones.
  • Improved: You can configure exceptions for WP Cerber’s anti-spam by disabling its code on selected WordPress pages.
  • Improved: New diagnostic messages were added for better troubleshooting issues with ZIP archives uploaded in the scanner.
  • Fixed: A vulnerability that affects WP Cerber’s two-factor authentication (2FA) mechanism.
  • Fixed: A bug that prevents uploading ZIP archives on the scan results page if the filename contains multiple dots.
  • Fixed: Fixed admin message ”Error: Sorry, that username is not allowed.” which is wrongly displayed on the user edit page while updating users with prohibited usernames.
  • Fixed: Not detecting malformed REST API requests with a question mark in this format: /wp-json?
  • Read more

8.9

  • Improved: An updated scan statistic and filtering widget. Dynamically displays the most important issues with sorting.
  • Improved: The percentage of completion of a scanner step is shown now.
  • Improved: Sanitizing of malformed filenames in the scanner reports has been improved to avoid possible issues with the layout of the scan results page if malware creates malformed filenames to hinder their detection.
  • Improved: Handling of WordPress locales and versions on websites with multilanguage plugins has been improved.
  • Improved: A missing wp-config-sample.php file is not reported as an issue in the results of the scan anymore.
  • Improved: Handling REGEX patterns for the setting fields ”Restrict email addresses” and ”Prohibited usernames”. Now they support REGEX quantifiers.
  • Improved: You can specify the ”User-Agent” string for requests from the main (master) Cerber.Hub website by defining the PHP constant CERBER_HUB_UA in the wp-config.php file.
  • Improved: Diagnostic logging for network requests to the WP Cerber cloud. To enable logging, define the PHP constant CERBER_CLOUD_DEBUG in the wp-config.php file. Logging covers admin operations on the WP Cerber admin pages only.
  • Improved: Text on the forbidden page is translatable now.
  • Fixed bug: Some long filenames in the scan results break the layout of the scan results page, making it hard to navigate and use.
  • Fixed bug: Unwanted file extensions are not detected if a file is identified as malicious.
  • Fixed bug: If a file is missing, the full filename is not shown in the scan results when clicking the “Show full filenames” icon.
  • Fixed bug: ”PHP Deprecated: Required parameter $function follows optional parameter $pattern in /plugins/wp-cerber/cerber-scanner.php”.
  • Fixed bug: ”PHP Fatal error: Call to undefined function crb_admin_hash_token() in cerber-load.php:1521”.
  • Fixed bug: ”PHP Notice: Undefined property: WP_Error::$ID in cerber-load.php on line 1131”.
  • Read more

8.8.6

  • New: You can specify the ”User-Agent” string for requests from the main (master) Cerber.Hub website by defining the PHP constant CERBER_HUB_UA in the wp-config.php file.
  • New: Diagnostic logging for network requests to the WP Cerber cloud. To enable logging, define the PHP constant CERBER_CLOUD_DEBUG in the wp-config.php file. Logging covers admin operations on the WP Cerber admin pages only.
  • Fixed bug: ”PHP Fatal error: Call to undefined function crb_admin_hash_token() in cerber-load.php:1521”.
  • Fixed bug: ”PHP Notice: Undefined property: WP_Error::$ID in cerber-load.php on line 1131”.

8.8.5

  • New: Quick user activity analytics (user insights) with filtering links on the Activity and Live Traffic log pages. Select a user to see how it works.
  • New: Quick IP address activity and analytics (IP insights) with filtering links on the Activity and Live Traffic log pages. Select an IP address to see how it works.
  • Improved: The selected user profile is displayed when filtering log entries by the user login or using the username search on the Activity log page.
  • Improved: The IP address details and analytics are displayed when filtering log entries by the IP address or using the IP address search on the Activity log page.
  • Improved: Implemented AJAX rendering of the plugin admin pages for faster loading and more convenient navigation through WP Cerber’s admin pages
  • Improved: To load the Users admin page faster, the user table columns generated by WP Cerber are now loaded via AJAX.
  • Improved: Highlighting the selected filtering link in the navigation bar on the Activity and Live Traffic log pages.
  • Improved: You will not see false DB errors on the Diagnostic page anymore.
  • Fixed bug: When scanning, you can come across the software error ”Process has been aborted due to server error. Check the browser console for errors.” and ”Too few arguments” error in the server error log.

8.8.3

  • New: Mimicking the default WordPress user authentication through the wp-login.php to detect slow brute-force attacks.
  • New: Prevent guessing valid usernames and user emails by disabling WordPress hints in the login error message when attempting to log in with non-existing usernames and emails.
  • New: Prevent guessing valid usernames and user emails by disabling WordPress hints in the password reset error message when attempting to reset passwords for non-existing accounts.
  • New: Prevent username discovery via oEmbed and user XML sitemaps.
  • New: User and malicious activity are displayed separately in two different areas on WP Cerber’s main dashboard page.
  • New: More convenient navigation through the WP Cerber admin pages by having the admin menu at the top.
  • New: A new quick link ”Login issues” to view all login issues such as failed logins, denied attempts, attempts to reset passwords, and so forth.
  • Improved: Reduced the number of false positives when the malware scanner inspecting directives with external IP addresses in .htaccess files.
  • Improved: Better 2FA emails: the wording of the verification email has been updated and can be translated. The email subject includes the site name.
  • Improved: The size of the database tables used by the integrity checker and malware scanner has been reduced.
  • Improved: Implemented a strictly secure way of utilizing the unserialize() PHP function known for being used to deliver and run malicious code.
  • Improved: Implemented a backup way of running WP Cerber maintenance tasks if WordPress scheduled tasks are not configured properly.
  • Fixed bug: 2FA PINs are not displayed on the edit user admin pages in the WordPress dashboard.
  • Fixed bug: The ”API request authorization failed” event was logged as ”Login failed”.

8.8

  • New: You get control over the WordPress application passwords and the ability to monitor related events in the log with email and mobile notifications.
  • New: A custom comment URL feature improves the efficiency of spam protection of the WordPress comment form. Available in the professional version of WP Cerber.
  • Improved: Handling user authentication and authorization by WP Cerber’s access control mechanism has been significantly improved and optimized to allow using external user authentication via third-part solutions and connectors.
  • Improved: You can now specify a user message to be displayed if the configured limit to the number of concurrent user sessions has been reached and an attempt to log in is denied.
  • Improved: Traffic log settings and features: ”Log all REST API requests”, ”Log all XML-RPC requests”, ”Save response headers”, and ”Save response cookies”.
  • Improved: For better compatibility with different web server configurations, the anti-spam query whitelist now ignores trailing slashes if a list entry or a requested URI has no GET parameters.
  • Improved: Processing of extended and invalid UTF-8 characters in the Traffic Inspector log has been improved.
  • Improved: Displaying of invalid UTF-8 characters (invalid byte sequences) in the WP Cerber’s logs throughout the admin interface has been improved.
  • Improved: WP Cerber’s dashboard code is updated and now fully jQuery 3 compatible.
  • Fixed: A bug that prevented activating the Cerber.Hub master mode on PHP 8.
  • Fixed: A fatal PHP error occurs while saving some WP Cerber settings when using Cerber.Hub on a remote website with “Standard mode” enabled.
  • Fixed: A bug that generated warning messages in the web server error log: Use of undefined constant LOGGED_IN_COOKIE – assumed ‘LOGGED_IN_COOKIE’
  • Fixed: A bug that blocked theme preview if the anti-spam engine is enabled for all forms on the website.
  • Read more

8.7

  • New: Limiting the number of allowed concurrent user sessions. Depending on settings, WP Cerber will either block new logins or terminate the oldest ones.
  • New: Enforcing two-factor authentication (2FA) if the number of concurrent user sessions is greater than the specified threshold.
  • Improved: The integrity checker and malware scanner now more effectively handle and log I/O errors that might occur during a scan.
  • Improved: The Traffic Inspector firewall now processes files uploaded via nested, grouped, and obfuscated form fields in a more effective way.
  • Improved: WP Cerber got necessary code improvements, and now it is fully compatible with PHP 8.
  • Improved: The default list of allowed REST API namespaces now includes ”wp-site-health”.
  • Improved: Downloadable files generated by WP Cerber are generated with appropriate HTTP Content-Type headers now.
  • Fixed: Misalignment of Cerber’s table footer labels on the ”Users” admin page.
  • Fixed: If the diagnostic log contains invalid Unicode (UTF-8) codes, it is not displayed on the Diagnostic log tab.
  • Read more

8.6.8

  • New: A shortcode to display WP Cerber’s cookies. You can display a list of cookies set by WP Cerber on any page.
  • New: Deferred rendering of the custom login page. This new feature can help you if you need to solve plugin compatibility issues.
  • Improved: The style of the scanner email reports has been improved.
  • Fixed: A bug with displaying the status icon of an IP address on the Activity and Live Traffic admin pages.
  • Fixed: If the name of a commercial plugin contains a special HTML symbol like ampersand, it cannot be uploaded to verify the integrity of the plugin.
  • Read more

8.6.7

  • New: In the professional version of WP Cerber, you can now permit user registrations for IP addresses in the White IP Access List only.
  • New: All URLs in the logs are displayed in a shortened form without the website’s domain. There is no much value having see known things.
  • New: A new label ”IP Whitelisted” with green borders has been introduced. It is displayed in a log row on the Live Traffic if the IP address was in the White IP Access List, but the appropriate setting ”Use White IP Access List” was not enabled at the moment when the event was logged.
  • New: If you now hover the mouse over a red square icon in the Activity or Live Traffic log, you see the reason why the IP address in the row is currently locked out.
  • New: If you now hover the mouse over a green or black square Access List icon in the Activity or Live Traffic log, you see the comment you’ve previously specified for that Access List entry.
  • Improved: All non-REGEX entries in the list of prohibited usernames (logins) are case-insensitive now. This applies to standard Latin-based (ASCII) WordPress usernames only.
  • Improved: The name of a group in the Group column on Cerber.Hub’s website list is a link that takes you to the list of websites in the group.
  • Improved: The launch time of the daily maintenance tasks is now set to the night-time at 02:20. If you need them to get rescheduled, you can manually delete the “cerber_daily” cron task via a plugin or deactivate/activate WP Cerber.
  • Fixed: Configured REST API restrictions have no effect if a WordPress is installed not in the root folder of a website (there is a path in the site URL). Affected versions: 8.6.1 and newer.
  • Fixed: A bug in the logging subsystem: depending on server configuration, submitted form fields are not saved into the DB (if it is enabled in the logging settings).
  • Fixed: A bug with Cerber’s admin CSS styles that were added in the previous version and hid the top pagination links on the ”All posts” and ”All posts” admin pages.
  • Read more

8.6.6

  • New: On the user sessions page, you can now search sessions by a user name, email, and the IP address from which a user has logged in.
  • New: You can specify locations (URL Paths) to exclude requests from logging. They can be either exact matches or regular expressions (REGEX).
  • New: You can exclude requests from logging based on the value of the User-Agent (UA) header.
  • New: A new, minimal logging mode. When it is set, only HTTP requests related to known activities are logged.
  • Improved: The layout of the Live Traffic log has been improved: now all events that are logged during a particular request are shown as an event list sorted in reverse order.
  • Improved: The user sessions page has been optimized for performance and compatibility and now works blazingly fast.
  • Improved: If your website is behind a proxy, IP addresses of user sessions now are detected more precisely.
  • Improved: When you configure the request whitelist in the Traffic Inspector settings, you can now specify rules with or without trailing slash.
  • Improved: A new version of Cloudflare add-on for WP Cerber is available: the performance of the add-on has been optimized.
  • Read more

8.6.5

  • New: File system analytics. It’s generated based on the results of the last full integrity scan.
  • New: Logging user deletions. The user’s display name and roles are temporarily stored until all log entries related to the user are deleted.
  • New: Faster export with a new date format for CSV log export.
  • New: Ability to disable adding the website administrator’s IP address to the White IP Access List upon WP Cerber activation.
  • Improved: Handling the creation of new users by WooCommerce and membership plugins.
  • Improved: Handling user registrations with prohibited emails.
  • Improved: Handling secure Cerber‘s cookies on websites with SSL encryption enabled.
  • Improved: The performance of the integrity checker and malware scanner on huge websites with a large number of files.
  • Fixed: Loading the default plugin settings has no effect. Now it’s fixed and moved from the admin sidebar to the Tools admin page.
  • Read more

8.6.3

  • New: Ability to load IP access list’s entries in the CSV format (bulk load).
  • Update: A new malware scanner setting allows you to permit the scanner to change permissions of folders and files when required.
  • Fixed: The access list IPv4 wildcard ... doesn’t work (has no effect).
  • Fixed: If the anti-spam query whitelist contains more than one entry, they do not work as expected.
  • Fixed: Several settings fields are not properly escaped.
  • Read more

8.6

  • New: An integration with the Cloudflare cloud-based firewall. It’s implemented as a special WP Cerber add-on.
  • Update: The malware scanner has got improvements to the monitoring of new and modified files feature.
  • Update: Additional search fields for the Activity log. They enable you to find a specific request by its Request ID (RID) or/and to search for a string in the request URL.
  • Update: The minimum supported PHP version is 5.6.
  • Read more

8.5.9

  • New: On the Live Traffic log, now you can find requests with software errors if they occurred.
  • Update: The code of WP Cerber has been updated and tested to fully support and be compatible with PHP 7.4.
  • Update: The layout of the list of slave websites on the Cerber.Hub’s main page has been improved to display the list more accurately on narrow and mobile screens.
  • Update: If a slave website has the professional version of WP Cerber, it has a PRO sign in the ”WP Cerber” column. The license expiration date is shown when you hover the mouse over the sign.
  • Fixed: A bug with displaying long file names in the Security Scanner Quarantine that makes unavailable deleting or restoring quarantined files manually.
  • Fixed: A bug that requires installing a valid license key on a Cerber.Hub master website to permit configuring settings on slave websites remotely, which is not intended behavior.
  • Läs mer

8.5.8

  • New: A personal data export and erase features which can be used through the WordPress personal data export and erase tool. This feature helps your organization to be in compliance with data privacy laws such as GDPR in Europe or CCPA in California
  • Update: The performance of the algorithm that handles exporting rows from the Activity log and the Live Traffic log to a CSV file has been improved enabling export larger datasets
  • Update: When you block a user you can add an optional admin note now
  • Fixed: If a user is blocked, it’s not possible to update the user message
  • Fixed: Depending on the logging settings the ”Details” links on the Live Traffic log are not displayed in some rows
  • Läs mer

8.5.6

  • New: Ability to separately set the number of days of keeping log records in the database for authenticated (logged in) website users and non-authenticated (not logged in) visitors.
  • New: You can completely turn off the Citadel mode feature in the Main Settings
  • Update: When you upload a ZIP archive on the integrity scanner page it processes nested ZIP archives now and writes errors to the diagnostic log if it’s enabled
  • Update: The appearance of the Activity log has got small visual improvements
  • Update: If the number of days to keep log records is not set or set to zero, the plugin uses the default setting instead. Previously you can set it to zero and keep log records infinitely.
  • Fixed: The blacklisting buttons on the Activity tab do not work showing ”Incorrect IP address or IP range”.
  • Fixed: PHP Notice: Trying to get property ”ID” of non-object in cerber-load.php on line 1131

8.5.5

  • IP Access Lists now support IPv6 networks, ranges, and wildcards. Add as many IPv6 entries to the access lists as you need. We’ve developed an extraordinarily fast ACL engine to process them.
  • The algorithm of handling consecutive IP address lockouts has been improved: the reason for an existing lockout is updated and its duration is recalculated in real-time now.
  • Traffic inspection algorithms were optimized to reduce false positives and make algorithms more human-friendly.
  • Improved compatibility with WooCommerce: the password reset and login forms are not blocked anymore if a user’s IP gets locked out due to using a non-existing username by mistake, using a prohibited username, or if a user has exceeded the number of allowed login attempts.
  • Improved compatibility with WordPress scheduled cron tasks if a website runs on a server with PHP-FPM (FastCGI Process Manager)
  • Very long URLs on the Live Traffic page are now displayed in full when you click the ”Details” link in a row.
  • The Cerber.Hub multi-site manager: the server column on the slave websites list page now contains a link to quickly filter out websites on the same server.
  • The Cerber.Hub multi-site manager: now it remembers the filtered list of slave websites while you’re switching between them and the master.
  • Fixed: If the Custom login URL is enabled on a subfolder WordPress installation, the user redirection after logout generates the HTTP 404 error page.
  • Fixed: Very long HTTP referrers and request URLs are displayed in a truncated form on the Live Traffic page due to CSS bug.
  • Fixed: If the Data Shield security feature is active, the password reset page on WordPress 5.3 doesn’t work properly showing ”Your password reset link appears to be invalid. Please request a new link below.”
  • Läs mer

8.5.3

  • New: The malware scanner and integrity checker window has got a new filter that enables you to filter out and navigate to specific issues quickly.
  • New: Cerber.Hub: new columns and filters have been added to the list of slave websites. The new columns display server IP addresses, hostnames, and countries where servers are located.
  • Bug fixed: Depending on the number of items in the access lists, the IP address 0.0.0.0 can be erroneously marked as whitelisted or blacklisted.
  • Bug fixed in Cerber.Hub: if a WordPress plugin is installed on several slave websites and the plugin needs to be updated on some of the slave websites, the plugin is shown as needs to be updated on all the slave websites.
  • Read more

8.5

  • New: Data Shield module for advanced protection of user data and vital settings in the website database. Available in the PRO version.
  • Improvement: Compatibility with WooCommerce significantly improved.
  • Update: Strict filtering for the Custom login URL setting.
  • Update: Chinese (Taiwan) translation has been added. Thanks to Sid Lo.
  • Bug fixed: Custom login URL doesn’t work after updating WordPress to 5.2.3.
  • Bug fixed: User Policies tabs are not switchable if a user role was declared with a hyphen instead of the underscore.
  • Bug fixed: A PHP warning while adding a network to the Black IP Access List from the Activity tab.
  • Bug fixed: An anti-spam false positive: some WordPress DB updates can’t be completed.
  • Read more

8.4

  • New: More flexible role-based GEO access policies.
  • New: A logged in users’ sessions manager.
  • Update: Access to users’ data via WordPress REST API is always granted for administrator accounts now
  • Improvement: The custom login page feature has been updated to eliminate possible conflicts with themes and other plugins.
  • Improvement: Improved compatibility with operating systems that natively doesn’t support the PHP GLOB_BRACE constant.

8.3

  • New: Two-Factor Authentication.
  • New: Block registrations with unwanted (banned) email domains.
  • New: Block access to the WordPress Dashboard on a per-role basis.
  • New: Redirect after login/logout on a per-role basis.
  • Update: The Users tab has been renamed to Global and now is under the new User Policies admin menu.
  • Fixed: Switching to the English language in Cerber’s admin interface has no effect.
  • Fixed: Multiple notifications about a new version of the plugin in the WordPress dashboard.
  • Read more

8.2

  • New: Automatic recovery of infected files. When the malware scanner detects changes in the core WordPress files and plugins, it automatically recovers them.
  • New: A set of quick navigation buttons on the Activity page. They allow you to filter out log records quickly.
  • New: A unique Session ID (SID) is displayed on the Forbidden 403 Page now.
  • New: The advanced search on the Live Traffic page has got a set of new fields.
  • New: To make a website comply with GDPR, a cookie prefix can be set.
  • Update: The lockout notification settings are moved to the Notifications tab.
  • Update: The list of files to be scanned in Quick mode now also includes files with these extensions: phtm, phtml, phps, php2, php3, php4, php5, php6, php7.
  • Läs mer

8.1

  • Nytt: Med ett enda klick kan du få en lista över aktiva tillägg och tillgängliga uppdateringar på en slav-webbplats.
  • Nytt: Meddelande om nyare versioner av Cerber och WordPress tillgängligt för att installeras på en slav.
  • New: On a master website, you can select what language to use when a slave admin page is being displayed.
  • Förbättrat: Långa URL:er på Live-trafiksidan är nu förkortade och visas på ett finare sätt.
  • Förbättrat: Avinstallationsprocessen för tillägget har förbättrats och rensar nu upp databasen helt.
  • Förbättrat: Flera översättningar har uppdaterats. Tack till Maxime, Jos Knippen, Fredrik Näslund, Francesco.
  • Fixed: The ”Add to the Black List” button on the Activity log page doesn’t work.
  • Fixed: When the ”All suspicious activity” button is clicked on the Dashboard admin page, the ”Subscribe” link on the Activity page doesn’t work correctly.
  • Fixed: When you open an email report, the link to the list of deleted files during a malware scan doesn’t work as expected.
  • Läs mer

8.0

  • Nytt: Hantera flera WP Cerber-instanser från en adminpanel.
  • Nytt: En ny massåtgärd för att blockera flera WordPress-användare i taget.
  • Förbättrat: Utförandet av exportfunktionen har förbättrats avsevärt.
  • Förbättrat: Flera kodoptimeringar förbättrar övergripande tilläggsprestanda.

7.9.7

  • New: Authorized users only mode.
  • Nytt: En möjlighet att blockera ett användarkonto.
  • Nytt: Rollbaserad åtkomst till WordPress REST API.
  • Uppdaterat: Lagt till möjlighet att söka och filtrera en användare på aktivitetssidan.
  • Uppdaterat: En ny, separat inställning för att förhindra uppräkning av användare via WordPress REST API.
  • Uppdaterat: En ny sektion för ändrinslogg på verktygssidan.
  • Update: Improved handling scheduled maintenance tasks on a multi-site WordPress installation.
  • Åtgärdat: Flera HTML-markeringsfel på tilläggets administratörssidor.
  • Read more

7.9.3

  • New: New settings for the Traffic Inspector firewall allow you to fine-tune its behavior. You can enable less or more restrictive firewall rules.
  • Uppdaterat: Felsökning av möjliga problem med schemalagda underhållsuppgifter har förbättrats.
  • Update: To make troubleshooting easier the plugin logs not only a lockout event but also logs and displays the reason for the lockout.
  • Uppdaterat: Kompatibiliteten med ManageWP och Gravity Forms har förbättrats.
  • Uppdaterat: Layouten på aktivitets- och Live-trafiksidor har förbättrats.
  • Bug fixed: The malware scanner wrongly prevents PHP files with few specific names in one particular location from being deleted after a manual scan or during the automatic malware removal.
  • Fel åtgärdat: Antalet e-postaviseringar kunde vara felaktigt begränsat till ett e-post per timme.
  • Läs mer

7.9

  • New: The plugin monitors suspicious requests that cause 4xx and 5xx HTTP errors and blocks IP addresses that aggressively generate such requests.
  • New: A set of WordPress navigation menu links. Login, logout, and register menu items can be automatically generated and shown in any WordPress menu or a widget.
  • New: Software error logging. A handy feature that logs PHP errors and shows them on Live Traffic page.
  • New: A new export feature for Traffic Inspector. It allows exporting all log entries or a filtered set from the log of HTTP requests.
  • Update: Multiple improvements to Traffic Inspector firewall algorithms. In short, the detection of obfuscated malicious SQL queries and injections has been improved.
  • Uppdaterat: Förbättrat hanteringen av felaktiga förfrågningar till wp-cron.php.
  • Åtgärdat: Antalet e-postaviseringar per timme kunde överstiga den inställda gränsen.
  • Läs mer

7.8.5

  • New: A new set of heuristics algorithms for detecting obfuscated malicious JavaScript code.
  • New: A new file filter on the Quarantine page lets to filter out quarantined files by the date of the scan.
  • New: The performance of the malware scanner has been improved. Now the scanner deletes all files in the website session and temporary folders permanently before the scan.
  • Update: If the plugin is unable to detect the remote IP address, it uses 0.0.0.0 as an IP.
  • Update: The anti-spam engine will never block the localhost IP
  • Update: Performance improvements for database queries related to the process of user authentication.
  • Update: Improved handling the plugin settings in a buggy or misconfigured hosting environment that could cause the plugin to reset settings to their default values.
  • Uppdaterat: Översättningar har uppdaterats. Tack till Francesco, Jos Knippen, Fredrik Näslund, Slobodan Ljubic och MARCELHAP.
  • Fix: Fixed an issue with saving settings on the Hardening tab: ”Unable to get access to the file…”
  • Läs mer

7.8

  • New: An ignore list for the malware scanner.
  • Nytt: Inaktiverat körning av PHP-skript i WordPress-mediemappen hjälper till att förhindra att brottslingar utnyttjar säkerhetsbrister.
  • Nytt: Inaktiverar PHP-fel att visas som en inställning är användbart för felkonfigurerade servrar.
  • New: English for the plugin admin interface. Enable it if you prefer to have untranslated, original admin interface.
  • New: Diagnostic logging for the malware scanner. Specify a particular location of the log file by using the CERBER_DIAG_DIR constant.
  • Update: The performance of malware scanning on a slow web server with thousands of issues and tens of thousands of files has been improved.
  • Uppdaterat: PHP 5.3 stöds inte längre. Tillägget kan endast aktiveras och köras på PHP 5.4 och högre.
  • Fix: If a malicious file is detected on a slow shared hosting, the file can be shown twice in the results of the scan.
  • Fix: A possible issue with the short PHP syntax on old PHP versions in /wp-content/plugins/wp-cerber/common.php on line 1970
  • Läs mer

7.7

  • New: Automatic cleanup of malware and suspicious files. This powerful feature is available in the PRO version and automatically deletes trojans, viruses, backdoors, and other malware. Cerber Security Professional scans the website on an hourly basis and removes malware immediately.
  • Update: Algorithms of the malware scanner have been improved to detect obfuscated malware code more precisely for all types of files.
  • Update: Email reports for scheduled malware scans have been extended with useful performance numbers and a list of automatically deleted malicious files if you’ve enabled automatic malware removal and some files have been deleted.
  • Fix: A possible issue with uploading large JSON and CSV files. When Traffic Inspector scans uploaded files for malware payload, some JSON and CSV files might be erroneously identified as containing a malicious payload.
  • Fix: A possible Divi theme forms incompatibility. If you use the Divi theme (by Elegant Themes), you can come across a problem with submitting some forms.
  • Läs mer

7.6

  • Nytt: Karantänen har fått en separat administratörssida i WordPress-adminpanelen som tillåter visning av borttagna filer, återställning eller borttagning av dem.
  • New: Now the malware scanner and integrity checker supports multisite WordPress installations.
  • Fix: Once an address IP has been locked out after reaching the limit to the number of attempts to log in the ”We’re sorry, you are not allowed to proceed” forbidden page is being displayed instead of the normal user message ”You have exceeded the number of allowed login attempts”.
  • Fix: PHP Notice: Only variables should be passed by reference in cerber-load.php on line 5377
  • Läs mer

7.5

  • Nytt: Brandväggalgoritmer har förbättrats och inspekterar nu innehållet i alla filer som försöker att laddas upp på en webbplats.
  • New: The traffic logger can save headers, cookies and the $_SERVER variable for every HTTP request.
  • New: The scanner now scans installed plugins for known vulnerabilities. If you have enabled scheduled automatic scans you will be notified in a email report.
  • Update: A set of new malware signatures amd patterns have been added to detect malware submitted through a contact form as well as any HTTP request fields.
  • Update: Now the plugin inspects user sign ups (user registrations) on multisite WordPress installations and BuddyPress.
  • Uppdaterat: Sökningen efter användaraktivitet, samt aktivering av aktivitetsaviseringar är förbättrade.
  • Läs mer

7.2

  • Nytt: Övervakning av nya och ändrade filer.
  • Nytt: Upptäcka skadliga omdirigeringar och direktiv i .htaccess-filer.
  • Nytt: Automatiska tim och dagliga schemalagda skanningar med flexibla e-postrapporter.
  • Uppdaterat: Lagt till ett skydd mot att logga fel tidstämplar på vissa inte korrekt konfigurerade webbservrar.
  • Åtgärdat: Oväntade varningsmeddelanden i WordPress adminpanel.
  • Fix: Some file status links on the scanner results page may not work.

7.0

  • Cerber Security Scanner: integrity checker, malware detector and malware removal tool.
  • Nytt: En ny inställning för trafikinspektion: Använd vit IP-åtkomstlista.
  • Uppdaterat: omdirigeringen från /wp-admin/ till inloggningssidan blockeras inte för en användare som har loggat in tidigare.
  • Fel åtgärdat: gränsen för antalet nya användarregistreringar beräknas på det sätt som tillåter en ytterligare registrering inom en viss tidsperiod.
  • Läs mer

Meta

  • Version: 9.0
  • Senast uppdaterat: 2 månader sedan
  • Aktiva installationer: 200 000+
  • WordPress-version: 4.9 eller senare
  • Testat upp till: 6.0
  • PHP-version: 7.0 eller senare
  • Språk:

    English (UK), English (US), French (France), German (Switzerland), Japanese, Polish, Russian, Spanish (Colombia), Spanish (Ecuador), Spanish (Mexico), Spanish (Spain), Spanish (Venezuela), Swedish och Ukrainian.

    Översätt till ditt språk

  • Taggar:
    antispamfirewalllimit login attemptsmalware scannersecurity
  • Avancerad vy

Betyg

Se alla
  • 5 stjärnor 553
  • 4 stjärnor 6
  • 3 stjärnor 9
  • 2 stjärnor 6
  • 1 stjärna 14
Logga in för att skicka in en recension.

Bidragande personer

  • Gregory

Support

Antal lösta problem under de senaste två månaderna:

21 av 46

Visa supportforum

Donera

Skulle du vilja bidra till utvecklingen av detta tillägg?

Donera till det här tillägget

  • Om
  • Nyheter
  • Webbhotell (hosting)
  • Donera
  • Support
  • Utvecklare
  • Engagera dig
  • Lär dig
  • Showcase
  • Tillägg
  • Teman
  • Mönster
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Integritet
  • Offentlig kod
WordPress.org
WordPress.org

Svenska

  • Besök vår Facebook-sida
  • Besök vårt Twitter-konto
Kod är poesi.