WP Cerber Security Pro v8.9.6 – WordPress Antispam & Malware Scan

最后更新于:2022-03-28 13:20:53

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

WP Cerber Security Pro is protected WordPress from hacker assaults, spam, trojans, and malware. Limits the amount of login attempts using the login form, XML-RPC / REST API calls, or utilizing auth cookies, which mitigates brute-force attacks. Tracks user and bad actor behavior with customizable email, mobile, and desktop notifications. Spammers are stopped using a specific anti-spam engine. Google reCAPTCHA is used to safeguard the registration, contact, and comment forms. IP Access Lists are used to restrict access. An powerful malware scanner and integrity checker is used to monitor the website’s integrity. WordPress’s security is reinforced by a set of customizable security rules and advanced security algorithms.

Demo: https://wpcerber.com/

Features: WP Cerber Security Pro – WordPress Antispam & Malware Scan

  • When logging in by IP address or full subnet, limit the number of login attempts.
  • Logins made via login forms, XML-RPC calls, or auth cookies are tracked.
  • Allow or deny access using IP Access Lists using a single IP, IP range, or subnet.
  • Create a unique login URL (rename wp-login.php).
  • Cerber’s anti-spam engine safeguards contact and registration forms.
  • Automatically identifies spam comments and either transfers them to the trash or rejects them entirely.
  • From a single dashboard, you can manage many WP Cerber instances.
  • WordPress Two-Factor Authentication.
  • Users, bots, hackers, and other questionable activity are all recorded.
  • WordPress security scanner checks the integrity of files, plugins, and themes.
  • With email notifications and reports, it keeps track of file modifications and new files.
  • With a set of customizable filters, you may get mobile and email notifications.
  • Sessions manager for advanced users
  • Security for wp-login.php, wp-signup.php, and wp-register.php.
  • If a visitor is not logged in, the wp-admin (dashboard) is hidden.
  • When an intruder IP tries to log in with a non-existent or forbidden username, it is immediately blocked.
  • Restriction user registration or login to usernames that match REGEX patterns.
  • Use your own role-based security policies to restrict access to the WP REST API.
  • Completely disable access to the WordPress REST API.
  • Access to XML-RPC is restricted (block access to XML-RPC including Pingbacks and Trackbacks).
  • Feeds should be disabled (block access to the RSS, Atom and RDF feeds).
  • White IP Access lists can be used to restrict access to XML-RPC, REST API, and feeds by an IP address or an IP range.
  • Mode for only authorized users
  • A user account can be blocked.
  • Turn off the automatic redirection to the hidden login page.
  • Stop enumerating users (blocks access to author pages and prevents user data leaks via REST API).
  • Blocks IP subnet class C in advance.
  • Anti-spam: reCAPTCHA is used to defend the WordPress login, registration, and comment forms.
  • WooCommerce and WordPress forms with reCAPTCHA.
  • For WordPress comment forms, an invisible reCAPTCHA is used.
  • A Citadel mode designed for large brute force strikes.
  • Play nice with fail2ban by logging unsuccessful attempts to syslog or a custom log file.
  • Filter and check actions based on IP address, user, username, or specific activity.
  • Filter activities and save them as a CSV file.
  • Reporting: Receive weekly reports by email at the addresses you provide.
  • Limit login attempts works on a site/server that is protected by a reverse proxy.
  • Be alerted by push notifications on your mobile device.
  • The jetFlow.io automation plugin’s trigger and action.
  • Defending against denial-of-service (DoS) attacks (CVE-2018-6389).

变更日志: WP Cerber Security Pro – WordPress Antispam & Malware Scan

= v8.9.6 =
* New: A new [alert creation dialog with a set of new alert settings](https://wpcerber.com/wordpress-notifications-made-easy/) enables you to create alerts with new limits: an expiration time, the maximum number of alerts allowed to send, and optional rate-limiting. The alert conditions can include the URL of a request now.
* New: Deleting of [WordPress application passwords](https://wpcerber.com/wordpress-application-passwords-how-to/) is logged now.
* New: Ability to monitor [anti-spam](https://wpcerber.com/antispam-for-wordpress-contact-forms/), reCAPTCHA, and several other setting-specific events using links on the settings pages.
* Improved: Meaningful and actionable messages on the log screens if no activity has been found in the logs using a given search filter.
* Improved: If a WP Cerber feature requires a newer version of WordPress, such a feature will not be shown in the plugin admin interface anymore.
* Fixed: A fatal PHP error occurs while logging in on a version of WordPress older than 5.5 and a user has more than one active session.
* Fixed: A fatal PHP error occurs while using the reset password form on a version of WordPress older than 5.4.
* Fixed: While opening the Tools admin page, a PHP error might occur on some web servers.
* Fixed: While rendering the Activity tab, depending on the activities logged, the PHP warning can be logged in the server error log.
* Fixed: When [managing WP Cerber on a remote website via Cerber.Hub](https://wpcerber.com/manage-multiple-websites/), the admin page footer incorrectly displays the version of WP Cerber installed on the main website.
* Fixed: If the Site Title of a website contains some special characters like apostrophes, the subject of [email alerts and notifications](https://wpcerber.com/wordpress-notifications-made-easy/) contains such characters in encoded form.

= v8.9.5 =
* New: A new setting for [WP Cerber's anti-spam engine](https://wpcerber.com/antispam-for-wordpress-contact-forms/): "Disable bot detection engine for IP addresses in the White IP Access List".
* New: A new setting for [the reCAPTCHA module](https://wpcerber.com/how-to-setup-recaptcha/): "Disable reCAPTCHA for IP addresses in the White IP Access List".
* Improved: Logging all user session terminations including those that occurred when an admin manually terminate user sessions or [block users](https://wpcerber.com/how-to-block-wordpress-user/).
* Improved: If a user session has been terminated by a website admin, the admin’s name is logged and shown in the Activity log.
* Improved: Logging all user password changes including those made on the edit user admin page, and the WooCommerce edit account page.
* Improved: Logging [application passwords](https://wpcerber.com/wordpress-application-passwords-how-to/) changes.
* Improved: New status labels in the Activity log: "reCAPTCHA verified" is shown when a user solves reCAPTCHA successfully
* Improved: New status labels in the Activity log: "Logged out everywhere" is shown when a user has completely logged out on all devices and of all locations.
* Improved: Failed reCAPTCHA verifications are logged with form submission events they are linked to.
* Improved: A new event is logged: "Password reset request denied". With possible statuses "reCAPTCHA verification failed", "User blocked by administrator", "Username is prohibited".
* Improved: Handling reset of user passwords is improved to support changes in the WordPress core.
* Fixed: A cookie-related bug that causes a fatal software error if a user has been deleted or their password has been changed in the WordPress dashboard by the website administrator while the user is being logged in.
* Fixed: A bug with the WordPress lost password (reset password) form that prevents displaying error messages to a user.
* Fixed: When the [limit on the number of allowed concurrent user sessions](https://wpcerber.com/limiting-concurrent-user-sessions-in-wordpress/) is set to one, an attempt to log in with the user name and incorrect password terminates the existing session of the user.

= v8.9.3 =
Improved: The scanner: now checksums generated using manually uploaded ZIP archives have priority over the remote ones.
Improved: You can configure exceptions for WP Cerber's anti-spam by disabling its code on selected WordPress pages.
Improved: New diagnostic messages were added for better troubleshooting issues with ZIP archives uploaded in the scanner.
Fixed: A vulnerability that affects WP Cerber's two-factor authentication (2FA) mechanism.
Fixed: A bug that prevents uploading ZIP archives on the scan results page if the filename contains multiple dots.
Fixed: Fixed admin message "Error: Sorry, that username is not allowed." which is wrongly displayed on the user edit page while updating users with prohibited usernames.
Fixed: Not detecting malformed REST API requests with a question mark in this format: /wp-json?

v8.6.5
* New: File system analytics. It's generated based on the results of the last full integrity scan.
* New: Logging user deletions. The user’s display name and roles are temporarily stored until all log entries related to the user are deleted.
* New: Faster export with a new date format for CSV log export.
* New: Ability to disable adding the website administrator's IP address to the White IP Access List upon WP Cerber activation.
* Improved: Handling the creation of new users by WooCommerce and membership plugins.
* Improved: Handling user registrations with prohibited emails.
* Improved: Handling secure Cerber‘s cookies on websites with SSL encryption enabled.
* Improved: The performance of the integrity checker and malware scanner on huge websites with a large number of files.
* Fixed: Loading the default plugin settings has no effect. Now it’s fixed and moved from the admin sidebar to the Tools admin page.
* [Read more](https://wpcerber.com/wp-cerber-security-8-6-5/)

⭐Similar Suggestion: Wordfence Security Premium – WordPress Security Plugin

下载 WP Cerber Security Pro v8.9.6 Nulled – WordPress Antispam & Malware Scan

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。