WP Cerber Security 9.5

When it comes to WordPress security, there is nothing more important than having a security vendor that continuously updates its solutions. We continue developing new features, improving WP Cerber algorithms, and fixing bugs. Get the next version of the professionally developed security plugin.

Enable automatic updates or install WP Cerber if you do not have it on your website.

Be informed whenever your plugins have updates

Be informed about plugin updates by getting a detailed email notification whenever a new version of a plugin is available. To activate notifications, go to the WP Cerber notification settings and enable it. This type of notification doesn’t require a connection to any cloud servers. All data is processed locally on your website with no relation to the integrity scan. You need to enable it in the settings.

Notifications contain information about installed and new versions of plugins, compatibility with installed WordPress, and minimum required versions of PHP and WordPress. WP Cerber will warn you if a plugin is incompatible with your WordPress or PHP. By default, notifications will be sent to the website administrator email address configured in the general WordPress setting.

The professional version of WP Cerber brings you additional features and enables you to configure advanced parameters and use SMTP. You can specify separate email addresses for plugin update notifications. If you consider installed versions and URLs as sensitive data, you can remove them from emails by selecting a brief format of notifications. You can configure the update checks with a desired interval.

WordPress plugin update notifications by WP Cerber

Keeping your plugins updated is important for the security of your WordPress. Use these notifications along with the automatic WP Cerber malware scanner and integrity checker. To keep your WP Cerber up to date, enable automatic updates for WP Cerber.

Grant access to users’ data via REST API for selected user roles

An additional option for granting access to users’ data via WordPress REST API for selected user roles. By default, WP Cerber blocks access to users’ data to prevent user enumeration. If you need users with a specific role to have access to users’ data, add the role to the list. Note that all website administrators and super administrators on a multisite WordPress installation have access to all users’ data.

Additional option for sending activity alerts

WP Cerber’s activity alerts can be sent to an email address you have on your WordPress account. You do not need to worry about changing the email. If you have updated the email address, you will keep getting alerts on a new one.

Email alerts and mobile notifications for WordPress plugin

Other improvements

  • WP Cerber permanently stores users’ last login data (IP address, time, user’s country) for all users. The data is erased when the user’s personal data is erased by the website admin. See more:
  • To prevent having insecure plugin configuration, WP Cerber validates required HTTP headers before enabling the behind a proxy mode in the WP Cerber settings. By default, WP Cerber does not extract IP addresses from HTTP headers. You can easily make sure WP Cerber correctly detects IP addresses by using this instruction:

Minor changes

  • Detecting remote client IP addresses if the website is behind a proxy server has been improved.
  • Wording of new version notifications and emails has been improved.
  • The leading “Hi!” has been removed from the new version notification emails.

Fixed bugs

  • A specially formatted request can bypass the disabled redirection from a /wp-admin/ locations to the custom login page.
  • The integrity scanner labels a file as “File is missing” if a folder containing the file is on the “Directories to exclude” list. The bug affects valid WordPress files, files of plugins and themes with valid checksums.
  • After clicking “Apply” and saving the “Screen Options” on the Cerber.Hub page, a blank page is displayed. This issue is caused by a bug (shortcut?) in a WordPress redirection function that relies on the optional Referer header sent by the user browser. If a browser strips request parameters from the Referer header or does not send the header at all, no proper redirection occurs and the blank page is displayed.

Wonder what WP Cerber got in the previous version?

Review the release note for WP Cerber Security 9.4.

How to install WP Cerber on your WordPress

Enable automatic updates or install WP Cerber if you do not have it on your website.

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered here: G2.COM/WPCerber.

I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.

View Comments