Cerber Security, Antispam & Malware Scan
Defends WordPress against hacker attacks, spam, trojans and malware.
Mitigates brute force attacks by limiting the number of login attempts through the login form, XML-RPC / REST API requests or using auth cookies.
Tracks user and intruder activity with powerful email, mobile and desktop notifications.
Stops spam: activates a specialized Cerber anti-spam engine and Google reCAPTCHA to protect registration, contact and comments forms.
Advanced malware scanner, integrity checker and file monitor.
Hardening WordPress with a set of flexible security rules and sophisticated security algorithms.
Restricts access with the Black IP Access List and the White IP Access List.
Features you will love
Limit login attempts when logging in by IP address or entire subnet.
Monitors logins made by login forms, XML-RPC requests or auth cookies.
Permit or restrict access by White IP Access list and Black IP Access List with a single IP, IP range or subnet.
Create Custom login URL (rename wp-login.php).
Cerber anti-spam engine for protecting contact and registration forms.
Automatically detects and moves spam comments to trash or denies them completely.
Manage multiple WP Cerber instances from one dashboard.
Logs users, bots, hacker and other suspicious activities.
Security scanner verifies the integrity of WordPress files, plugins and themes.
Monitors file changes and new files with email notifications and reports.
Mobile and email notifications with a set of flexible filters.
Protects wp-login.php, wp-signup.php and wp-register.php from attacks.
Hides wp-admin (dashboard) if a visitor isn’t logged in.
Immediately blocks an intruder IP when attempting to log in with non-existent or prohibited username.
Restrict user registration or login with a username matching REGEX patterns.
Restrict access to WP REST API with your own role-based security rules.
Disable WordPress REST API completely.
Disable XML-RPC (block access to XML-RPC including Pingbacks and Trackbacks).
Disable feeds (block access to the RSS, Atom and RDF feeds).
Restrict access to XML-RPC, REST API and feeds by White IP Access list by an IP address or an IP range.
Authorized users only mode
Block a user account.
Disable automatic redirection to the hidden login page.
Stop user enumeration (blocks access to author pages and prevents user data leaks via REST API).
Proactively blocks IP subnet class C for intruder’s IP.
Anti-spam: reCAPTCHA to protect WordPress login, register and comment forms.
reCAPTCHA for WooCommerce & WordPress forms.
Invisible reCAPTCHA for WordPress comments forms.
A special Citadel mode for massive brute force attacks.
Play nice with fail2ban: write failed attempts to the syslog or a custom log file.
Filter out and inspect activities by IP address, user, username or a particular activity.
Filter out activities and export them to a CSV file.
Reporting: get weekly reports to specified email addresses.
Limit login attempts works on a site/server behind a reverse proxy.
Be notified via mobile push notifications.
Trigger and action for the jetFlow.io automation plugin.
Protection against (DoS) attacks (CVE-2018-6389).
Limit login attempts done right
Великолепный плагин, помог избавиться от назойливой попытки взломать сайт, постоянный мониторинг трафика с указанием IP.. Ежедневно пресекаются до сотни попыток взломать админку или сайт..