Website Security Software Resources

Glossary Terms, Discussions, and Reports to expand your knowledge on Website Security Software

Resource pages are designed to give you a cross-section of information we have on specific categories. You'll find feature definitions, discussions from users like you, and reports from industry data.

Contents

Website Security Software Glossary Terms

Cybersecurity

Cybersecurity refers to actions taken to combat threats against networked systems, devices, and applications. Learn more about the different kinds.

by Sagar Joshi

Explore our
Technology Glossary

Browse through dozens of terms to better understand the products you purchase and use everyday.

Find new features

Website Security Software Discussions

Question on: Cerber Security, Antispam & Malware Scan

Question about Bot Blocking Process

I work with a couple non-profit websites that use WPJobBoard, and we have WP Cerber Security installed on both. Last week we had a spam bot try to register for an account, but WP Cerber stopped it. What is odd, is that instead of being totally blocked, the bot was able to create an employer profile under my admin account. Here is the server log (EDT time zone) entry that coincides with the blocking of the bot... 82.102.27.92 - - [07/Apr/2021:17:31:23 -0400] "POST /employer-panel/employer-registration/ HTTP/1.0" 200 17465 "https://www.FakeDomain.org/employer-panel/employer-registration/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4099.2 Safari/537.36" 0 0 "on:TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256" 2892 2190020 192.252.144.33 www.FakeDomain.org redirect-handler - 82.102.27.92 And here is a screen shot from WP Cerber for that IP at this time (MST time zone): https://d.pr/i/ergooH Is it possible that the bot was able to create an Employer Profile, but not fully register because of WP Cerber. And could WP Cerber have caused the employer profile to be assigned to the first user ID (which is mine as the administrator)? Any thoughts would on this would be appreciated.

Show Less

It's possible if a plugin developer does not abide by the WordPress coding standards and plugin development guides. Typically it is caused by a lack of experience and knowledge. Most likely the user was created by running a direct SQL insert query against the website database to directly add the new user row to the WordPress user table. Since the standard program flow of creating new WordPress users was broken, it was not completely blocked by WP Cerber. To protect against such cases you can use the professional version of WP Cerber. It maintains a separate user table.

Show Less

Answered: Gregory Markov on April 20, 2021

Your answer

Question on: Cerber Security, Antispam & Malware Scan

Access to /WP-Content and sub folders ?

We use the Pro version of WP Cerber and I have it configured as recommended. I assume this prevents write access by unauthorised people to the /WP-Content folder and sub folders ?. I do however see evidence of questionable/suspicious access to the subfolders : /Themes, /Uploads and /Plugins. I have read that it is possible to basically steal valuable site IP by exporting the content of these folders. I believe that the contents of these folders can be read by anyone ? I have also seen that there are Plugins available to rename /WP-Content. What are the implications of doing this ? What features would be impacted ? Would "good" bots and crawlers be adversely effected ? We use Bigscoots (nginx) fronted by Cloudflare. I can write a firewall rule to block access to these folders (whitelist IPs allowed) in Cloudflare, but is this desirable or wise ? Appreciate thoughts on this !

Show Less

Not exactly. It blocks malicious requests that may alter the website files in an unauthorized way. WP Cerber also scans the website for malware and altered files. Anyone can read all WordPress folders and files on your website. They also can be modified with ease if a hacker finds a vulnerability. This is the nature of WordPress. In part, it's why WordPress became so popular. With WordPress, an average website owner does not need to know how to configure permissions on the website since WordPress does not handle anything related to permissions. Everything you need to do is unpack the archive and run the "famous 5-minute installation" script. That's it. And that's partly why millions of websites were or will be hacked. Yes, you can, and we recommend renaming the wp-content folder. Only outdated plugins can be affected. Know more: https://www.hongkiat.com/blog/renaming-wordpress-wp-content-folder/ I wouldn't recommend using Cloudflare to block access to those folders. Some plugins will not work correctly.

Show Less

Answered: Gregory Markov on April 20, 2021

Thanks for your reply. It clarifies a few things and also I have been reading up on the subject on other blogs. I assume your comment about a hacker modifying files means they have to login with administrative access ?. I feel with WP Cerber and Cloudflare rules, we have that fairly securely locked down. I do use WP Cerber scans on a daily basis to check for file changes. I did temporarily put in a FW rule to block access to the Plugins folder. I was amazed at the thousands of hits being blocked. I've read elsewhere that BOTs scan these folders looking for things to exploit. I also now realise that most of this activity is taking place in Cloudflare cache and not hitting our server. Also I believe our hosting company is caching this content as well as I cleared Cloudflare cache but did not see any reload from our server. WP Cerber Traffic Inspector is the tool I used most on a daily basis. Thanks for the link. I will look into renaming the folder.

Show Less

Answered: Keith Collings on April 29, 2021

See more answers (1)

Your answer

Question on: Cerber Security, Antispam & Malware Scan

About scan database

Hello. A question. Does WP Cerber Security plugin scan database for vulnerabilities?