Managing multiple WordPress installations on a server has long been a challenging task for administrators. Each installation comes with its own set of themes, plugins, and potential security vulnerabilities, making it difficult to keep everything up-to-date and secure. This is especially problematic in shared hosting environments where individual users may be unaware of or unconcerned with security implications, exacerbating the overall risk.

We have recently improved the CMS management interface with a special focus on WordPress, the most popular CMS, making it more streamlined, efficient, and secure than ever before to manage WordPress installations on your server.

Centralized Control Over WordPress Installations

The improved CMS Management feature in cPGuard now provides a centralized interface that lists all the WordPress installations on your server. No more hunting down individual WordPress installations of each user. Now, you can manage everything from a single, intuitive interface.

Key Features:

• Comprehensive Overview: Get a clear picture of all your WordPress installations, including their location, domain, version, details of installed plugins and theme and more.
• Vulnerability Alerts: Stay informed about reported CVEs for the installed version of WordPress core, themes, and plugins.
• Update Status: See which WordPress installations, themes, and plugins require updates and manually update them.
• Automated Updates: Force automatic updates for WordPress installations that meet set criteria, such as CVE score and days since an update was released.

Version Management and Updates

Stay on top of updates for your WordPress core, themes, and plugins. Our system provides clear notifications for available updates, ensuring you’re always aware of potential improvements and security patches. The dashboard provides real-time information on:

• Available Updates: Quickly see if there’s a newer version of WordPress available for each installation. Staying updated ensures you have the latest security patches and features.
• Plugin and Theme updates: View all installed plugins and themes, their current versions, and whether updates are available.
• Performing updates: We offer convenient options for manually updating your WordPress core, themes, and plugins, or you can set up automatic updates to ensure your website is always protected.

Shared server administrators can use this report to notify or force end users to update their vulnerable WordPress installations and prevent their accounts from being attacked or compromising the server. These features make it easy to monitor the security status of your WordPress sites and ensure they are always running the safest and most stable versions. 

Vulnerability Alerts

Notifications for Shared Hosting Users

In shared hosting environments, managing the security of multiple WordPress installations can be challenging. To streamline this process, When updates or vulnerabilities are detected for any WordPress installation on your server, we send automated email alerts directly to the shared account users. This ensures that your customers are informed about potential security risks and can take appropriate action promptly. 

This eliminates the need for server administrators to manually find WordPress installations and notify users individually. Instead, users receive timely (customisable) alerts directly in their inbox, prompting them to update their WordPress core, themes, and plugins, or take action if vulnerabilities are detected. This automated notification system enhances the overall security of the server, keeping both the administrators and users informed and reducing the risk of outdated or vulnerable installations.

Automated forced updates

For administrators who prefer a more automated approach, cPGuard’s WordPress Management feature includes an Auto-Update option. This powerful tool allows you to set criteria for automatically updating WordPress installations that meet set criteria like:

These custom settings help shared server administrators to intervene and automatically force update a WordPress installation if the end-user does not promptly update the sites on their own. With these automation options, you can ensure your WordPress sites are always up-to-date without constant manual intervention, giving you peace of mind that your sites are secure.

Why This Feature Matters

WordPress powers over 40% of the web, making it a prime target for hackers and cyber threats. Keeping WordPress installations and their associated plugins and themes up-to-date is critical for maintaining security and performance. cPGuard’s new WordPress Management feature takes the hassle out of this process, offering a comprehensive, easy-to-use toolset that simplifies the management of multiple WordPress sites.

By providing a centralized dashboard, real-time updates, vulnerability alerts, and automation options, cPGuard empowers you to maintain a secure and up-to-date WordPress environment with minimal effort. This new feature is a must-have for any server administrator looking to protect their WordPress sites from the ever-evolving landscape of online threats.

In our ongoing commitment to protect your websites from unwanted traffic, we’ve recently introduced new ruleset in the Web Application Firewall (WAF) configuration named “Bad Crawler Protection.” This update replaces the legacy “RBL Protection” rules set. We’ve phased out the “RBL Protection” due to client complaints about its tendency to produce false positives and the complexities involved in debugging issues it caused.

Why We Replaced RBL Protection

While effective in some scenarios, the “RBL Protection” rules proved problematic for many of our clients. False positives were a common issue, which led to legitimate users being blocked from accessing sites. Furthermore, when issues arose, the process of understanding and debugging these problems was cumbersome and time-consuming.

Introducing Bad Crawler Protection

The new “Bad Crawler Protection” rules set aims to address these issues by focusing on blocking hits from automated bots and bad crawlers. This list is dynamically updated based on evidence and access logs that we receive. Users also have the flexibility to add exceptions to the blocked list by whitelisting specific rule IDs within the WAF settings.

Blocking AI Bots

A significant enhancement in the “Bad Crawler Protection” rules set is its ability to block AI bots. This move aims to reduce unwanted traffic and preserve your website’s resources. Currently, we block the following AI bots:

• mj12bot
• blexbot
  claudebot
• bytespider
• gptbot
• imagesiftbot
• ccbot
• chatgpt

Future Updates and Enhancements

We will continue to analyze access logs and add more bots to this list in future updates. This ensures that your website remains protected from new and evolving threats with just a single click.

Commitment to Website Security

Our dedication to enhancing website security and stopping bad traffic is unwavering. You can expect more related features and enhancements to be added to cPGuard in the future. Stay tuned for updates and ensure your websites are protected from malicious bots and crawlers.

In our ongoing commitment to enhance website security, we have explored various options to monitor and patch vulnerabilities in WordPress and its components. Given that WordPress holds a significant share of compromised websites, particularly in shared hosting environments, it is crucial to prioritize its security. Throughout this journey, we’ve implemented numerous explicit rules in our scanner engine and introduced measures such as detecting outdated installations, sending related notifications to end-users, identifying suspicious processes, and verifying WordPress file checksums. These efforts have already proved effective in detecting many infections.

The Importance of Detecting and Patching Vulnerabilities

As we delved deeper into our security measures, we recognized the importance of detecting outdated WordPress versions and components with known vulnerabilities. Ensuring no website with a known vulnerability remains publicly accessible and open to exploit is paramount. While our Web Application Firewall (WAF) can mitigate many such attacks and is continually updated to block the latest threats, the most effective practice is to patch the actual vulnerabilities. With this in mind, we introduced CVE (Common Vulnerabilities and Exposures) monitoring for WordPress in the latest versions of cPGuard.

Introducing New Updates: CVE Monitoring and Patching for WordPress Using cPGuard

We are excited to announce a significant update aimed at enhancing WordPress security through comprehensive CVE (Common Vulnerabilities and Exposures) monitoring and patching.

Detailed Monitoring of WordPress Installations

With our latest update, cPGuard now provides a detailed list of all WordPress installations and their components (assuming no errors in the installations). This list allows you to:

– Identify WordPress installations with outdated cores, plugins, and themes.
– Detect installations with a CVE alert and view their CVSS (Common Vulnerability Scoring System) scores.

Manual and Automated Threat Management

Our enhanced system gives you the power to:

– Manually review CVE threats and apply available patches.
– Update each component individually when updates are available.
– Enable auto-updates for WordPress components, providing a more security-oriented approach similar to a WP toolkit.

Future Enhancements: Automatic Patching

Looking ahead, we plan to introduce automatic patching for CVE-affected installations. This means if a client fails to address an alert and update their WordPress installation within a certain period, cPGuard will automatically apply the necessary patches.

We are trying to add more features to ensure WordPress security in upcoming releases. In 2024, we expect to add more such features to ensure secure WordPress hosting servers for our clients

2024 has been an engaging year for our team, bringing numerous features and improvements to cPGuard. We’ve added enhancements to existing modules, with several more innovations still in development. As we reach mid-2024, let’s discuss the major updates available now and those coming soon with cPGuard.

IPDB Enhancements

The IPDB is a distributed firewall crucial in blocking live attack attempts, currently intercepting over 15 billion attacks monthly. We’ve reworked the IPDB rule-building algorithm to make it more efficient, faster, and less resource-intensive. The latest version includes:

1. Options to temporarily block IP addresses.
2. Better integration with CSF.
3. A URL-based whitelist for centralized whitelist management.

WordPress Security

WordPress is a prominent CMS and a primary target for web attacks. cPGuard offers multiple options to protect your WordPress sites. We continuously update our WAF rules to shield WordPress sites from known vulnerabilities. We use web traffic traps on some live sites to gather real-time attack evidence, enhancing our rule-building efficacy.

Key features include:

• Alerts for outdated WordPress components.
• Verification of WordPress checksums.
• CAPTCHA-protected WordPress login pages.
• CVE alerts for WordPress and its components. (These alerts are sent to end-users and displayed on the CMS Threats page, helping identify vulnerabilities.)

Scanner Updates

We release regular updates for the scanner and its rules. This year, we’re planning significant changes to detect modern malware hidden in files. Recent updates include:

Revamped HTTP upload scanner.

• Enhanced event logging in the scanner for better visibility for admins.
• Improved cleanup processes to prevent web-injected content.

Upcoming Major Changes

AI Integration with the Scanner

We’ve been testing AI integration in our lab with promising results. The AI scanner is partially enabled in the current version and will be expanded in upcoming updates, enhancing virus detection.

Automatic Patching of WordPress Components with CVE Alerts

Building on our CVE alerts for WordPress components, we’re developing an option to enable auto-patching after notifying end-users. This will help server admins maintain client websites with known CVE vulnerabilities.

Log Analyzer and IDS/IPS

We’re working on a system to monitor logs for website and service security. Based on Fail2ban, this solution will soon be released in beta. It will enhance log analysis, catch bad accesses faster, and improve IP reputation calculations in IPDB.

Are These the Only Changes Coming?

These are not the only changes. We continue to refine the software based on user feedback, so expect many other improvements and bug fixes in upcoming releases. Stay tuned to our social media pages and change log for detailed updates on each version.