WP AutoShield®: One-Click WordPress Security from cPFence
cPFence I didn't even realize LS Cache had heartbeat control options! Great additional option for cPFence.
Targeting WP sites with no caching, installing LS Cache, configuring the preset and setting the heartbeat options has significantly reduced the CPU load on a cPanel > Enhance migration effort. I did have to monitor a couple high load websites afterward, but this reduced man hours for us by a wide margin!
Since we're interested in cPanel migration, I'd love to see the following additions to cPFence bulk operations.
- Enable DKIM if not already set.
- Enable Redir if not already set.
- Change email routing to Remote for foreign MX records (and vice-versa.)
- Maybe allow toggling FORCE HTTPS for domains, although that can be tricky for sites with rewrite rules in certain conditions.
Glad you found it useful! The LiteSpeed Plugin is indeed amazing , we love having an all-in-one solution for cache, Redis, and heartbeat control. It makes the workflow so much easier, especially with the new bulk cache-clearing tool and MultiRun tool we created. We can now clear all Redis and cache for 30 servers in one click!.
In addition to WP-AutoShield and Owl AutoMySQL , which are fantastic for AutoPilot security and stability , we’ve also completed 13 bulk helper tools. My team is loving them; they’re a huge time saver for everyone.
cpfence --bulk-install-ls-plugin Bulk install LiteSpeed plugin
cpfence --bulk-configure-ls-plugin Bulk configure LiteSpeed plugin
cpfence --bulk-enable-ls-redis Bulk enable Redis caching
cpfence --bulk-enable-ls-heartbeat Bulk enable heartbeat options
cpfence --bulk-reset-ls-plugin Bulk reset LiteSpeed plugin
cpfence --bulk-clear-litespeed-cache Bulk clear LiteSpeed cache
cpfence --bulk-install-wp-plugin Bulk install WordPress plugin
cpfence --bulk-uninstall-wp-plugin Bulk uninstall WordPress plugin
cpfence --bulk-run-due-wp-cron Bulk run due WP cron
cpfence --bulk-force-wp-core-files Bulk restore WP core files
cpfence --bulk-create-wp-user Bulk create WP user
cpfence --bulk-backup-wp-sites Bulk backup WP sites (files & DBs)
cpfence --multirun Bulk run commands on all serversAs for the API-based tools you mentioned (like enabling DKIM or managing email routing), we may consider adding them after v12 is released. Enhance is likely to make significant changes to their API with the new v12 and the new website they are preparing, so we’re holding off until that’s launched to ensure compatibility.
cPFence Makes sense! I assume they should actually enable some of these things themselves with v12 or shortly afterward! It's complete insanity to not enable at least DKIM and recognize and set Email Routing based on MX records for importing from another panel.
- Edited
FWIW I have a reseller member with a dedicated plan complaining about the math captcha. I've disabled it three times with "cpfence --bulk-disable-wp-captcha" but it gets mysteriously reactivated for some reason. Do you know what triggers this being reactivated so I can make sure it's re-disabled when necessary?
I get that it can be whitelisted in the cpfence config, but I'd prefer to NOT have to do it for every new website the reseller takes on.
Yes, the math CAPTCHA gets reactivated when the WP-AutoShield daily cron runs at 6:10 AM. To manage this:
Edit the exclusion list:
nano /var/log/cpfenceav/wp-exclude-list.txt- To exclude all WordPress installations under a specific account, add:
/var/www/site_id/ - To exclude a single WordPress installation, add:
/var/www/site_id/public_html/blog
If you want to disable the CAPTCHA feature for all websites on this server, edit the config file:
nano /opt/cpfence/config.confSet the following:
autoshield_wp_captcha="off"This will disable the math CAPTCHA server-wide.
cPFence what about for those of us that rely on Object Cache Pro for our redis object caching needs?
For those using premium plugins like Object Cache Pro, here’s how you can manage installations alongside LiteSpeed Cache:
You can install your paid plugin in bulk using one of these commands:
cpfence --bulk-install-wp-plugin /path/to/local/plugin.zip
Or:
cpfence --bulk-install-wp-plugin https://domain.com/plugin.zip
After installing your premium plugin, you can install LiteSpeed Cache without enabling Redis:
cpfence --bulk-install-wp-plugin litespeed-cache
This ensures both LiteSpeed Cache (without Redis) and your premium plugin are installed server-wide.
If you already have LiteSpeed Cache installed with Redis enabled and want to switch to your paid Redis plugin, you can reset LiteSpeed Cache to defaults:
cpfence --bulk-reset-ls-plugin
This resets LiteSpeed Cache to its default settings without Redis, allowing you to use your premium Redis plugin.
MediaServe I faced the same problem in the last few days. One site using Memberpress is using a different login tag for membership logins, which would never get the math captcha show on the login page.
As cPFence suggested, I think the best way would be to change autoshield_wp_captcha to "off" in the /opt/cpfence/config.conf. This way, other functions of WP-AutoShield will still work.
bgeek I'll probably disable as requested. Had only one reseller annoyed by it, and he has a dedicated vm. I guess if we get enough complaints I might do this globally.
MediaServe I ended up turning it off globally; maybe @cPFence, Is it worth having these features off by default and providing detailed explanations on what it does and the implications it can have for end users?
Well, the full WP-AutoShield module is off by default, but we highly recommend enabling it. The default settings work seamlessly for most clients, and you can always tweak them to suit your needs using the config file.
As for CAPTCHA, I don’t recommend turning it off globally because its benefits are substantial. Instead, exclude specific users using plugins like MemberPress or custom login plugins (which we don’t recommend). For most companies, this only affects 1 or 2 clients on a busy server.
With WP-AutoShield enabled, especially alongside hourly integrity check, your WordPress sites can stay almost bulletproof on autopilot.
I understand it’s becoming overwhelming to keep up with all the new features and modules being added. The cheatsheet is on its way, coming soon after we wrap up the all-new cPFence MonitorPro Module, which is currently in beta. This module introduces exciting features like Cluster-Wide Website Monitoring, Keyword Monitoring (to check for the presence or absence of specific text ,or both), and more. With one-click setup, you can instantly start monitoring all websites in your cluster, with the option to add domains outside your cluster too. Stay tuned!
Security and uptime go hand in hand. In the world of web hosting, monitoring your websites is essential to stay ahead and be the first to know when something goes wrong. If you’re serious about your hosting business, you need a reliable uptime monitoring solution running 24/7. That’s where cPFence’s new MonitorPro Module steps in.
Setting up SaaS monitoring services or an in-house solution can be time-consuming and costly, not to mention the hassle of keeping the monitored list up-to-date. Adding and removing clients as they come and go? Total headache.
But with cPFence MonitorPro, those days are over. Say hello to one-click website and keyword monitoring tailored for your hosting business.