2024 has been an engaging year for our team, bringing numerous features and improvements to cPGuard. We’ve added enhancements to existing modules, with several more innovations still in development. As we reach mid-2024, let’s discuss the major updates available now and those coming soon with cPGuard.
IPDB Enhancements
The IPDB is a distributed firewall crucial in blocking live attack attempts, currently intercepting over 15 billion attacks monthly. We’ve reworked the IPDB rule-building algorithm to make it more efficient, faster, and less resource-intensive. The latest version includes:
- Options to temporarily block IP addresses.
- Better integration with CSF.
- A URL-based whitelist for centralized whitelist management.
WordPress Security
WordPress is a prominent CMS and a primary target for web attacks. cPGuard offers multiple options to protect your WordPress sites. We continuously update our WAF rules to shield WordPress sites from known vulnerabilities. We use web traffic traps on some live sites to gather real-time attack evidence, enhancing our rule-building efficacy.
Key features include:
- Alerts for outdated WordPress components.
- Verification of WordPress checksums.
- CAPTCHA-protected WordPress login pages.
- CVE alerts for WordPress and its components. (These alerts are sent to end-users and displayed on the CMS Threats page, helping identify vulnerabilities.)
Scanner Updates
We release regular updates for the scanner and its rules. This year, we’re planning significant changes to detect modern malware hidden in files. Recent updates include:
Revamped HTTP upload scanner.
- Enhanced event logging in the scanner for better visibility for admins.
- Improved cleanup processes to prevent web-injected content.
Upcoming Major Changes
AI Integration with the Scanner
We’ve been testing AI integration in our lab with promising results. The AI scanner is partially enabled in the current version and will be expanded in upcoming updates, enhancing virus detection.
Automatic Patching of WordPress Components with CVE Alerts
Building on our CVE alerts for WordPress components, we’re developing an option to enable auto-patching after notifying end-users. This will help server admins maintain client websites with known CVE vulnerabilities.
Log Analyzer and IDS/IPS
We’re working on a system to monitor logs for website and service security. Based on Fail2ban, this solution will soon be released in beta. It will enhance log analysis, catch bad accesses faster, and improve IP reputation calculations in IPDB.
Are These the Only Changes Coming?
These are not the only changes. We continue to refine the software based on user feedback, so expect many other improvements and bug fixes in upcoming releases. Stay tuned to our social media pages and change log for detailed updates on each version.
