CleanTalk's blog

Tag: website security

Malware Auto-Cure Update: Enhanced Threat Treatment and Logging
The latest update to Malware Auto-Cure System in the CleanTalk Security Plugin introduces significant improvements in threat detection and remediation, ensuring a more effective and reliable security solution.
- Fixed the treatment process when a file may contain multiple threats.
- Fixed the treatment process when a file can only be partially cured.
- Added detailed logging of automatic treatment results.
- Added responses to the initiation of manual treatment.
- Fixed an issue where a file could never be treated due to missing instructions. Now, if an instruction becomes available after a failed treatment attempt, the treatment will succeed.
The update strengthens our commitment to proactive cybersecurity, reducing infection persistence and ensuring a higher success rate in malware remediation.
February 23, 2025
Custom text messages for Security FireWall Block Page

We’re glad to introduce the new feature of our Security Extra Package.

When you use Personal Black Lists (including blocking by country) users see a default message “This is the testing page for Security FireWall” but now you can change it. The message can include your email or phone number. In that case, you can collect data about the reasons for false positives.

How to create a custom message

Step 1: Go to your Dashboard => Security. Select your website and click on Settings.

Step2: Scroll down to Message for forbidden visitors and check it. After that you can type any text you want including emails and phone numbers. When finished just press the Update button.

That’s it! Your custom message is enabled and updated. After about 10 minutes you can take a look at your Security FireWall block page.

How to preview your block page

Step 1: Go to Dashboard => Security => Your website Settings (exactly like it was described above). Then click on Testing Security FireWall.

Step 2: After that, your Security FireWall testing page will appear. Here you can preview your custom message and edit it if needed.

Get your Website Security now

July 4, 2022
New feature in Website Security FireWall Log
Your website is regularly visited by different bots. The “bad” ones are blocked by your Security FireWall before they even reach your website, but what happens with the “good” ones like Google, Bing, and MSN? From now you can use Security FireWall Log to find out, what ”good“ bot visit your site and how many actions they provide there.

What exact information can you get:
- Date
- Website
- URL of visited website
- Bot IP
- Hostname (in case it can be defined)
- Browser used by bot
- Bot country
- Quantity of requests (hits)
- FireWall result
How it works

Step 1: Go to your Security Dashboard. Choose “Site Security” in the “Services” menu.

Step 2: Go to your Security FireWall Log:

In order to find information about some specific bot just type in the name of it (or part of the name).

From that page, you may decide whether you want to block one of these bots or not.

How to block bots by User-Agent

Feel free to block any bot using our special guide.
March 25, 2022
Hiding your WordPress username from bad bots

Do you know how to hide your WordPress usernames from bad bots? We are glad to introduce you a new Security plugin improvement: from now CleanTalk allows you to hide WordPress username from bad bots brute-force.

Before this improvement became available some bots could learn WordPress usernames by their ID and use it to brute-force these accounts later. For example, a request like «‎https://blog.cleantalk.org/?author=007»‎ could return the username «https://blog.cleantalk.org/author/james_bond».

This option is switched off by default so in order to avoid vulnerabilities like that we highly recommend to switch it on.

Step 1: Go to Plugins → Installed Plugins.

Step 2: Go to Settings beneath the Security plugin.

And after that choose General Settings.

Step 3: Go to Miscellaneous section and find checkbox ‎«‎Prevent collecting of authors logins» and just check this box.

Step 4: Press the «Save Changes» button.

Success! That’s how quickly CleanTalk allows you to hide WordPress username from bad bots

If you have any questions, add a comment and we will be happy to help you.

Create your Cleantalk account – Register now and enjoy while CleanTalk Anti-Spam plugin protects your Clean and Simple Contact Forms from spam.

August 6, 2021
Access key rotation for Anti-Spam and Security
In case your website is connected to CleanTalk it uses a special Access key to exchange information. We have improved its functionality to guarantee you the safest user experience.

Connect your website to CleanTalk in 5 minutes and forget about spam.

Improved Access key safety

Your Anti-Spam and Security Access keys don’t have any expiration date. So don’t worry, you don’t have to do anything about it.

Access key doesn’t need to be manually renewed except several cases:
- In case you gave your website access to web developer or a freelancer and it may be compromised.
- When your website had been hacked.
- When you expect your CleanTalk access being given or copied to a third party.
- In case you have any other issues and risks with CleanTalk account access.
Also you can always change your password or email in CleanTalk dashboard.

How to update your Access key

Step 1: Add your website to dashboard using the button below. If your site is already connected to CleanTalk pass to Step 3.

Step 2: Input your website URL in “Site URL” field.

Step 3: Click on “Settings” button under your website name.

Step 4: Go to “Change the Access key”.

Step 5: Click on “Generate key” to create new safe Access key.

Step 6: Then Apply the key by pressing the button below.

Step 7: And just close the window after you are finished.

Well done! Your new Access key is successfully generated and applied to your website. From now it will be active and if needed, you may change it again to guarantee its safety.
June 25, 2021