Logo Wyomind Magento workshop

Add-ons for Magento®


logo Watchlog

Prevent your website from brute force attacks which aim is to force the access to your Magento backoffice. Watchlog helps you to identify and definitively stop such attacks!

7 Reviews

is available for Magento® 2

Prevent your Magento® 2 website from brute force attacks with Watchlog

Possible large scale brute force attack on Magento®!

Thousands of Magento® websites are certainely concerned by this very large brute force attack which aim is clearly to force the access to Magento® backoffices.

The principle of that kind of attack is simple: robots try to log into your backoffice using multiple login/password combinations until they find the correct credentials.

Once these credentials are identified, your Magento® website becomes an easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...

How to check if my website is subject to these attacks?

You can install our free Watchlog extension for Magento® 2 to detect the intrusions into your Magento® 2 backoffice in order to track any login attempt.

What to do?

You can easily bypass these kinds of attacks!

Several solutions exist to make your Magento® 2 backoffice invisible to robots that try to login:

  • Modify the name of your Magento® 2 backoffice
  • Activate captcha for your Magento® 2 backoffice
  • Restrict the access to your Magento® 2 backoffice by IP with htaccess
  • OR use Watchlog PRO that will act as a firewall and so replace all the above steps.

The admin of Magento® 2 can be concerned with these brute force attacks so you need to make sure to protect each entrance to your Magento® 2 backoffice.

Watchlog Free Vs Watchlog Pro

While the free extension Watchlog lists the IPs that try to access your Magento® 2 backoffice, Watchlog PRO will also help you to stop these intrusion attempts.

Watchlog PRO is a more complete version that offers more options than Watchlog.

Watchlog FREE


Connection attempts charts

Check the daily and monthly login attempts charts.


Connection attempts tables

Get detailed and summarized tables of the login attempts data.


Connection attempts history

Define the history lifetime and receive periodical reports.


Blacklist and Whitelist

Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.


Automatically or Manually block IPs

Block IPs after X login attempts, block the blacklisted IPs for X minutes.