Magento extensions & Pay-as-you-go development

10 years of business 2101 reviews 4.9 average rating
User guide

Watchlog - Security enhancement for your Magento 2 website

Possible large scale brute force attack on Magento!

Thousands of Magento websites are certainly concerned by this very large brute force attack which aim is clearly to force access to Magento back offices.

The principle of that kind of attack is simple: robots try to log into your back office using multiple login/password combinations until they find the correct credentials.

Once these credentials are identified, your Magento website becomes easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...

What do do?

The admin of Magento 2 can be concerned with these brute force attacks so you need to make sure to protect each entrance to your Magento 2 back office.

Check if your website is subject to these attacks

You can install our free Watchlog extension for Magento 2 to detect the intrusions into your Magento 2 back office in order to track any login attempt.

Bypass the attacks

You can easily bypass these kinds of attacks!

Several solutions exist to make your Magento 2 back office invisible to robots that try to log in:

  • Modify the name of your Magento 2 back office
  • Activate captcha for your Magento 2 back office
  • Restrict the access to your Magento 2 back office by IP with htaccess

You can also use Watchlog PRO that will act as a firewall and so replace all the above steps.

Watchlog Free Vs Watchlog Pro

While the free extension Watchlog lists the IPs that try to access your Magento 2 back office, Watchlog PRO will also help you to stop these intrusion attempts.

Watchlog PRO is a more complete version that offers more options than Watchlog.

Watchlog

Watchlog Pro

Connection attempts charts

Check the daily and monthly login attempts charts.

Connection attempts tables

Get detailed and summarized tables of the login attempts data.

Connection attempts history

Define the history lifetime and receive periodical reports.

Blacklist and Whitelist

Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.

Automatically or Manually block IPs

Block IPs after X login attempts, block the blacklisted IPs for X minutes.

How to use the Watchlog extension for Magento 2

Watchlog is a free and easy to use extension for Magento 2. You'll be able to see very quickly if your Magento 2 back office is threatened by a brute force attack and if someone or some robots are trying to log into your Magento 2 admin panel.

STEP 1: Install Watchlog

To install the Watchlog free extension on your Magento 2 admin, follow the below steps:

  1. Before installing the extension, it's advisable to backup your Magento 2 installation.
  2. Then, you need to refresh caches in:
    SystemToolsCache Management
  3. Now you can download the zipped extension from:
    your Wyomind accountdownloads
  4. Once you have downloaded it, unzip the folder content.
  5. Copy the app folder and paste it into the Magento 2 root directory. You can merge the directories.
  6. Open a console and run the following command on the Magento 2 root directory:
    bin/magento setup:upgrade​​

STEP 2: Configure your Watchlog extension

You can start with configuring your extension in a general way in:
Stores System Config Wyomind WatchLog

In the Connection attempts history tab, you'll be able to configure a certain number of parameters.

History lifetime in days

You have the possibility to define a history lifetime in days in order to purge the history. For example, you'll be able to define the history lifetime as 30 days in order to remove automatically all the login attempts that are older than 30 days.

Send a periodical report

You can choose to receive periodical reports. If you have decided to set that option to YES, then you'll have to define:

  • Period to report in days
    Define how many days you want to include in your report.
  • Sender email
    Define the email address of the sender.
  • Sender name
    Add the name of the sender.
  • Send the reports to
    Add the email addresses of the recipients separated by a comma.
  • Report title
    Define a title for the report.
  • Report schedule
    Define a schedule to automatically send the reports.

You'll then receive a report as below.

STEP 3: Check the login attempts to your Magento 2 back office

You'll have a global overview of the login attempts executed from your Magento 2 admin panel login page if you go to:
Stores Watchlog Connection attempts

Statistics on the login attempts will be displayed in graphs and tables.

Login attempts charts

You should get two graphs that recap the login attempts statistics on two different periods of time in order to give you the best possible view. The first chart will display the data in the last 30 days whereas the second one will sum up the login attempts in the last 24 hours.

On both graphs, you'll have several curves:

  • Success: represents the login attempts that succeeded
  • Failed: represents the login attempts that failed

Login attempts grids

You should find the summary of the last days within two different views:

  • Detailed view
  • Summarized view

In the Detailed View, you'll find a detailed table of the login attempts. Among that grid, you'll have several data:

  • IP
    The IP that tried to log into your Magento 2 back office.
  • Date
    The date when the IP tried to log in.
  • Login
    The login used.
  • Password
    The password used to log in.
  • Message
    The message displayed when trying to log in.
  • Url
    The URL from which the IP tried to log in.
  • Status
    The status of the IP: Success or Failed.

By clicking on Switch to the summarized view you should get a table with the basic information. You'll find:

  • IP
    The IPs that tried to log in.
  • Last Attempts
    The date of the last attempt.
  • Attempts
    The number of login attempts.
  • Failed
    The number of failed login attempts.
  • Succeeded
    The number of login attempts that succeeded.

By default, both tables display data for the last 30 days. You can edit that in the History lifetime in days field, from:
StoresSystemConfigWyomind WatchLog

At any time you can switch between both views.

Identify brute force attacks with Watchlog

Connection attempts charts

Check the daily and monthly login attempts charts.

Connection attempts tables

Get detailed and summarized tables of the login attempts data.

Connection attempts history

Define the history lifetime and receive periodical reports.

Freqently Asked Questions
License and domains

A license is valid for an unlimited period of time on one single Magento installation

  • If you're using more than one Magento installation, you will have to buy a separate license for each instance.
  • if you're running several domains on a same Magento installation, you will need only one license for all of them.
Although your license doesn’t have a limited period of validity, your support period does. By purchasing an extension, you’ll be granted a 6-month support period for free. Passed this period, you will have to pay for a new one (see FAQ: Extend your Support period)

You can pre-register your live domain to your license in advance.

Thanks to this option, you'll be able to get the extension ready to use on your domain before it goes live.

To pre-register your production domain: 

  1. Go to:
    mY accountLicenses & DOwnloads
  2. Click on  next to the extension you want your domain to pre-register on.
  3. Click on the link at the bottom of the page saying:
    Do you want to pre-register your domain in order to be ready to go live?
  4. Finally, enter your domain name and click on pre-register now .
Attention, this doesn't mean your license is activated. You'll still have to activate it on your new domain when the extension is installed. 

One license is valid for an unlimited period of time on one Magento installation only. However, it is possible to extend or transfer your license in 2 cases: 

  • If you would like to add your testing environments to your license. 
    In that case, it is possible to extend your license to an unlimited number of domains for free.
    For example: mywebsite-staging.com or mywebsite-dev.com
  • If you want to transfer your license to another live domain.
    In that case, the support period for your license must still be active.

To be able to use Watchlog on both your production and testing environments, follow the instructions below:

  1. Download Watchlog.
    (see FAQ: Extensions download)
  2. Install Watchlog on your environment.
    (see FAQ: Extensions installation)
  3. Activate the license.
    (see FAQ: Extensions activation from the backoffice or Extensions activation from the CLI)

Also, if you are managing a large amount of domains, please contact us so that we can automatically whitelist these domains.
Extension versioning and download

In order to download Watchlog, log into your Wyomind account:

    1. Go to:
      my accountLicenses & downloads 
    2. Click on the  icon next to Watchlog.

      A new window opens.

    3. Choose the version of Watchlog.
      You will be able to choose the most recent version of Watchlog (for both Magento 1 and Magento 2).
    4. Click on  .

Your download can start.

When purchasing an extension from wyomind.com, you benefit from a lifetime upgrade. You can at any time download the latest version of the extension directly from your account. 

To upgrade Watchlog, follow the steps below:

  1. Go to:
    my accountLicenses & Downloads
  2. Click on  next to Watchlog.
  3. Choose the latest version of Watchlog (for Magento 1 and Magento 2).
  4. Click on download .
  5. Install the new version of Watchlog to update your Magento admin. 

Extensions Installation/Uninstallation

You can install Watchlog manually.

  1. Download Watchlog (zip file) on:
    mY ACCOUNTLicenses & Downloads
     
    Refer to the FAQ: Extensions download
  2. Once Watchlog is downloaded, open the folder and unzip it.
  3. Copy the content of the unzipped folder and paste all files and directories in your Magento 2 root directory.
  4. In your Command Line Interface, execute:
    bin/magento setup:upgrade 

    If you are using a production mode, execute also:

    bin/magento setup:static-content:deploy  
    bin/magento setup:di:compile  

You can install Watchlog using Composer software in two cases:

  • if you purchased Watchlog on Magento Marketplace.
  • if you purchased Watchlog on Wyomind.com AND requested access to our repository:
    repo.wyomind.com
  1. Add to your composer configuration our repository:
    composer config repositories.wyomind composer https://repo.wyomind.com 

  2. Execute Composer command:
    composer require wyomind/watchlog
  3. Then go in your Command Line Interface and execute:
    bin/magento setup:upgrade ​
  4. If you are using a production mode, also execute:
    bin/magento setup:static-content:deploy  ​
    bin/magento setup:di:compile​

To uninstall Watchlog, start with disabling the extension running the following command:

bin/magento module:disable Wyomind_Watchlog

Then, you have 2 ways to uninstall the extension depending on how the extension has been previously installed: 

  • Manual installation

    Run the watchlog-uninstall.sh file (you can find it in the extension zip folder) from your Magento root directory:

    sh watchlog-uninstall.sh

     

  • Installation via Composer

    Run the below command line:

    composer remove wyomind/watchlog

Once the uninstallation is over, refresh your cache and enable the compiler back again (if you use it). 

You can install Watchlog via Web Setup Wizard if you purchased it from Magento Marketplace only.

To know how to proceed, all steps are described in the link below: 
http://docs.magento.com/m2/ce/user_guide/system/component-manager.html

Next step is to activate your license:
Extension activation

Extensions activation

Once Watchlog is installed, you have to activate the license. For previous versions, you can activate the license from your back-office:

    1. Go to your Magento admin panel. A message pops up at the top of the page.


      If the message doesn't appear then you must check that:

         1. The Adminhtml_Notifications and Wyomind_Core modules are well enabled.
         2. The HTML output of the Adminhtml_Notifications and Wyomind_Core modules are not disabled in:
      storesconfigurationadvanced advanced
         3. The encryption key well exists in app/etc/env.php:
      <?php
       return array(
       'backend' => array(
       'frontName' => 'admin'
       ),
       'crypt' => array(
       'key' => '1e8f3c6772b7a6a6689c3c8cefa4ccf0'
       ),
       /* ... */
       )
      ?>​
    2. Copy your activation key in:
      StoresConfigurationWyomind Your extension

      You can find your activation key in 2 different places:
      In the confirmation email that you received after purchasing Watchlog.
      In your Wyomind account:My account Licenses & downloads
      Select Watchlog and click on  .

      A new page opens where you'll find your activation key (see below).


    3. In your Magento admin go to:
      StoresConfigurationWyomind Your extension

      Paste the activation key in the Activation Key field and choose between the automatic (yes) or the manual (no) activation method:
      By choosing Yes, the connection to Wyomind license server will be automatic.
      By choosing No, you will have to log on to Wyomind license server yourself.

    4. Click on Save config .
    5. A message appears at the top of your admin panel. Click on that link: 
      Activate it now!
    6. Copy and paste the license code in the License code field from your admin or simply click on Activate now! 


    7. Finally, refresh your cache, log out and log in back straight after, to complete the installation.

When the extension includes other modules, repeat the steps described above for each one, using the corresponding activation keys (each module has its own activation key).

Add another domain to your license


To activate the license on another domain (test, staging...):

  1. Once the extension is installed on the new domain, copy your activation key in:
    StoresConfigurationWyomind Your extension
  2. After having saved the configuration, a notification appears. Click on Add this domain to my license.

  3. A transfer request will then be sent to our team within an hour.
    Once the request is taken care of, you will receive a confirmation email.
    If your transfer request is accepted, you can use Watchlog on both environments at the same time.

Note that the order in which you activate your license on your domains does not matter. You can start with your staging/dev/local environment or with your live domain, the process will be the same.

Also, if you have loads of staging domains, or if you are an agency managing load of domains for your customers, please contact us so that we can automatically whitelist these domains.

Once Watchlog is installed, you have to activate the license.

For this, you can use the below command line (change the Activation key with the corresponding value):

bin/magento wyomind:license:activate Wyomind_Watchlog <YOUR_ACTIVATION_KEY>

To retrieve the list of all the available modules as well as the licenses status, please use:

bin/magento wyomind:license:status

 Among the different status, you can find: 

  • registered = your license is registered
  • pending = you need to run the activation command line
  • invalidated = the license has been invalidated due to a wrong activation key or a license infringement
 
Check how to add another domain to your license.
Magento® Compatibility

Magento® Open Source

(Magento® Community Edition)

  • 2.4.3
  • 2.4.2
  • 2.4.1
  • 2.4
  • 2.3.7
  • 2.3.6
  • 2.3.5
  • 2.3.4
  • 2.3.3
  • 2.3.2
  • 2.3.1
  • 2.3
  • 2.2.9
  • 2.2.8
  • 2.2.7
  • 2.2.6
  • 2.2.5
  • 2.2.4
  • 2.2.3
  • 2.2.2
  • 2.2.11
  • 2.2.10
  • 2.2.1
  • 2.2
  • 2.1.9
  • 2.1.8
  • 2.1.7
  • 2.1.6
  • 2.1.5
  • 2.1.4
  • 2.1.3
  • 2.1.2
  • 2.1.18
  • 2.1.17
  • 2.1.16
  • 2.1.15
  • 2.1.14
  • 2.1.13
  • 2.1.12
  • 2.1.11
  • 2.1.10
  • 2.1.1
  • 2.1
  • 2.0.9
  • 2.0.8
  • 2.0.7
  • 2.0.6
  • 2.0.5
  • 2.0.4
  • 2.0.3
  • 2.0.2
  • 2.0.18
  • 2.0.17
  • 2.0.16
  • 2.0.15
  • 2.0.14
  • 2.0.13
  • 2.0.12
  • 2.0.11
  • 2.0.10
  • 2.0.1
  • 2.0

Adobe® Commerce

(Magento® Enterprise Edition)

  • 2.4.3
  • 2.4.2
  • 2.4.1
  • 2.4
  • 2.3.7
  • 2.3.6
  • 2.3.5
  • 2.3.4
  • 2.3.3
  • 2.3.2
  • 2.3.1
  • 2.3
  • 2.2.9
  • 2.2.8
  • 2.2.7
  • 2.2.6
  • 2.2.5
  • 2.2.4
  • 2.2.3
  • 2.2.2
  • 2.2.11
  • 2.2.10
  • 2.2.1
  • 2.2
  • 2.1.9
  • 2.1.8
  • 2.1.7
  • 2.1.6
  • 2.1.5
  • 2.1.4
  • 2.1.3
  • 2.1.2
  • 2.1.18
  • 2.1.17
  • 2.1.16
  • 2.1.15
  • 2.1.14
  • 2.1.13
  • 2.1.12
  • 2.1.11
  • 2.1.10
  • 2.1.1
  • 2.1
  • 2.0.9
  • 2.0.8
  • 2.0.7
  • 2.0.6
  • 2.0.5
  • 2.0.4
  • 2.0.3
  • 2.0.2
  • 2.0.18
  • 2.0.17
  • 2.0.16
  • 2.0.15
  • 2.0.14
  • 2.0.13
  • 2.0.12
  • 2.0.11
  • 2.0.10
  • 2.0.1
  • 2.0
User's reviews
Log into your account to leave your review and get up to 3 months of free support.

5th September 2020

Must have extension to monitor admin URL

Magento 2 merchants must adopt certain best practices to protect the site. While we can focus on keeping the Magento 2 version up-to-date and install security patches on time. Other things are server security, file and folder permissions, etc. We did most of it and felt good. We also modified the admin URL as per some other suggested practices but for reason this can be found by the attackers. You can find some articles on this on web. Finally, we had used the Wyomid Watchlog extension - the Free version. The free version allowed us to see if anyone was trying to brute force the admin page to get access to the admin panel of Magento 2. When we did, we found at least 5 IPs in a duration of about 2 months trying to brute force the panel. We also had 2FA and Google Recaptcha enabled so the attempts were not successful. The plugins recorded the IP, attempts and show those on graph. Very nice. We had some more server and security tools to finally block those IPs outside the module (Free version does not offer that). Even when we changed the admin URL after each attempt, some other IP discovered the URL eventually. Even the Free tool is very useful and we absolutely recommend it since you can change the URL in timely manner and buy some time to implement IP rules on server side which will prevent the site performance degradation for legitimate traffic. But if you don't have other resources at the disposal, I recommend to go for Pro version to perform the URL Blacklisting and Whitelisting from admin panel itself. Again, Wyomind security is a must have extension.

13th May 2020

Very useful tool

We have spent this tool for a long time and it has saved us from many attacks on our website, since it alerts us instantly by email and you can act instantly ... It allows us to be alert 24 hours a day without effort. Extension needed for all magentos ...

27th April 2019

Excelente Extension

Muy buena extension y un excelente servicio técnico.

Alejandro

11th October 2015

Extraordinary support!

Most mentionable in my case is the support I guess. Yes, the extension is very much useful and works as described. However, WYOMIND's support works even better. Why? Because even on a sunday WYOMIND is not shy of giving full support! Yes, you heard right ... on a "sunday"! Besides, it was a very good, fast and professional support. Thank again, guys!

sonsec

31st August 2015

Helpfull tool

This tool is great for free. It show us an Hacker Attack so we can react fast. Thank you!

Roma80

21st April 2015

Nice extesion to see hack attempts

Got a message from them about a potential hack attempt. Read an review here this was fake ?
Traced the ip and the ip was on an abuse list.
If the reviewer wrote that was fake it would mean that this developers is faking the attacks ?
What reason just to download a free watchdog extension ?
I placed the attacking ip on a blacklist thru htaccess and attempts were stopped.
So far this company has given me good support and I don't think this is fake or marketing. I never looked at hack attemps but since many systems are under attack why not magento sites.
At least they woke me up so admin url will be changed as will downloader url. I can only see this as a positive reminder to make you installation more secure.. Good work

bobmats

21st April 2015

Stopped Brute force attack in seconds

Thanks again to Pierre and his team. I downloaded this extension and literally stopped a brute force attack in under 3 minutes.
Installed in seconds, It gives all the information you need within a few minutes and simply works.
Great free version.

adastra

17th April 2015

Superb tool

Works exactly as described. Installed without a hitch. Checked the logs after 30 minutes and found there had been around 15 attempted to gain entry via brute force. I blocked the offending IPs in .htaccess. Well worth considering the Pro version for automatic blocking. Recommend this extension to everyone.

htz

17th April 2015

False alerts and worried customers

We run a few sites using the Data Feed Manager from Wyomind for Google Shopping feeds (this works great, can't recommend it enough!)
However I received a notification for all the sites running this plugin yesterday that there were potential brute force attacks on the site to try and gain access to the back end. This is completely untrue, I scoured the logs and there's hardly any attempts in there (with 95% of them being legit attempts to log in).
The fact it happened on all the sites within a few hours suggests this is just a marketing ploy, one which had us receive worried emails from customers (who run the site) about the security of their site (when there was nothing to be concerned about).
So be aware of their work providing false alerts before blindly installing the extension to solve an issue that doesn't exist.

david_bowen

16th April 2015

great for stopping hacking attempts

Wyomind warned me about a possible brute force attack on my website, because they saw many login attempts (as they explained, each attempt retrieves their rss feed because I have an other extension from them).
After installing the extension showed the attack and my provider blocked the attackers IP address.
So thanks to Wyomind my website is more secure and the system resources are not used for anything that is not meant to use them.

JohnWaal
Changelog
  • License is not reactivated if the module is not installed yet

Enhancements

  • Sample data updated

Bug Fix

  • Fix for Google charts lib loading

Enhancement

  • Improved license management system (Clear code)
  • Sample data added for the scenario
  • Addition of the Helper/Watchlog (automatically generated)
  • Compatibility fix for Magento 2.3.3

Enhancement

  • Complete code refact
  • PHP documentation update
Patch v2.1.2.1

  • Sample date available for the demo

Enhancement

  • The firewall IP is now taken into account
Patch v2.1.1.1

  • Fix for the echo in the templates 

Enhancements

  • Magento v2.2.1 compatibilty

Enhancement

  • Compatibility with Magento v2.2.0

Improvement:

  •  Support for IPV6

Bug Fix:

  • Code fix on class constant
  • 1st release for Magento 2
Demo store
Front-end
Back-end
Login
Watchlog
Password
Watchlog123

Stay tuned and get a coupon code of 10% off any purchase while creating your account!

Subscribe now for updates, promotions and products launch twice a month at most.

Please indicate a valid email