Watchlog - Security enhancement for your Magento 2 website
Possible large scale brute force attack on Magento!
Thousands of Magento websites are certainly concerned by this very large brute force attack which aim is clearly to force access to Magento back offices.
The principle of that kind of attack is simple: robots try to log into your back office using multiple login/password combinations until they find the correct credentials.
Once these credentials are identified, your Magento website becomes easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...
What do do?
The admin of Magento 2 can be concerned with these brute force attacks so you need to make sure to protect each entrance to your Magento 2 back office.
Check if your website is subject to these attacks
You can install our free Watchlog extension for Magento 2 to detect the intrusions into your Magento 2 back office in order to track any login attempt.
Bypass the attacks
You can easily bypass these kinds of attacks!
Several solutions exist to make your Magento 2 back office invisible to robots that try to log in:
- Modify the name of your Magento 2 back office
- Activate captcha for your Magento 2 back office
- Restrict the access to your Magento 2 back office by IP with htaccess
You can also use Watchlog PRO that will act as a firewall and so replace all the above steps.
Watchlog Free Vs Watchlog Pro
While the free extension Watchlog lists the IPs that try to access your Magento 2 back office, Watchlog PRO will also help you to stop these intrusion attempts.
Watchlog PRO is a more complete version that offers more options than Watchlog.
Connection attempts charts
Check the daily and monthly login attempts charts.
Connection attempts tables
Get detailed and summarized tables of the login attempts data.
Connection attempts history
Define the history lifetime and receive periodical reports.
Blacklist and Whitelist
Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.
Automatically or Manually block IPs
Block IPs after X login attempts, block the blacklisted IPs for X minutes.
How to use the Watchlog extension for Magento 2
Watchlog is a free and easy to use extension for Magento 2. You'll be able to see very quickly if your Magento 2 back office is threatened by a brute force attack and if someone or some robots are trying to log into your Magento 2 admin panel.
STEP 1: Install Watchlog
To install the Watchlog free extension on your Magento 2 admin, follow the below steps:
- Before installing the extension, it's advisable to backup your Magento 2 installation.
- Then, you need to refresh caches in:
- Now you can download the zipped extension from:
your Wyomind accountdownloads
- Once you have downloaded it, unzip the folder content.
- Copy the app folder and paste it into the Magento 2 root directory. You can merge the directories.
- Open a console and run the following command on the Magento 2 root directory:
STEP 2: Configure your Watchlog extension
You can start with configuring your extension in a general way in:
Stores System Config Wyomind WatchLog
In the Connection attempts history tab, you'll be able to configure a certain number of parameters.
History lifetime in days
Send a periodical report
You can choose to receive periodical reports. If you have decided to set that option to YES, then you'll have to define:
- Period to report in days
Define how many days you want to include in your report.
- Sender email
Define the email address of the sender.
- Sender name
Add the name of the sender.
- Send the reports to
Add the email addresses of the recipients separated by a comma.
- Report title
Define a title for the report.
- Report schedule
Define a schedule to automatically send the reports.
You'll then receive a report as below.
STEP 3: Check the login attempts to your Magento 2 back office
You'll have a global overview of the login attempts executed from your Magento 2 admin panel login page if you go to:
Stores Watchlog Connection attempts
Statistics on the login attempts will be displayed in graphs and tables.
Login attempts charts
You should get two graphs that recap the login attempts statistics on two different periods of time in order to give you the best possible view. The first chart will display the data in the last 30 days whereas the second one will sum up the login attempts in the last 24 hours.
On both graphs, you'll have several curves:
- Success: represents the login attempts that succeeded
- Failed: represents the login attempts that failed
Login attempts grids
You should find the summary of the last days within two different views:
- Detailed view
- Summarized view
In the Detailed View, you'll find a detailed table of the login attempts. Among that grid, you'll have several data:
The IP that tried to log into your Magento 2 back office.
The date when the IP tried to log in.
The login used.
The password used to log in.
The message displayed when trying to log in.
The URL from which the IP tried to log in.
The status of the IP: Success or Failed.
By clicking on Switch to the summarized view you should get a table with the basic information. You'll find:
The IPs that tried to log in.
- Last Attempts
The date of the last attempt.
The number of login attempts.
The number of failed login attempts.
The number of login attempts that succeeded.
By default, both tables display data for the last 30 days. You can edit that in the History lifetime in days field, from:
At any time you can switch between both views.