is available for Magento® 2
The Watchlog Pro extension will allow you to list the IP addresses that try to access your Magento 2 backoffice, and to stop these intrusion attempts mainly by adding these IP addresses to a blacklist.
Thousands of Magento websites are certainely concerned by this very large brute force attack which aim is clearly to force the access to Magento backoffices.
The principle of that kind of attack is simple: robots try to log into your backoffice using multiple login/password combinations until they find the correct credentials.
Once these credentials are identified, your Magento website becomes an easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...
Several users have already reported some IPs.
The login attempts can occur several times a minute and can reach several tens of thousands attempts every day which will deeply threaten the security of your website as you can see on the screen below.
This is why it is important to protect your Magento 2 website against brute force attacks.
You can first install our free Watchlog extension for Magento 2 to detect the intrusions into your Magento 2 backoffice in order to track any login attempt.
You'll then be able to see all the login attempts made from your website on 2 graphs.
The detail of each login attempt will be displayed below these 2 graphs. You'll find the IP addresses, dates, logins and passwords...
Fortunately, these attacks are easy to bypass! Several solutions exist to make your backoffice invisible to robots that try to login:
- Modify the name of your backoffice
- Activate captcha for your backoffice
- Restrict the access to your backoffice by IP with htaccess
You can also use the Watchlog Pro extension for Magento 2 that will act as a firewall and replace all the above steps.
The admin of Magento 2 can be concerned with these brute force attacks so you need to make sure to protect each entrance to your Magento 2 backoffice.
The Watchlog Pro extension allows you to detect if your Magento 2 website is threatened by any possible brute force attack and it gives you the ability to protect your website against it. You can start using the extension very quickly following 3 simple steps.
To start configuring Watchlog Pro for Magento 2, go to Stores > Settings > Configuration > Wyomind > Watchlog Pro.
In the General Settings tab, you'll be able to configure the lifetime of the history and activate the logs.
- History lifetime in days: define a history lifetime in days. For example, you'll be able to define the history lifetime on 30 days in order to automatically purge the history all the login attempts that are older than 30 days.
- Enable Log: by activating that option, a log file will be generated in var/log.
In the Periodical Report tab, you'll be able to configure the login reports:
- Send a periodical report: You can choose to receive periodical reports. If you enable the periodical reports, you'll have to configure the following options.
- Period to report in days: define how many days you want to include in your report.
- Sender Email: add the email address of the sender.
- Sender Name: add the name of the sender.
- Send the reports to: add the email addresses of the recipients separated by a comma.
- Report title: define a title for your report.
- Report schedule: define a schedule to automatically send the reports.
You'll then receive a periodical report as below.
Watchlog Pro gives you the possibility to create a whitelist as well as a blacklist of IPs. In the White/Black list settings tab, you can define your own parameters by filling in a certain number of fields:
- Whitelisted IPs: Click on Add IP to add an IP address into the whitelist.
- Secret key to whitelist your IP: If your own IP is blacklisted, you can use that secret key to whitelist it.
- Allow access to whitelisted IPs only: Choose to allow the access to whitelisted IPs only.
- Blacklisted IPs: Click on Add IP to add an IP address into the blacklist.
- Number of attempts before being blacklisted: Define a number of attempts before the IP is automatically blacklisted.
- Blacklisted IPs blocked for X minutes: Choose to blacklist the IPs for a defined period of time.
- Message to display if blocked: Define a message that will be displayed if someone with a blacklisted IP tries to log in to your admin panel.
You'll be able to receive report everytime an IP address is blocked. For this, you can configure the report in the Blocked IP Report tab:
- Send a report when an IP is automatically blocked: Choose to receive a report when IPs are automatically blocked or not. By setting that parameter on YES, more options should display.
- Sender Email: Fill in the email of the sender.
- Sender Name: Add the name of the sender.
- Send the reports to: Enter the email addresses of the recipients separated by a comma.
- Report title: Define the name of your report.
To have an overview of the connection attempts to your Magento 2 backoffice, go to Stores > Watchlog > Connection attempts.
On that page, you'll get 2 graphs that retrieve the login attempts statistics.
These graphs are based on 2 different periods of time in order to provide you with the maximum information. The first chart will display the statistics on the last 30 days whereas the second one will sum up the login attempts on the last 24 hours.
Both graphs show 3 different curves:
- Success: login attempts that succeeded
- Blocked: login attempts that have been blocked
- Failed: login attempts that failed
If you hover the mouse over the different points of the curves, you'll get the detail of the number of connection attempts at a specific date.
Below the 2 graphs, you should find the summary of the login attempts over the last days retrieved in a grid. The login attempts data are retrieved into specific columns:
- IP: the IP that tried to log into your Magento 2 backoffice.
- Date: the date when the IP tried to log in.
- Login: the login used.
- Password: the password used to log in.
- Message: the message displayed when trying to log in.
- Url: the url from which the IP tried to log in.
- Status: the status of the IP (Success, Failed or Blocked).
By clicking on any IP address, you'll be redirected to www.abuseipdb.com that will automatically check that address. This allows you to see in one click if the IP address has already been reported by other users.
You have the possibility to purge history by clicking on Purge history now and to send the report of the login attempts by clicking on Send the periodical report now.
You can get a summarized view by clicking on Switch to the summarized view. From that new grid, you will get a table with the basic information:
- IP: the IPs that tried to log in
- Last Attempts: the date of the last attempt
- Attempts: the number of login attempts
- Failed: the number of failed login attempts
- Succeeded: the number of login attempts that succeeded
- Blocked: the number of login attempts that have been blocked (these IP addresses won't have access to the Magento 2 admin log in page)
- Action: you can directly add these IP addresses to the white and black lists
To remove an IP address from a list, simply click on Remove IP from the white/black list.
You will be able to see if you have already blacklisted or whitelisted some IP addresses. Indeed, they will be displayed in black or white boxes. In the case where an IP is whitelisted and blacklisted at the same time, the whitelist will always have the upper hand.
By default, both tables display data of the last 30 days. This can be easily modified from Stores > System > Config > Wyomind > Watchlog, in the History lifetime in days field.
Note that to go back to the detailed view, you just have to click on Switch to the detailed view.
With Watchlog Pro, you can easily control and manage the traffic to your Magento 2 admin. You have 2 possibilities of doing it:
- Whitelist IPs
- Blacklist IPs
You can add as many IP addresses as you want in the whitelist. For this, go to Stores > Settings > Configuration > Wyomind > Watchlog Pro.
In the White/Black list settings tab, look for the Whitelisted IPs option. To add an IP address to the whitelist, click on Add. Then in the IP field, simply enter the IP address you want to whitelist.
Note that you can use wildcards (*) directly in the whitelisted IPs list.
For example, if you add 111.168.0.* as an IP to whitelist, then it will automatically add all IPs between 18.104.22.168 and 22.214.171.124 to the whitelist.
If you add 111.168.*.*, it will whitelist all IPs between 126.96.36.199 and 188.8.131.52.
If you want to remove an IP address from the whitelist, simply click on the bin in the same line.
For a very limited access, you can then set the Allow access to whitelisted IPs only option to YES, so that only the IP addresses you have defined are authorized to login.
In the case where your own IP address is blacklisted, you can use your secret key at any time to go back to your Magento 2 admin.
To stop IP addresses from logging into your Magento 2 admin, you only need to add them into your blacklist.
For that, go to Stores > Settings > Configuration > Wyomind > Watchlog Pro.
In the White/Black list settings tab, look for the Blacklisted IPs option. To add an IP address to the blacklist, click on Add. Then in the IP field, enter the IP address you want to block.
You can also set a date after which the IP address won't be blacklisted anymore. Leave that field empty to indefinitely block the IP.
Finally, to remove an IP address from the blacklist, simply click on the bin in the same line.
Watchlog PRO, the best way to protect your Magento® 2 admin!
Follow the trafic on your Magento® 2 backoffice
- View the daily and monthly login attempts in graphs
- Get a detailed and a summarized table of the login attempts
- Get a periodic report on the statistics by email
Filter any login attempt to your Magento® 2 backoffice
- Automatically or manually block IPs on the backend and frontend
- Create a whitelist and a blacklist of IPs
- Filter the login attempts history by status (Success or Failed)
Keep track of the connection attempts
- Define a history lifetime in days
- Identify the login attempts backdoor url (Downloader, Admin...)
How to make the difference between Watchlog and Watchlog Pro?
Even though Watchlog and Watchlog Pro both allow you to list each connection attempt to your Magento 2 backoffice, Watchlog Pro is more complete. It offers more options than the free version in order to detect and stop these intrusion attempts.
Connection attempts charts
Check the daily and monthly login attempts charts.
Connection attempts tables
Get detailed and summarized tables of the login attempts data.
Connection attempts history
Define the history lifetime and receive periodical reports.
Blacklist and Whitelist
Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.
Automatically or Manually block IPs
Block IPs after X login attempts, block the blacklisted IPs for X minutes.
Magento® versions supported by Watchlog Pro
This extension works with Magento Community Edition and also Magento Enterprise Edition. To know if Watchlog Pro is compatible with your Magento version, please check the Compatibility tab.
How to check if my Magento® 2 website is attacked?
The Watchlog and Watchlog Pro extensions will allow you to check if your Magento 2 website is attacked.
In a first time, we advise you to install the free Watchlog extension in order to check the possible login attempts to your admin.
If it turns out that your Magento 2 website is hacked, you can protect your Magento admin following below steps:
- Modifiy the name of your Magento 2 backoffice
- Activate the captcha to access your Magento 2 backoffice
- Limit the access to your backoffice to some IP addresses only (htaccess)
Note that the Watchlog PRO extension will act as a firewall and will replace the above steps by blocking the IP addresses that are trying to access your Magento 2 backoffice.
A license is valid for an unlimited period of time on one single Magento installation
If you use more than one Magento installation, you will have to buy a separate license for each.
if you run several domains on a same Magento installation, you will need only one license for them all.Although your license doesn’t have a limited period of validity, your upgrade period does.
By purchasing an extension, you’ll be granted a 3-month upgrade period for free.
Passed this period, you will have to pay for a new one (see FAQ: Extension upgrade)
License and testing environments
One license is valid for an unlimited period of time on one Magento installation only.
It is possible, however, to extend or transfer your license in three cases:
- If you'd like to add your testing environments to your license.
In this case, it is possible to extend your license to an unlimited number of domains for free.
example:mywebsite-staging.com or mywebsite-dev.com
- If you redirected definitively one domain to another one (301 permanent
In this case, you can request a transfer of license for free.
- If you'd like to shift your license from one Magento installation to another.
In this case, you can request a transfer of license which you'll have to pay for.
To be able to use Watchlog Pro on both your production and testing environments, follow the instructions below:
- Download Watchlog Pro (see FAQ: Extensions download).
- Install Watchlog Pro on your testing environment.
(see FAQ: Extensions installation)
- Activate the license (see FAQ: Extensions activation).
- From your Magento admin panel,
Go to: stores CONFIGuration WYOMING YOUR EXTENSION
Enter your current Activation Key.
- Save config.
Now that you can use Watchlog Pro on your production environment, repeat the same steps as above on your testing environments.
The only difference this time: a notification will appear on your Magento admin.
You will be given a choice in between: buy a new license now and add this domain to my license (see below).
Click on add this domain to my license.
A transfer request will then be sent to our team within an hour.The order in which you activate your license on your domains does not matter.
Once the request is taken care of, you will receive a confirmation email.
If your transfer request is accepted, you can use Watchlog Pro on both environments at the same time.
You can start with your staging/dev/local environment or with your live domain, the process will be the same.
- If you'd like to add your testing environments to your license.
License and pre-registred environments
You can pre-register your live domain to your license and activate it in advance.
Thanks to this option, you'll be able to get the extension ready to use on your domain before it goes live.
To pre-register your production domain, go
to: account downloads my
on nextto the extension you want your domain to pre-register on.
At the bottom of the page, below the list, click on the orange link saying:
Do you want to pre-register your domain in order to be ready to go live?
Finally, enter your domain name and click on PRE-REGISTER NOW
In order to download Watchlog Pro, log into your Wyomind account:
Extensions upgradeWith each purchased extension comes a free 3-month upgrade period, during which you can download and install the new versions of your extension. Passing this period, you will have to purchase an additional upgrade (price depends on how long the period is)
To upgrade Watchlog Pro, follow the steps below:
- Go to: my account my downloads
- Click on next to Watchlog Pro
- Choose the latest version of Watchlog Pro (for Magento 1 and Magento 2).
- Click on download
- Enter your current activation key and click on
- Select domain name.
- Choose from 1 to 12 months upgrade period of.
- Choose a professional installation or not.
- Click on BUY NOW
To finish, don't forget to reinstall Watchlog Pro to update your Magento admin.
If you can't find your download after upgrading your domain, please contact us here:
There are three different options to install Watchlog Pro:
1. Manual installation
- Download Watchlog Pro (zip file) on: my account my downloads
Refer to FAQ here: Extensions download
- Once Watchlog Pro is downloaded, open the folder and unzip it.
- Copy the content of the unzipped folder and paste all files and directories in your Magento 2 root directory.
(the folder content can vary according to the extension but it generally includes app, lib and skin folders).
- In your Command Line Interface, execute:
bin/magento setup:upgradeIf you are using a production mode, execute also:
2. Installation via Composer
You can install Watchlog Pro using Composer software in two cases:
- if you purchased Watchlog Pro on Magento Marketplace.
- if you purchased Watchlog Pro on Wyomind.com AND requested access to our repository: repo.wyomind.com
Add to your composer configuration our repository:
composer config repositories.wyomind composer https://repo.wyomind.com
Execute Composer command:
composer require wyomind/modulename
then go in your Command Line Interface and execute:
If you are using a production mode, execute also:
3. Installation via Web Setup Wizard
You can install Watchlog Pro via Web Setup Wizard if you purchased it from Magento Marketplace only.
To know how to proceed, click on the link below (all steps are described).
Next step is to activate your license, to do so, click here: Extension activation
- Download Watchlog Pro (zip file) on: my account my downloads
To uninstall Watchlog Pro, go on the extension zip folder and open it.
You will find a shell file (such
as: yourextension-uninstall.sh) to execute on both your server and Magento root directory.
Once the uninstallation is over, refresh your cache and enable the compiler back again (if you use it).
Once Watchlog Pro is downloaded, you have to activate the license:
- Go to your Magento admin panel. A message pops up at the top of the page.
- The HTML output of the License Manager is not disabled.in your Magento admin understores configuration advanced advanced
- The License Manager is enabled and has not been removed from your installation.
- Copy your activation key.
You can find your activation key in 2 different places:
- In the confirmation email that you received after purchasing Watchlog Pro
- In your Wyomind account:MY ACcount My downloads
Select Watchlog Pro and click on
A new page opens where you'll find your activation key (see below).
- In your Magento admin go to:
StoresConfiguration Wyomind Your extension
Paste the activation key in the Activation Key field and choose between the automatic (yes) or the manual (no) activation method
- By choosing Yes, the connection to Wyomind's license server will be automatic.
- By choosing No, you will have to log on to Wyomind's license server yourself.
- Save config.
- A message appears at the top of your admin panel: Activate it now! Click on that link.
- Copy and paste the license code in the License code field from your admin or simply click on Activate now!
- Finally, refresh your cache, log out and log back in straight after, to complete the installation.
To activate the license of an extension that includes other modules, you’ll have to repeat the steps described above for each, using the corresponding activation keys (each module has its own activation key).
- Go to your Magento admin panel. A message pops up at the top of the page.
How to do when my own IP address is blacklisted?
In the case where you have accidentally blocked or blacklisted your own IP address, you can at any time use your secret key to return to your Magento 2 backoffice.
You should have defined your secret key in Stores > Settings > Configuration > Wyomind > Watchlog Pro in the White/Black list settings tab.
For example, if in the Secret key to whitelist your IP field, you've added MYSECRETKEY, then you'll have to use the following url: https://www.mywebsite.com/watchlog/whitelist/add/key/MYSECRETKEY
This will automatically add your IP to the whitelist.
To be sure that your IP address won't be blacklisted, we advise you to add it to the whitelist. Indeed, in the case where an IP address is in the black and white list at the same time, the whitelist will always take over.
Also, for a maximum of security, you can limit the access to whitelisted IP addresses only.
I get an error saying "Base table or view not found".
This issue may be due to a problem during the installation process.
You will be able to fix it by following these steps:
- Access your database via your control panel (Phpmyadmin for example).
- From the setup_module table, delete the entry Wyomind_watchlogpro. Be careful, that entry depends on your extension. For example, if you have the extension called Simple Google Shopping, you should delete Wyomind_SimpleGoogleShopping.
- Logout from your Magento 2 admin.
- Log into your Magento 2 admin.
Magento® Community Edition
- 1.9.3 +
- 1.9.2 +
- 1.9.1 +
- 1.9.0 +
- 1.8.1 +
- 1.8.0 +
- 1.7.0 +
- 1.6.2 +
- 1.6.1 +
- 1.6.0 +
- 1.5.1 +
- 1.5.0 +
Magento® Enterprise Edition
- 1.9.1 +
- 1.14.3 +
- 1.14.1 +
- 1.13.1 +
- 1.13.0 +
- 1.12.0 +
- 1.11.2 +
- 1.11.1 +
- 1.11.0 +
- 1.10.1 +
- 1.10.0 +
Leave your review and get up to 3 months of FREE upgrade
Instant relief from brute force attacks...
We have had major attacks over the past months and even though the free version lets you know this, we couldn't risk ignoring this and upgraded to the pro. It's a fantastic tool and would recommend it to anyone. It uses a simple UI so no confusion to blocking I'P's on the fly. Keep up the good work.
Darren - https://www.hilden.co.uk/
7th June 2017
Helped to protect the website
Watchlog helped to define competitors who were trying to scrape our prices and hack our admin area, so we were able to adjust our firewall, without going deep into server logs!
30th March 2017
Watchlog has been invaluable in helping to protect my site from hackers
Only today I received nearly twenty email from Watchlog that an IP had been blocked after 10 attempts. It offers peace of mind knowing that someone is watching the back door and keeping the site secure. I can only imagine how bad it would be without this extension.
Michael Netherton - http://www.responderpse.com/
15th February 2017
After install I have solved my security problems
16th December 2016
You don't know, but you need this... or will...
Well,it all started when the ISP told me (lucky me I was told) the website was under a massive attack from foreign countries...I've installed the FREE version of this useful extension, which gave me the idea of the dimensions of the attack.I immediately thought about the costs of recovering a possible take down and I decided the cost of this extension could be worth the risk.I can assure you now I can sleep perfectly, without any worrying about it.I just check the report every morning, just to notice who should come in did with no problem and who should stay out, STAYED OUT ! :-)To be honest I've faced some troubles during install due to the presence of some other extension, but the support team did a great job within minutes and I barely remember this...Would buy again...
10th December 2015
Very good solution to stop intrusion attempts
Works as described. As always Wyomind was very quick to react when I needed some support.
17th April 2015
We installed this extension after a brute force attack. The installation was easy and done in a few minutes. I was not sure about the correct configuration so that I had to sent an e-mail to the support team. Paul from WYOMIND completed the configuration for me with no extra costs!
17th April 2015
This offer is limited to one domain per extension purchased from your account
- v2.0.3released on 01/09/2016
- v2.0.1released on 29/06/2016
- Watchlog Pro is compatible with Magento 2.1.0
- v2.0.0released on 21/02/2016
- Watchlog Pro is compatible with Magento 2
- v1.4.0released on 25/04/2016
- Possibility to block IPs in the front-end
- v1.3.0released on 21/04/2016
- Improved IP check for Htaccess authentication
- v1.2.0released on 10/02/2016
- New management of licenses
- v1.1.1released on 27/10/2015
- Compatibility fix for Magento Security Patch SUPEE 6788
- v1.1.0released on 15/06/2015
- Use of wildcards for whitelisted IPs filters
- Compatibility fix for Magento Security Patch SUPEE-6285
- v1.0.2released on 21/05/2015
- Minor fix
- v1.0.1released on 17/04/2015
- Greater cache management for automatic blacklisting
- v1.0.0released on 20/03/2015
- First Release