is available for Magento® 2
Watchlog PRO - Security enhancement for your Magento® 2 website
The Watchlog Pro extension will allow you to list the IP addresses that try to access your Magento 2 backoffice, and to stop these intrusion attempts mainly by adding these IP addresses to a blacklist.
Possible brute force attack on Magento®
Thousands of Magento websites are certainely concerned by this very large brute force attack which aim is clearly to force the access to Magento backoffices.
The principle of that kind of attack is simple: robots try to log into your backoffice using multiple login/password combinations until they find the correct credentials.
Once these credentials are identified, your Magento website becomes an easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...
Several users have already reported some IPs.
What to do?
The login attempts can occur several times a minute and can reach several tens of thousands attempts every day which will deeply threaten the security of your website as you can see on the screen below.
This is why it is important to protect your Magento 2 website against brute force attacks.
Check if your Magento 2 website is hacked
You can first install our free Watchlog extension for Magento 2 to detect the intrusions into your Magento 2 backoffice in order to track any login attempt.
You'll then be able to see all the login attempts made from your website on 2 graphs.
The detail of each login attempt will be displayed below these 2 graphs. You'll find the IP addresses, dates, logins and passwords...
Bypass the attacks
Fortunately, these attacks are easy to bypass! Several solutions exist to make your backoffice invisible to robots that try to login:
- Modify the name of your backoffice
- Activate captcha for your backoffice
- Restrict the access to your backoffice by IP with htaccess
You can also use the Watchlog Pro extension for Magento 2 that will act as a firewall and replace all the above steps.
The admin of Magento 2 can be concerned with these brute force attacks so you need to make sure to protect each entrance to your Magento 2 backoffice.
How to use Watchlog Pro for Magento® 2 in 3 steps?
The Watchlog Pro extension allows you to detect if your Magento 2 website is threatened by any possible brute force attack and it gives you the ability to protect your website against it. You can start using the extension very quickly following 3 simple steps.
Configure Watchlog Pro in a general way
To start configuring Watchlog Pro for Magento 2, go to Stores > Settings > Configuration > Wyomind > Watchlog Pro.
In the General Settings tab, you'll be able to configure the lifetime of the history and activate the logs.
- History lifetime in days: define a history lifetime in days. For example, you'll be able to define the history lifetime on 30 days in order to automatically purge the history all the login attempts that are older than 30 days.
- Enable Log: by activating that option, a log file will be generated in var/log.
In the Periodical Report tab, you'll be able to configure the login reports:
- Send a periodical report: You can choose to receive periodical reports. If you enable the periodical reports, you'll have to configure the following options.
- Period to report in days: define how many days you want to include in your report.
- Sender Email: add the email address of the sender.
- Sender Name: add the name of the sender.
- Send the reports to: add the email addresses of the recipients separated by a comma.
- Report title: define a title for your report.
- Report schedule: define a schedule to automatically send the reports.
You'll then receive a periodical report as below.
White/Black list settings
Watchlog Pro gives you the possibility to create a whitelist as well as a blacklist of IPs. In the White/Black list settings tab, you can define your own parameters by filling in a certain number of fields:
- Whitelisted IPs: Click on Add IP to add an IP address into the whitelist.
- Secret key to whitelist your IP: If your own IP is blacklisted, you can use that secret key to whitelist it.
- Allow access to whitelisted IPs only: Choose to allow the access to whitelisted IPs only.
- Blacklisted IPs: Click on Add IP to add an IP address into the blacklist.
- Number of attempts before being blacklisted: Define a number of attempts before the IP is automatically blacklisted.
- Blacklisted IPs blocked for X minutes: Choose to blacklist the IPs for a defined period of time.
- Message to display if blocked: Define a message that will be displayed if someone with a blacklisted IP tries to log in to your admin panel.
Blocked IP Report
You'll be able to receive report everytime an IP address is blocked. For this, you can configure the report in the Blocked IP Report tab:
- Send a report when an IP is automatically blocked: Choose to receive a report when IPs are automatically blocked or not. By setting that parameter on YES, more options should display.
- Sender Email: Fill in the email of the sender.
- Sender Name: Add the name of the sender.
- Send the reports to: Enter the email addresses of the recipients separated by a comma.
- Report title: Define the name of your report.
Check the login attempts to your Magento® 2 admin
To have an overview of the connection attempts to your Magento 2 backoffice, go to Stores > Watchlog > Connection attempts.
Login attempts charts
On that page, you'll get 2 graphs that retrieve the login attempts statistics.
These graphs are based on 2 different periods of time in order to provide you with the maximum information. The first chart will display the statistics on the last 30 days whereas the second one will sum up the login attempts on the last 24 hours.
Both graphs show 3 different curves:
- Success: login attempts that succeeded
- Blocked: login attempts that have been blocked
- Failed: login attempts that failed
If you hover the mouse over the different points of the curves, you'll get the detail of the number of connection attempts at a specific date.
Login attempts detailed grid
Below the 2 graphs, you should find the summary of the login attempts over the last days retrieved in a grid. The login attempts data are retrieved into specific columns:
- IP: the IP that tried to log into your Magento 2 backoffice.
- Date: the date when the IP tried to log in.
- Login: the login used.
- Password: the password used to log in.
- Message: the message displayed when trying to log in.
- Url: the url from which the IP tried to log in.
- Status: the status of the IP (Success, Failed or Blocked).
By clicking on any IP address, you'll be redirected to www.abuseipdb.com that will automatically check that address. This allows you to see in one click if the IP address has already been reported by other users.
You have the possibility to purge history by clicking on Purge history now and to send the report of the login attempts by clicking on Send the periodical report now.
Login attempts summarized grid
You can get a summarized view by clicking on Switch to the summarized view. From that new grid, you will get a table with the basic information:
- IP: the IPs that tried to log in
- Last Attempts: the date of the last attempt
- Attempts: the number of login attempts
- Failed: the number of failed login attempts
- Succeeded: the number of login attempts that succeeded
- Blocked: the number of login attempts that have been blocked (these IP addresses won't have access to the Magento 2 admin log in page)
- Action: you can directly add these IP addresses to the white and black lists
To remove an IP address from a list, simply click on Remove IP from the white/black list.
You will be able to see if you have already blacklisted or whitelisted some IP addresses. Indeed, they will be displayed in black or white boxes. In the case where an IP is whitelisted and blacklisted at the same time, the whitelist will always have the upper hand.
By default, both tables display data of the last 30 days. This can be easily modified from Stores > System > Config > Wyomind > Watchlog, in the History lifetime in days field.
Note that to go back to the detailed view, you just have to click on Switch to the detailed view.
Manage traffic to your Magento® 2 backoffice
With Watchlog Pro, you can easily control and manage the traffic to your Magento 2 admin. You have 2 possibilities of doing it:
- Whitelist IPs
- Blacklist IPs
Add IPs to the whitelist
You can add as many IP addresses as you want in the whitelist. For this, go to Stores > Settings > Configuration > Wyomind > Watchlog Pro.
In the White/Black list settings tab, look for the Whitelisted IPs option. To add an IP address to the whitelist, click on Add. Then in the IP field, simply enter the IP address you want to whitelist.
Note that you can use wildcards (*) directly in the whitelisted IPs list.
For example, if you add 111.168.0.* as an IP to whitelist, then it will automatically add all IPs between 126.96.36.199 and 188.8.131.52 to the whitelist.
If you add 111.168.*.*, it will whitelist all IPs between 184.108.40.206 and 220.127.116.11.
If you want to remove an IP address from the whitelist, simply click on the bin in the same line.
For a very limited access, you can then set the Allow access to whitelisted IPs only option to YES, so that only the IP addresses you have defined are authorized to login.
In the case where your own IP address is blacklisted, you can use your secret key at any time to go back to your Magento 2 admin.
Add IPs to the blacklist
To stop IP addresses from logging into your Magento 2 admin, you only need to add them into your blacklist.
For that, go to Stores > Settings > Configuration > Wyomind > Watchlog Pro.
In the White/Black list settings tab, look for the Blacklisted IPs option. To add an IP address to the blacklist, click on Add. Then in the IP field, enter the IP address you want to block.
You can also set a date after which the IP address won't be blacklisted anymore. Leave that field empty to indefinitely block the IP.
Finally, to remove an IP address from the blacklist, simply click on the bin in the same line.
Watchlog PRO, the best way to protect your Magento® 2 admin!
Follow the trafic on your Magento® 2 backoffice
- View the daily and monthly login attempts in graphs
- Get a detailed and a summarized table of the login attempts
- Get a periodic report on the statistics by email
Filter any login attempt to your Magento® 2 backoffice
- Automatically or manually block IPs on the backend and frontend
- Create a whitelist and a blacklist of IPs
- Filter the login attempts history by status (Success or Failed)
Keep track of the connection attempts
- Define a history lifetime in days
- Identify the login attempts backdoor url (Downloader, Admin...)
How to make the difference between Watchlog and Watchlog Pro?
Even though Watchlog and Watchlog Pro both allow you to list each connection attempt to your Magento 2 backoffice, Watchlog Pro is more complete. It offers more options than the free version in order to detect and stop these intrusion attempts.
Connection attempts charts
Check the daily and monthly login attempts charts.
Connection attempts tables
Get detailed and summarized tables of the login attempts data.
Connection attempts history
Define the history lifetime and receive periodical reports.
Blacklist and Whitelist
Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.
Automatically or Manually block IPs
Block IPs after X login attempts, block the blacklisted IPs for X minutes.
How to check if my Magento® 2 website is attacked?
The Watchlog and Watchlog Pro extensions will allow you to check if your Magento 2 website is attacked.
In a first time, we advise you to install the free Watchlog extension in order to check the possible login attempts to your admin.
If it turns out that your Magento 2 website is hacked, you can protect your Magento admin following below steps:
- Modifiy the name of your Magento 2 backoffice
- Activate the captcha to access your Magento 2 backoffice
- Limit the access to your backoffice to some IP addresses only (htaccess)
Note that the Watchlog PRO extension will act as a firewall and will replace the above steps by blocking the IP addresses that are trying to access your Magento 2 backoffice.
What are the Magento® versions supported by Watchlog Pro?
This extension works with Magento Community Edition and also Magento Enterprise Edition. To know if Watchlog Pro is compatible with your Magento version, please check the Compatibility tab.Watchlog Pro is now compatible with Magento 2. Check the online documentation to know how Watchlog Pro works on Magento 2.
How come I didn't receive my payment confirmation for Watchlog Pro?
The payment confirmation email should only take a few minutes to be sent, rarely more than one hour. In the case where you didn't receive anything, you can:
- Check your spam filter.
- Contact us and we will try to send it again.
How to download the Watchlog Pro package for Magento® 2?
Go to My account > My downloads and click on the orange arrow next to the extension you've just purchased.
A new window opens. Click on the button on the right that specifies the version of the extension. Choose the version under Magento 2. Click on download. Your download can start.
For any extension, you can download the package even after your free upgrade period.Check our faqs to install your extension and activate your license.
How do I install Watchlog Pro on Magento® 2?
Here are the steps to install the Watchlog Pro extension on Magento 2:
- Before installing the extension, it's advisable to backup your Magento 2 installation.
- Then, you need to refresh caches in System Tools Cache Management.
- Now you can download the zipped extension from your account My downloads.
- Once you have downloaded it, unzip the folder content.
- Copy the app folder and paste it into the Magento 2 root directory. You can merge the directories.
- Open a console and run the following command on Magento 2 root directory:
bin/magento setup:upgradeOnce your installation is complete, don't forget to clear the cache and log in again.
How can I run some actions via command lines?
With Magento 2, you can use the control panel to easily execute some commands such as disabling a module or cleaning the cache.
To do so, you just need to open the control panel and from the bin/magento file, executing a command. Here is a non exhaustive list:
- setup:upgrade : update the install, for example after the installation of a new module.
- cache:clean : clean the cache.
- cache:enable : enable the cache.
- cache:disable : disable the cache.
- module:enable Wyomind_ExtensionName : activate the Wyomind module (for example module:enable Wyomind_SimpleGoogleShopping).
- module:disable Wyomind_ExtensionName : disable the Wyomind module (for example module:disable Wyomind_DataFeedManager).
- indexer:reindex : reindex the index in the database
How do I uninstall Watchlog Pro from Magento® 2?
In order to uninstall Watchlog Pro from Magento 2, here is how to proceed:
- Remove the following file from your Magento 2 root directory: app > code > Wyomind > watchlogpro
- In your data base, from the setup_module table, remove: Wyomind_watchlogpro
- Clear the caches
Where can I find my activation key?
You can find your activation key in 3 different places.
1. In the confirmation email that you've received after the purchase of your extension
2. In your Wyomind account
Log into your Wyomind account. In My account > My downloads, choose your extension and click on the orange arrow on its right. A new window opens where you should find the activation key.
3. In your Magento 2 admin when the extension is already installed and activated
Log into your Magento 2 admin panel. In Stores > Settings > Configuration > Wyomind > Watchlog Pro, you should see the License tab. In that tab you'll find your activation key.
How do I activate Watchlog Pro?
To activate Watchlog Pro on Magento 2, you need to:
1. Copy the activation key available in your Wyomind account (check our FAQ to know where to find your activation key). For example: ACTIVATION-KEY.
2. Go to your Magento 2 admin. A message appears at the top.
3. In Stores > Settings > Configuration > Wyomind > Watchlog Pro, paste the activation key in the Activation key field.
4. Choose between the Automatic (Yes) or the Manual (No) activation method.
- Automatic (Yes): you allow a connection to Wyomind's license server
- Manual (No): you must log in with your browser to Wyomind's license server
5. Click on Save config.
6. A message appears at the top of your Magento 2 admin: Activate it now! Click on that link.
7. Copy and paste the license code in the License code field from your Magento 2 admin or simply click on Activate now!.
8. Finally, you must log out and clear the caches so that the installation is complete. And that's all!To activate the license of an extension that includes other modules (for example Advanced Inventory that includes 3 modules), you will have to repeat the above steps for each module (in the case of Advanced Inventory there will be 4 modules to activate) using the activation keys corresponding to each module.
How do I activate Watchlog Pro on a local, development or staging environment?
You don't need to buy 2 licenses for 2 domains to test Watchlog Pro on a staging server first as a license is valid for one live domain and as many staging or development environments you need for Magento 2. To be able to use Watchlog Pro on production and pre-production domains, you have to follow some steps. Here is how to proceed:
- Install Watchlog Pro on your production environment.
- Activate the license.
- You can now use Watchlog Pro on your production domain.
Now you want to use Watchlog Pro on your live domain.
- Redownload your extension package from your Wyomind account.
- Install the extension on your live domain.
- From your Magento 2 admin panel, in Stores > Settings > Configuration > Wyomind > Watchlog Pro, fill in your current activation key.
- Click on Save config.
- A notification is displayed offering you to Buy a new license or to Add this domain to my license.
- Click on Add this domain to my license.
- Your request should be approved within one hour (see conditions).
- You receive a confirmation email.
- Once your request is accepted, you can use your extension on both domains.
I get a message "Request an IP unlock" in my Magento® 2 back-office.
If you're getting this message, it probably means that you have filled in the Activation Key field in Stores > Settings > Configuration > Wyomind > Watchlog Pro with a wrong activation key too many times.
You will then need to follow these steps:
- Click on Request an IP unlock.
- Your request should be accepted within one hour.
- During that time, check which activation key you need to provide (our Faq will help you find your activation key).
- Once your IP unlock request has been approved, paste your activation key in the Activation key field in Stores > Settings > Configuration > Wyomind > Watchlog Pro and click on Save Config.
Then, you can finalize the activation of the license.
I continuously get "Request an IP unlock" in my admin even after having unlocked it several times.
In order to solve this problem, you must empty the License code field from Stores > Settings > Configuration > Wyomind > Your extension and click on Save config. Finally, reactivate your license by clicking on Activate Now.
You may also have to request a free license transfer. If so, you can follow our faq.
I get an error "Unable to update your license" in my Magento® 2 back-office.
If you get the following message in your Magento 2 admin:
Wyomind Watchlog Pro
Unable to update your license: your subscription has expired.
In order to extend your subscription, please connect into your Wyomind account.
It probably means that you installed a higher version than the one you're licensed for.
You'll have 2 possibilities:
- Download and install the extension version you purchased by selecting for example 8.0.0 (installed).
- Increase your upgrade period and install the last version of the extension clicking on Upgrade now.
How do I upgrade Watchlog Pro to the latest version?
You can upgrade directly from your account.
1. Go to My account > My download.
2. Click on the grey arrow next to Watchlog Pro.
3. Click on Upgrade Now.
4. Enter your current activation key and click on the orange tick next to it.
5. Tick the domain name for which you want to upgrade Watchlog Pro.
6. Choose 1 month or 1 year of upgrade.
7. Choose a Professional installation or not.
8. Click on Buy now.
I get an error saying "Base table or view not found".
This issue may be due to a problem during the installation process.
You will be able to fix it by following these steps:
- Access your database via your control panel (Phpmyadmin for example).
- From the setup_module table, delete the entry Wyomind_watchlogpro. Be careful, that entry depends on your extension. For example, if you have the extension called Simple Google Shopping, you should delete Wyomind_SimpleGoogleShopping.
- Logout from your Magento 2 admin.
- Log into your Magento 2 admin.
How to do when my own IP address is blacklisted?
In the case where you have accidentally blocked or blacklisted your own IP address, you can at any time use your secret key to return to your Magento 2 backoffice.
You should have defined your secret key in Stores > Settings > Configuration > Wyomind > Watchlog Pro in the White/Black list settings tab.
For example, if in the Secret key to whitelist your IP field, you've added MYSECRETKEY, then you'll have to use the following url: https://www.mywebsite.com/watchlog/whitelist/add/key/MYSECRETKEY
This will automatically add your IP to the whitelist.
To be sure that your IP address won't be blacklisted, we advise you to add it to the whitelist. Indeed, in the case where an IP address is in the black and white list at the same time, the whitelist will always take over.
Also, for a maximum of security, you can limit the access to whitelisted IP addresses only.
Magento® Community Edition
Magento® Enterprise Edition
Leave your review and get up to 3 months of FREE upgrade
Watchlog has been invaluable in helping to protect my site from hackers
Only today I received nearly twenty email from Watchlog that an IP had been blocked after 10 attempts. It offers peace of mind knowing that someone is watching the back door and keeping the site secure. I can only imagine how bad it would be without this extension.
Michael Netherton - http://www.responderpse.com/
15th February 2017
After install I have solved my security problems
16th December 2016
You don't know, but you need this... or will...
Well,it all started when the ISP told me (lucky me I was told) the website was under a massive attack from foreign countries...I've installed the FREE version of this useful extension, which gave me the idea of the dimensions of the attack.I immediately thought about the costs of recovering a possible take down and I decided the cost of this extension could be worth the risk.I can assure you now I can sleep perfectly, without any worrying about it.I just check the report every morning, just to notice who should come in did with no problem and who should stay out, STAYED OUT ! :-)To be honest I've faced some troubles during install due to the presence of some other extension, but the support team did a great job within minutes and I barely remember this...Would buy again...
10th December 2015
Very good solution to stop intrusion attempts
Works as described. As always Wyomind was very quick to react when I needed some support.
17th April 2015
We installed this extension after a brute force attack. The installation was easy and done in a few minutes. I was not sure about the correct configuration so that I had to sent an e-mail to the support team. Paul from WYOMIND completed the configuration for me with no extra costs!
17th April 2015
This offer is limited to one domain per extension purchased from your account
- v2.0.3released on 01/09/2016
- v2.0.1released on 29/06/2016
- Watchlog Pro is compatible with Magento 2.1.0
- v2.0.0released on 21/02/2016
- Watchlog Pro is compatible with Magento 2
- v1.4.0released on 25/04/2016
- Possibility to block IPs in the front-end
- v1.3.0released on 21/04/2016
- Improved IP check for Htaccess authentication
- v1.2.0released on 10/02/2016
- New management of licenses
- v1.1.1released on 27/10/2015
- Compatibility fix for Magento Security Patch SUPEE 6788
- v1.1.0released on 15/06/2015
- Use of wildcards for whitelisted IPs filters
- Compatibility fix for Magento Security Patch SUPEE-6285
- v1.0.2released on 21/05/2015
- Minor fix
- v1.0.1released on 17/04/2015
- Greater cache management for automatic blacklisting
- v1.0.0released on 20/03/2015
- First Release