Logo Wyomind Magento workshop

Add-ons for Magento®


logo Watchlog

Prevent your website from brute force attacks which aim is to force the access to your Magento backoffice. Watchlog helps you to identify and definitively stop such attacks!

7 Reviews

is available for Magento® 2

Prevent your website from brute force attacks with Watchlog

Possible large scale brute force attack on Magento®!

Thousands of Magento® websites are certainely concerned by this very large brute force attack which aim is clearly to force the access to Magento® backoffices.

The principle of that kind of attack is simple: robots try to log into your backoffice using multiple login/password combinations until they find the correct credentials.

Once these credentials are identified, your Magento® website becomes an easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...

How did we notice this attack?

At Wyomind, our paid software are delivered with a module named Notification Manager. It keeps you informed about the new updates of our extensions.

This extension is available from your backoffice in

System Configuration Wyomind  Notification Manager

 It lets you choose for which extension you wish to receive notifications.

In order to feed custom notifications to your backoffice, this extension retrieves our RSS feed ( https://www.wyomind.com/rss.xml ) just like Magento® RSS feed ( http://www.magentocommerce.com/notifications_feed ) each time someone or any robot tries to log into your backoffice.

If you want more information on how RSS feeds and notifications work within Magento®, you can read the very complete article of Nick Jones (Magento® Certified Specialist).

This implementation choice has underlined some considerable peaks of requests concerning thousands of websites and implying repetitive login attempts.

These login attempts can recur several times a minute and can reach several tens of thousands attempts every day which will deeply threaten the security of your website as you can see on the screen below.

How to check if my website is subject to these attacks?

If you received a message from us, it means we have noticed an abnormally high number of requests:

You can install our free Watchlog extension to detect the intrusions into your backoffice, you will then be able to track login attempts.

Why my hosting company can't protect my website against these attacks?

It is quite difficult to detect and to implement a firewall against that kind of attack for the following reasons:

  • The IPs constantly change
  • The IPs requests are made regularly and at different intervals of time
  • The IPs try to access from different pages into your Magento® backoffice (Downloader, Admin log in Page...)

What to do?

Fortunately, these attacks are easy to bypass!

Several solutions exist to make your backoffice invisible to robots that try to login:

The admin but also the downloader of Magento® are concerned with these brute force attacks. You need to make sure to protect each entrance to your backoffice by adding for example htaccess to the downloader.

Watchlog Free Vs Watchlog Pro

While the free extension Watchlog lists the IPs that try to access your Magento® backoffice, Watchlog PRO will also help you to stop these intrusion attempts.

Watchlog PRO is a more complete version that offers more options than Watchlog.

Watchlog FREE


Connection attempts charts

Check the daily and monthly login attempts charts.


Connection attempts tables

Get detailed and summarized tables of the login attempts data.


Connection attempts history

Define the history lifetime and receive periodical reports.


Blacklist and Whitelist

Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.


Automatically or Manually block IPs

Block IPs after X login attempts, block the blacklisted IPs for X minutes.