solutions for e-commerce

13 years of business 2561 reviews 4.9 average rating
User guide

Watchlog PRO - Security enhancement

While the free extension Watchlog lists the IPs that try to access your Magento back office, Watchlog PRO will also help you to stop these intrusion attempts.

Watchlog PRO is a more complete version that offers more options than Watchlog.


Watchlog Pro

Connection attempts charts

Check the daily and monthly login attempts charts.

Connection attempts tables

Get detailed and summarized tables of the login attempts data.

Connection attempts history

Define the history lifetime and receive periodical reports.

Blacklist and Whitelist

Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.

Automatically or Manually block IPs

Block IPs after X login attempts, block the blacklisted IPs for X minutes.

Possible large scale brute force attack on Magento!

Thousands of Magento websites are certainly concerned by this very large brute force attack which aim is clearly to force access to Magento back offices.

The principle of that kind of attack is simple: robots try to log into your back office using multiple login/password combinations until they find the correct credentials.

Once these credentials are identified, your Magento website becomes easy prey for hacking: exploitation of your database, diversion of your payments, hacking, unfair competition...

How did we notice this attack?

At Wyomind, our paid software is delivered with a module named Notification Manager. It keeps you informed about the new updates of our extensions.

This extension is available from your back office in:
SystemConfigurationWyomindNotification Manager

It lets you choose which extension you wish to receive notifications.

In order to feed custom notifications to your back office, this extension retrieves our RSS feed ( just like Magento RSS feed ( each time someone or any robot tries to log into your back office.

If you want more information on how RSS feeds and notifications work within Magento, you can read the very complete article of Nick Jones (Magento Certified Specialist).

This implementation choice has underlined some considerable peaks of requests concerning thousands of websites and implying repetitive login attempts.

These login attempts can recur several times a minute and can reach several tens of thousands of attempts every day which will deeply threaten the security of your website as you can see on the screen below.

Several users have already reported some IPs as you can see on the below screen.

How to check if my website is subject to this kind of attack?

If you received a message from us, it means we have noticed an abnormally high number of requests. In that case, you can install our free Watchlog extension to detect and track the intrusions into your back office.

Why my hosting company can't protect my website against these attacks?

It is quite difficult to detect and to implement a firewall against that kind of attack for the following reasons:

  • The IPs constantly change
  • The IPs requests are made regularly and at different intervals of time
  • The IPs try to access from different pages into your Magento back office (Downloader, Admin log in Page...)

What to do?

Fortunately, these attacks are easy to bypass! Several solutions exist to make your back office invisible to robots that try to log in:

The admin but also the downloader of Magento are concerned with that kind of brute force attack. You need to make sure to protect each entrance to your back office by adding for example htaccess to the downloader.

How to use Watchlog PRO?

Watchlog PRO is an extension for Magento that is easy to use. You'll be able to see very quickly if your Magento Backoffice is threatened by a brute force attack and if someone or some robots are trying to log into your Magento admin panel.

STEP 1: Configure your Watchlog PRO extension

You can start with configuring your extension in a general way in:

Connexion attempts history

In the Connexion attempts history tab, you'll be able to configure a certain number of parameters.

History lifetime in days: You have the possibility to define a history lifetime in days in order to purge the history. For example, you'll be able to define the history lifetime on 30 days in order to remove automatically all the login attempts that are older than 30 days.  

Send a periodical report: You can choose to receive periodical reports. If you have decided to set that option to YES, then you'll have to define:

  • Period to report in days: define how many days you want to include in your report.
  • Report title: define a title for your report.
  • Report recipients: add the email addresses of the recipients separated by a comma.
  • Report schedule: define a schedule to automatically send the reports.

White/Blacklist settings

In the White/Blacklist settings tab, you also have the possibility to create a whitelist as well as a blacklist.

You have to fill in a certain number of fields:

  • Whitelisted IPs
    Click on Add IP to add an IP address into the whitelist and save the config.
From Watchlog 1.1.0, you can use wildcards (*) directly in the whitelisted IPs list. For example, if you add 111.168.0.* as an IP to the whitelist, then it will automatically add all IPs between and to the whitelist. If you add 111.168.*.*, it will whitelist all IPs between and
  • Secret key to whitelist your IP
    In the case where your IP is blacklisted, you will be able to use that secret key to whitelist your IP.  
  • Allow access to whitelisted IPs only
    You also have the possibility to allow access to whitelisted IPs only.
  • Blacklisted IPs
    Here is the same process as the whitelist. Click on Add IP to add an IP address to the blacklist.
  • Number of attempts before being blacklisted
    You can define a number of attempts before the IP is automatically blacklisted.
  • Blacklisted IPs blocked for X minutes
    You can also choose to blacklist the IPs only for a defined period of time.
  • Message to display if blocked
    Here is the message that will be displayed if someone with a blacklisted IP tries to log into your admin panel.
  • Send a report when an IP is automatically blocked
    Choose to receive a report when IPs are automatically blocked or not.
  • Report title
    Define the name of your report.
  • Report recipients
    Enter the email addresses of the recipients separated by a comma.

STEP 2: Check the login attempts to your Magento back office

You'll have a global overview of the login attempts executed from your admin panel login page, if you go to:

Statistics on the login attempts will be displayed in graphs and tables.

Login attempts graphs

You should get two graphs that recap the login attempts statistics on two different periods of time in order to give you the best possible view. The first chart will display the data on 30 days whereas the second one will sum up the login attempts in 24 hours.

On both graphs, you'll have several curves:

  • Success: This represents the login attempts that succeeded.
  • Failed: This represents the login attempts that failed.
  • Blocked: This represents the login attempts with an IP that has been blocked (these IPs won't even have access to the Log into the Admin Panel page).

Login attempts grids

You should find the summary of the last days within two different views:

  • Detailed view
  • Summarized view

You'll know in both views if you have blacklisted or whitelisted some IPs from:

The IP will be displayed in colored boxes:

  • Black: represents the IPs that are blacklisted
  • White: represents the IPs that are whitelisted

In the summarized view, IPs will be in white or black boxes only if when they tried to log in, they were already defined as whitelisted or blacklisted IPs.

Note that in the case where an IP is whitelisted and blacklisted at the same time, the whitelist will always have the upper hand.

In the Detailed View, you'll find a detailed table of the login attempts. Among that grid, you'll have several data:

  • The IP that tried to log into the back office.
  • The date when the IP tried to log in.
  • The login used.
  • The message displayed when trying to log in.
  • The URL from which the IP tried to log in.
  • The status of the IP: Success or Failed.

Note that there won't be any record of the successful connections from the Downloader.

By clicking on Switch to the summarized view you should get a table with the basic information. You'll find:

  • The IPs that tried to log in
  • The date of the last attempt
  • The number of login attempts
  • The number of failed login attempts
  • The number of login attempts that succeeded
  • The number of blocked login attempts
  • The action: Add IP to the whitelist or Add IP to the blacklist

By default, both tables display data for the last 30 days. You can edit that in the History lifetime in days field, from:

At any time you can switch between both views.   

Watchlog PRO, the best way to protect your Magento® admin!

Follow the traffic on your Magento® admin

  • View the daily and monthly login attempts in graphs
  • Get a detailed and summarized table of the login attempts
  • Get a periodic report on the statistics by email

Filter any login attempt to your Magento® admin

  • Automatically or manually block IPs on the backend and frontend
  • Create a whitelist and a blacklist of IPs
  • Filter the login attempts history by status: Success or Failed

Keep track of the connection attempts

  • Define a history lifetime in days
  • Identify the login attempts backdoor URL (HTaccess, Downloader, Admin...)
Freqently Asked Questions
Pre-sales informations

This extension works with Magento Community Edition and also Magento Enterprise Edition. To know if Watchlog Pro is compatible with your Magento version, please check the Compatibility tab. 

While the free extension Watchlog lists the IPs that try to access your Magento backoffice, the Watchlog PRO extension will also help you to stop these intrusion attempts.

As you can see on the below table, Watchlog PRO is a more complete version that offers more options than Watchlog.


Watchlog Pro

Connection attempts charts

Check the daily and monthly login attempts charts.

Connection attempts tables

Get detailed and summarized tables of the login attempts data.

Connection attempts history

Define the history lifetime and receive periodical reports.

Blacklist and Whitelist

Create a whitelist and a blacklist of IPs, allow access to whitelisted IPs only.

Automatically or Manually block IPs

Block IPs after X login attempts, block the blacklisted IPs for X minutes.

The Watchlog PRO extension allows you to check if your website is attacked and at the same time to stop these connection attempts by blocking the IPs that try to access your backoffice.

You can in a first time install the free Watchlog extension which will allow you to check if your website is targeted by that attack.

License and domains

We offer our customers who want to migrate their Magento 1 license to a Magento 2 license, the transfer at a reduced price. 

You have the possibility to migrate your license directly from your Wyomind account in:
My accountLicenses & Downloads

Click on migrate to magento 2  in front of the extension and the domain you want to transfer. 

Confirm you want to migrate your license to a Magento 2 license by clicking on Confirm and checkout .

An invoice will be automatically added to your account from: 
My accountInvoices


The price of the transfer is equivalent to a 30% reduction compared to the price of the regular Magento 2 license.

You can proceed to the payment by clicking on PP .

Once the payment is done, you can go back to: 
My accountLicenses & Downloads

There you will be able to download and install your license for Magento 2. 

Note that your license for Magento 1 will remain active indefinitely in your Wyomind account in order for you to migrate with peace.

A license is valid for an unlimited period of time on one single Magento installation.

If you use more than one Magento installation, you will have to buy a separate license for each one.

If you run several domains on the same Magento installation, you will need only one license for all of them.

Although your license doesn’t have a limited period of validity, your support period does. By purchasing an extension, you’ll be granted a 6-month support period for free. Passed this period, you will have to renew your Support plan (see FAQ: How to extend my support period?).

You can pre-register your live domain to your license in advance.

Thanks to this option, you'll be able to get the extension ready to use on your domain before it goes live.

To pre-register your production domain: 

  1. Go to:
    mY accountLicenses & DOwnloads
  2. Click on  next to the extension you want your domain to pre-register on.
  3. Click on the link at the bottom of the page saying:
    Do you want to pre-register your domain in order to be ready to go live?
  4. Finally, enter your domain name and click on pre-register now .
Attention, this doesn't mean your license is activated. You'll still have to activate it on your new domain when the extension is installed. 

One license is valid for an unlimited period of time on one Magento installation only.  

It is possible, however, to extend or transfer your license in 2 cases: 

  • If you'd like to add your testing environments to your license.
    In this case, it is possible to extend your license to an unlimited number of domains for free.
    For example or
  • If you want to transfer your license to another live domain.
    In that case, the support period for your license must still be active.

To be able to use Watchlog Pro on both your production and testing environments, follow the instructions below:

  1. Download Watchlog Pro.
    (see FAQ: Extensions download)
  2. Install Watchlog Pro on your production environment.
    (see FAQ: Extensions installation)
  3. Activate the license.
    (see FAQ: Extensions activation).
  4. From your Magento admin panel, enter your current Activation Key in:
  5. Save your configuration.

Now that you can use Watchlog Pro on your production environment, repeat the same steps as above on your testing environments.

The only difference this time: a notification will appear in your Magento admin

You will be given a choice between:

  1. buy a new license now
  2. add this domain to my license

Click on Add this domain to my license.

A transfer request will then be sent to our team within an hour.

Once the request is taken care of, you will receive a confirmation email.

If your transfer request is accepted, you can use Watchlog Pro on both environments at the same time.

The order in which you activate your license on your domains does not matter.
You can start with your staging/dev/local environment or with your live domain, the process will be the same.
Modules versioning and download

In order to download Watchlog Pro, log into your Wyomind account:

    1. Go to:
      my accountLicenses & downloads 
    2. Click on the  icon next to Watchlog Pro.

      A new window opens.

    3. Choose the version of Watchlog Pro.
      You will be able to choose the most recent version of Watchlog Pro (for both Magento 1 and Magento 2).
    4. Click on  .

Your download can start.

When purchasing an extension from, you benefit from a lifetime upgrade. You can at any time download the latest version of the extension directly from your account. 

To upgrade Watchlog Pro, follow the steps below:

  1. Go to:
    my accountLicenses & Downloads
  2. Click on  next to Watchlog Pro.
  3. Choose the latest version of Watchlog Pro (for Magento 1 and Magento 2).
  4. Click on download .
  5. Install the new version of Watchlog Pro to update your Magento admin. 

Modules Installation/Uninstallation

To uninstall Watchlog Pro, go on its zip folder and open it.

You will find a shell file (such as: that you must execute on both your server and Magento root directory.

Once the uninstallation is over, refresh your cache and enable the compiler back again (if you use it).

Before installing Watchlog Pro, you’ll have to:

  • Backup your Magento installation in:
    system  tools   backups
  • Disable the compiler in your Magento admin panel if it’s not already disabled:
    system  tools   COMPILATIONS
  • Refresh your cache in:
    systemselect cache typeactionsrefreshsubmit

Now you can install Watchlog Pro:

  1. Download Watchlog Pro (zip file) from:
    my account my downloads
    Refer to FAQ here: Extensions download
  2. Once Watchlog Pro is downloaded, open the folder and unzip it.
  3. Copy the content of the unzip folder and paste all files and directories in your Magento root directory (the folder content can vary according to the extension but it generally includes app, lib and skin folders).

  4. Once your installation is complete, don't forget to enable the compiler back (if it was already enabled before the installation) and run compilation process.
  5. Refresh your cache, logout from your admin panel and log back in right after.

Next step is to activate your license, to do so, click here: Extension activation

Modules activation

Once Watchlog Pro is installed, you have to activate the license: 

  1. Go to your Magento admin panel. A message pops up at the top of the page.

    If the message doesn't appear then you must check that:

    Wyomind's License Manager has not been removed from your installation.
    Wyomind's License Manager is enabled in: app/etc/modules/Wyomind_Licensemanager.xml
    The HTML output for Wyomind_Licensemanager and/or Adminhtml_Notification are not disabled in your system under: system   configuration  advanced advanced

  2. Copy your activation key.

    You can find your activation key in 2 different places:
    - In the confirmation email that you received after purchasing Watchlog Pro
    - In your Wyomind account:MY ACcount My downloads, select Watchlog Pro and click on  . A new page opens where you'll find your activation key (see below).
  3. In your Magento admin go to:
    SysteMConfigurationWyomindYour extension

    Paste the activation key in the Activation Key field and choose between the automatic (yes) or the manual (no) activation method:
    - By choosing Yes, the connection to Wyomind license server will be automatic. 
    - By choosing No, you will have to log on to Wyomind license server yourself.

  4. Save the configuration.
  5. Clear your caches. 
  6. A message appears at the top of your admin panel: Activate it now!  Click on that link.

  7. Copy and paste the license code in the License code field from your admin or simply click on Activate now! 
  8. Finally, refresh your cache, log out and log back in straight after, to complete the installation.

To activate the license of an extension that includes other modules, you’ll have to repeat the steps described above for each extension, using the corresponding activation keys (each module has its own activation key).

Modules use

If your IP address is blacklisted, you can at any time use your secret key to return to the admin.

You should have defined your secret key in the White/Black list settings tab from:

You need to use the following url:{{YOUR SECRET KEY}}

In our example, we should browse:

This will automatically add your IP to the whitelist.


If your site crashes and gives this error message after uploading all files to the correct folders:

Fatal error: Class 'Wyomind_Notificationmanager_Model_Resource_Setup' not found in includes/src/Mage_Core_Model_Resource_Setup.php on line 234

It probably comes from installing an extension while the compiler is still enabled.

Important note:

  • If the compilation is enabled on your website, disable it first before installing any extension from: 
    After installation re-run the compilation process and re-enable the compiler.
  • Before installing any extension, it's advisable to backup your Magento installation.

Here is how to disable the Magento compiler:

  1. Edit the following file: includes/config.php and add a # before the 2 following lines:

    to get:

  2. Then go back to your website admin and re-run the compilation process.

If you're getting a white page using the extension, you should enable the error reporting in order to display the error. You can do that from index.php.

Most of the time log-out/log-in may solve this issue.

This issue may be due to a problem during the installation process.

You can fix it by following these steps:

  • Access your database via your control panel (Phpmyadmin for example).
  • Delete the entry watchlogpro_setup from the core_resource table.
    Be careful, that entry depends on your extension. For example, if you have the extension called Simple Google Shopping, you should delete simplegoogleshopping_setup.
  • Logout from your Magento admin.
  • Log into your Magento admin.
Magento 1 / Openmage Compatibility

Magento 1 / Openmage®

  • 1.1.3
  • 1.1.4
  • 1.1.5
  • 1.1.6
  • 1.1.7
  • 1.1.8
  • 1.2.0
  • 1.2.1
  • 1.3.0
  • 1.3.1
  • 1.3.2
  • 1.3.3
  • 1.4.0
  • 1.4.1
  • 1.4.2
  • 1.5.0
  • 1.5.1
  • 1.6.0
  • 1.6.1
  • 1.6.2
  • 1.7.0
  • 1.8.0
  • 1.8.1
  • 1.9.0
  • 1.9.1
  • 1.9.2
  • 1.9.3
  • 1.9.4
  • 1.10.0
  • 1.10.1
  • 1.11.0
  • 1.11.1
  • 1.11.2
  • 1.12.0
  • 1.13.0
  • 1.13.1
  • 1.14.0
  • 1.14.1
  • 1.14.2
  • 1.14.3
  • 1.14.4

Magento 1 / Openmage® Enterprise (deprecated)

  • 1.1.3
  • 1.1.4
  • 1.1.5
  • 1.1.6
  • 1.1.7
  • 1.1.8
  • 1.2.0
  • 1.2.1
  • 1.3.0
  • 1.3.1
  • 1.3.2
  • 1.3.3
  • 1.4.0
  • 1.4.1
  • 1.4.2
  • 1.5.0
  • 1.5.1
  • 1.6.0
  • 1.6.1
  • 1.6.2
  • 1.7.0
  • 1.8.0
  • 1.8.1
  • 1.9.0
  • 1.9.1
  • 1.9.2
  • 1.9.3
  • 1.9.4
  • 1.10.0
  • 1.10.1
  • 1.11.0
  • 1.11.1
  • 1.11.2
  • 1.12.0
  • 1.13.0
  • 1.13.1
  • 1.14.0
  • 1.14.1
  • 1.14.2
  • 1.14.3
  • 1.14.4
User's reviews
Log into your account to leave your review and get up to 3 months of free Support & Upgrade.

8th April 2024

Watch PRo for Magento 1

Wery good, stop to bad access

Marco - Merchant - User for more than 8 years |Magento 1

27th June 2019

must have extension for security

I recommend this extension for every Magento site owner, Watchlog is a must have extension. I am using it for a few years now and it gives peace of mind about my sites security. Watchlog gives perfect information about login-attempts including IP address (with a direct link to an abuse database) and url where the attempt was made. The extension blocks every brute force attack after a few tries and with the Ip address info it gives it makes it easy to block access to my server via my firewall.

14th May 2019

Security - saves my store

This extension for Magento is very very helpful. Every day blocked many logins and IP's. Best security system for my stores. It blocks access and I do not have to worry. Previously, I had to block manually. Now the matter has been settled!

Szymon - User for more than 6 years |Magento 1

3rd October 2018

Peace of mind

Give us peace of mind that our Magento sites are secure. The daily reports via email provide a quick overview. I would recommend this to any Magento store owner. Currently, we have 3 sites secured using WatchLog Pro.

Iain - User for more than 6 years |Magento 1

6th August 2018

Great extension

This is a must have extension for Magento. Not only does it give you a real time view of any brute force hack attempts but also cuts them off as advertised. I would whole heartedly recommend this extension to any Magento site owner/developer

13th April 2018

Wyomind is an Established Extension Developer

I use the Wyomind Watchlog Pro extension because there is no other module like it. It has alerted us several times to multiple attempted unauthorized login attempts.I highly recommend this extension. Wyomind has a support staff as well.

28th March 2018

Worth every penny & Peace of Mind !

We were already using Watchlog as had a number of other modules from Wyomind before and it was installed from them. We recently got hit by a Brute Force Attack on locations which are vulnerable in Magento1. We upgraded to Watchlog pro and had peace of mind that the IPs were being automatically blocked. Over 45K Connections per day .. had to upgrade the server software so it didnt fold. Wyomind support is always prompt and helpful. Would recommend this company for any Magento modules. The build good stuff, and then support which is vital when adding additional features to your Magento Store. Got a small glitch with the cron firing every 30mins and sending me notification emails... still not figured that one out yet but will resolve with Wyomind support soon.


14th March 2018

It's like having a dog in the garden...

Brute force attacks are daily news nowadays and, besides not always needing worrying (if set up is safe) for every attempt, having a dog barking in the garden is useful, so that you might know if there actually is something going wrong or not. And with the increasing number of Magento installations, you risk entering the attackers attention With WatchLogPro you can anyway easily block any attempt, even if coming from different IPs, and make attackers look somewhere else. It is also good to keep track of who accessed your backend, from where, and when... The name says it all: it's a WatchDog+Logger..

7th October 2017

Excellent !!

Have been using extensions form Wyomind for 2 years now. Absolute stable and greatly thought through! Watchlogpro gives me the security my site really needs.

Sander - User for more than 7 years |Magento 1|Magento 2

7th June 2017

Instant relief from brute force attacks...

We have had major attacks over the past months and even though the free version lets you know this, we couldn't risk ignoring this and upgraded to the pro. It's a fantastic tool and would recommend it to anyone. It uses a simple UI so no confusion to blocking I'P's on the fly. Keep up the good work.

30th March 2017

Helped to protect the website

Watchlog helped to define competitors who were trying to scrape our prices and hack our admin area, so we were able to adjust our firewall, without going deep into server logs!


15th February 2017

Watchlog has been invaluable in helping to protect my site from hackers

Only today I received nearly twenty email from Watchlog that an IP had been blocked after 10 attempts. It offers peace of mind knowing that someone is watching the back door and keeping the site secure. I can only imagine how bad it would be without this extension.

16th December 2016


After install I have solved my security problems

BSA - User for more than 9 years |Magento 1

10th December 2015

You don't know, but you need this... or will...

it all started when the ISP told me (lucky me I was told) the website was under a massive attack from foreign countries...
I've installed the FREE version of this useful extension, which gave me the idea of the dimensions of the attack.
I immediately thought about the costs of recovering a possible take down and I decided the cost of this extension could be worth the risk.
I can assure you now I can sleep perfectly, without any worrying about it.
I just check the report every morning, just to notice who should come in did with no problem and who should stay out, STAYED OUT ! :-)
To be honest I've faced some troubles during install due to the presence of some other extension, but the support team did a great job within minutes and I barely remember this...
Would buy again...


17th April 2015

Very good solution to stop intrusion attempts

Works as described. As always Wyomind was very quick to react when I needed some support.


17th April 2015

Simply perfect!

We installed this extension after a brute force attack. The installation was easy and done in a few minutes. I was not sure about the correct configuration so that I had to sent an e-mail to the support team. Paul from WYOMIND completed the configuration for me with no extra costs!


Initial release for the master version

Initial release for the legacy version


  • Support of IPs (IPV6)
Patch v1.6.0.1

  • Fix when checking IPs 


  • Ability to use wildcards in the IPs list, example: 123.123.123.*

Bug Fix

  • The limit dates of the blacklisted IPs are preserved when saving the configuration 


  • Possibility to block IPs in the front-end


  • Improved IP check for Htaccess authentication


  • New management of licenses


  • Compatibility fix for Magento Security Patch SUPEE 6788


  • Use of wildcards for whitelisted IPs filters


  • Compatibility fix for Magento Security Patch SUPEE-6285

Bug Fix:

  • Minor fix


  • Greater cache management for automatic blacklisting
  • First Release
Demo store

Stay tuned and get a coupon code of 10% off any purchase while creating your account!

Subscribe now for updates, promotions and products launch twice a month at most.

Please indicate a valid email