FREE installation when buying from 3 extensions.

Protect & Secure Online Store

Built by the Magento Security Experts

Magento 2 security designed
to keep the bad guys out

There have been up to 650,000 stores using Magento 2 platform all over the world, and they are being ideal prey for hackers. Your Magento 2 store needs Mageplaza Security module to keep the bad guys out. Mageplaza Security resolves common Magento 2 security issues

Mageplaza Security for Magento 2 is a perfect security solution for online stores built based on Magento platform. The module helps prevent break-in attempts to your store from hackers. Thanks to an effective warning system, your valued information will be completely protected

%
Stores have vulnerability
%
Stores do not use SSL
%
Stores have 4+ security issues

Highlight features

What stands out in Security
magento 2 Security Checklist

Security Checklist

Mageplaza Security extension provides store admins a security checklist which automatically displays all warnings of possible security risks about admin username, captcha, Magento version and database prefix.

Brute Force Attack Protection

Admins are allowed to set a limit for the number of failed login attempts. This restriction will become a fundamental for the module to send shop owners a warning message whenever the store encounters risks of break-in attempts.

Brute Force Attack Protection
Login Log

Login Log

Mageplaza Security extension tracks and records all logins in a log along with its information like ID, Time, User name, IP, Browser Agent, Url and Status (Failure or Success). Store admins can view the details and trace the IP.

SECURITY PRO HIGHLIGHT FEATURES

magento 2 Security file-change-detection

File change detection

Important files in the admin panel should not be changed without any awareness. Unwanted adjustments in the backend made by hackers are harmful to online stores. Hence, a tracking and warning system will definitely provide better protection for your business. The module is able to detect every single change of files in the backend such as adding, editing and deleting. Once these changes are found, they are also recorded and saved in the admin log. Moreover, a report email will be sent to admins shortly.

Action Log

That an online store may have multiple admins and that hackers can break in and view or invisibly harm your store force us to find a solution to help you manage and protect it better. An advanced report of all actions performed in your store’s admin panel. In the action log, the information about time, IP, username, specific actions or changes will be reported in details. The datalog can also be compressed and backed up automatically to optimize your store's performance

Action log
Away mode

Away mode

It may seem unusual when your store's admin panel is logged into during your time/days off. Besides, break-ins often occur when your store is not looked after by you and admins. To eliminate the risks, unnecessary login attempts should be stopped. Hence, the away mode can be enabled to prevent any logins made in specific time. You will have peace of mind and have a good night.

Much more

Checkout more details of Mageplaza Security

Blacklist/Whitelist IPs

Block or allow a range of IP addresses in backend. It is easy to setup in backend.

Warning email templates

Various warning templates can be used in the backend. These become warning emails sent to store owners

Login report

A short report of the 5 most recent logins is featured on the Dashboard with the information of user names, login status and time.

Smart Pricing

Choose your suitable edition

Standard

Crafted for a Great Webstore Start
FREE/installation

Add to cart

Magento Edition

Total: $0

PROFESSIONAL

THE MOST POPULAR
$149/installation

Add to cart

Magento Edition

Total: $149

Enterprise

Great for Enterprise solution
$349/installation

Add to cart

Magento Edition

Total: $349

  • Includes all Pro features plus
  • Supports for Enterprise Edition (Magento Commerce)
  • High priority support
  • View full features list

Free Update

Free lifetime updates

Premium Support

We offer fast response tickets.

60-day Money Back

There is no risk, why not give a try.

One-time payment

One-time payment, no hidden cost.

Frequently Asked Questions

We have answered a wide range of Questions for your Convenience

Q. When I receive login failed alert?

If the maximum number of times logins are failed is reached, a warning email will be sent to email addresses which are set.

Q. Can I custom my own warning email templates?

You sure can. It is easy to customize email templates. Read this guide

Q. What happens if I get locked?

In this case, any login attempts from your IP address will be blocked. If you assume that this is a mistake, please follow this guide to unblock.

Q. Will a successful login be recorded in the log?

Yes! It logs both Failure and Success status..

Q. Is it truely free?

It’s free of charge. We built this module with basic yet highlight features to help create a healthy and safe Magento community. If you are interested in Pro feature, you can purchase Pro edition.

Q. Is it monthly fee?

No, it is one-time payment, and there is no hidden cost.

Q. Why choose Mageplaza?

Magento 2 Security by Mageplaza is one of the most advanced Security extension. It comes with powerful features which help you save time to send invoice manually and your invoices are professional. Fully compatible with:M2 OneStepCheckout, Social Login, Required Login, Login as Customer...

Q. What edition does this module support?

Mageplaza Security is compatible out-of-the-box with Magento Open (Community), Magento Commerce (Enterprise) 2.2.x, 2.3.x.

Reviews (19)

What our customers say
  • Love you guys for great support!

    I just worked with Eric on Security Extension and he was very fast and helpful with my issue. I definitely appreciate this kind of support and will continue to speak highly about Mageplaza!

    Posted by Hasan on 30 May 2019
  • Good extension to prevent attack!

    Really good for protecting your website! It can set a blacklist or a whitelisted IP, prevent brute force attack and set a warning email! I would definitely recommend this module to keep you ecommerce safe.

    Posted by xdev on 29 May 2019
  • Exellent Module!!

    I purchased the Pro version and definitely more advanced. If you have a Magento store, I think you have to buy this extension. Security is more important than anything. Thank you Mageplaza!!

    Posted by wrc on 25 March 2019
  • Simply perfect!

    We installed this extension after a brute force attack. The installation was easy and done in a few minutes. I was not sure about the correct configuration so that I had to contact the support team to finish the configuration.

    Posted by cheffe on 20 February 2019
  • Must-have extension in site

    This extension is very useful to track your Magento store's Admin user activities. I'm using it for some time and I found no issues with it and it works perfectly. Anyone should try this extension on their Magento store so that they can have the best logging tool in their store. Thank you

    Posted by Mahesh on 07 February 2019
  • Geat Extension

    I have installed it but forgot to install the library, the support team was very kind to reinstall the library and set it up. It works great, looking forward to get the Pro version.

    Posted by Moussa on 02 February 2019
  • Leave a Review

    How do you rate this product?

    Feature Comparison Table

    Mageplaza Security includes three packages: Standard, Professional, and Ultimate. Let's take a glance at the comparison table.

    Standard Professional
    General configuration
    Enable/Disable the module
    Enter the email address to receive warning emails.
    Brute Force Protection
    Enable/Disable using Brute Force Protection
    Set Maximum number of failed login attempts
    Allowed duration
    Locked User Alert
    Choose an email template to send alerts
    Blacklist/Whitelist IPs
    Enter Blacklist IPs
    Enter Whitelist IPs
    Action Log Backup Configuration
    Enable/Disable Action Log backup
    Choose the frequency of action log backup: Daily, Weekly, Monthly
    Enable Clear Log After Backup
    Away Mode
    File change configuration
    Allow exclude files and folders
    Create Master Hashes
    Automatically check file changes and send an alert email daily using cron
    Choose an email template to send alerts
    Records
    Record the Login Log
    View login details
    Display the 5 newest logins on the Dashboard with their Usernames, Login status and Time
    Display the Last Login information
    Provide Security Checklist
    Auto-fix security issues
    Trace all actions performed by anyone in the backend
    Report on Action Log Backup
    Detect file changes and notice admins on a regular basis
    Support
    Auto-fit with every device (Mobile, Tablet, PC)
    Support multiple stores
    Support multiple languages
    Fully compatible with Mageplaza extensions
    1-year free support
    Lifetime updates
    60 days guarantee money back