Magento 2 security designed
to keep the bad guys out
There have been up to 650,000 stores using Magento 2 platform all over the world, and they are being ideal prey for hackers. Your Magento 2 store needs Mageplaza Security module to keep the bad guys out. Mageplaza Security resolves common Magento 2 security issues
Mageplaza Security for Magento 2 is a perfect security solution for online stores built based on Magento platform. The module helps prevent break-in attempts to your store from hackers. Thanks to an effective warning system, your valued information will be completely protected
Stores have vulnerability
Stores do not use SSL
Stores have 4+ security issues
Highlight features
What stands out in Security
Security Checklist
Mageplaza Security extension provides store admins a security checklist which automatically displays all warnings of possible security risks about admin username, captcha, Magento version and database prefix.
Brute Force Attack Protection
Admins are allowed to set a limit for the number of failed login attempts. This restriction will become a fundamental for the module to send shop owners a warning message whenever the store encounters risks of break-in attempts.
Login Log
Mageplaza Security extension tracks and records all logins in a log along with its information like ID, Time, User name, IP, Browser Agent, Url and Status (Failure or Success). Store admins can view the details and trace the IP.
SECURITY PRO HIGHLIGHT FEATURES
File change detection
Important files in the admin panel should not be changed without any awareness. Unwanted adjustments in the backend made by hackers are harmful to online stores. Hence, a tracking and warning system will definitely provide better protection for your business. The module is able to detect every single change of files in the backend such as adding, editing and deleting. Once these changes are found, they are also recorded and saved in the admin log. Moreover, a report email will be sent to admins shortly.
Action Log
That an online store may have multiple admins and that hackers can break in and view or invisibly harm your store force us to find a solution to help you manage and protect it better. An advanced report of all actions performed in your store’s admin panel. In the action log, the information about time, IP, username, specific actions or changes will be reported in details. The datalog can also be compressed and backed up automatically to optimize your store's performance
Away mode
It may seem unusual when your store's admin panel is logged into during your time/days off. Besides, break-ins often occur when your store is not looked after by you and admins. To eliminate the risks, unnecessary login attempts should be stopped. Hence, the away mode can be enabled to prevent any logins made in specific time. You will have peace of mind and have a good night.
Much more
Checkout more details of Mageplaza SecurityBlacklist/Whitelist IPs
Block or allow a range of IP addresses in backend. It is easy to setup in backend.
Warning email templates
Various warning templates can be used in the backend. These become warning emails sent to store owners
Login report
A short report of the 5 most recent logins is featured on the Dashboard with the information of user names, login status and time.
Smart Pricing
Choose your suitable editionStandard
Crafted for a Great Webstore Start- Supports for Magento 2 Community Edition
- View full features list
PROFESSIONAL
THE MOST POPULAR- Supports for Community Edition (Magento Open-source)
- Includes all Standard features plus
- More stunning features for tightened security
- File change detection
- Admin Action Log
- Away mode
- Alert Emails
- Blacklist/Whitelist IPs
- View full features list
Enterprise
Great for Enterprise solution- Includes all Pro features plus
- Supports for Enterprise Edition (Magento Commerce)
- High priority support
- View full features list
Free Update
Free lifetime updates
Premium Support
We offer fast response tickets.
60-day Money Back
There is no risk, why not give a try.
One-time payment
One-time payment, no hidden cost.
Frequently Asked Questions
We have answered a wide range of Questions for your ConvenienceQ. When I receive login failed alert?
If the maximum number of times logins are failed is reached, a warning email will be sent to email addresses which are set.
Q. Can I custom my own warning email templates?
You sure can. It is easy to customize email templates. Read this guide
Q. What happens if I get locked?
In this case, any login attempts from your IP address will be blocked. If you assume that this is a mistake, please follow this guide to unblock.
Q. Will a successful login be recorded in the log?
Yes! It logs both Failure and Success status..
Q. Is it truely free?
It’s free of charge. We built this module with basic yet highlight features to help create a healthy and safe Magento community. If you are interested in Pro feature, you can purchase Pro edition.
Q. Is it monthly fee?
No, it is one-time payment, and there is no hidden cost.
Q. Why choose Mageplaza?
Magento 2 Security by Mageplaza is one of the most advanced Security extension. It comes with powerful features which help you save time to send invoice manually and your invoices are professional. Fully compatible with:M2 OneStepCheckout, Social Login, Required Login, Login as Customer...
Q. What edition does this module support?
Mageplaza Security is compatible out-of-the-box with Magento Open (Community), Magento Commerce (Enterprise) 2.2.x, 2.3.x.
Reviews (19)
What our customers sayLove you guys for great support!
I just worked with Eric on Security Extension and he was very fast and helpful with my issue. I definitely appreciate this kind of support and will continue to speak highly about Mageplaza!
Good extension to prevent attack!
Really good for protecting your website! It can set a blacklist or a whitelisted IP, prevent brute force attack and set a warning email! I would definitely recommend this module to keep you ecommerce safe.
Exellent Module!!
I purchased the Pro version and definitely more advanced. If you have a Magento store, I think you have to buy this extension. Security is more important than anything. Thank you Mageplaza!!
Simply perfect!
We installed this extension after a brute force attack. The installation was easy and done in a few minutes. I was not sure about the correct configuration so that I had to contact the support team to finish the configuration.
Must-have extension in site
This extension is very useful to track your Magento store's Admin user activities. I'm using it for some time and I found no issues with it and it works perfectly. Anyone should try this extension on their Magento store so that they can have the best logging tool in their store. Thank you
Geat Extension
I have installed it but forgot to install the library, the support team was very kind to reinstall the library and set it up. It works great, looking forward to get the Pro version.
Leave a Review
Screenshots
Feature Comparison Table
Mageplaza Security includes three packages: Standard, Professional, and Ultimate. Let's take a glance at the comparison table.
| Standard | Professional | |
| General configuration | ||
| Enable/Disable the module | ||
| Enter the email address to receive warning emails. | ||
| Brute Force Protection | ||
| Enable/Disable using Brute Force Protection | ||
| Set Maximum number of failed login attempts | ||
| Allowed duration | ||
| Locked User Alert | ||
| Choose an email template to send alerts | ||
| Blacklist/Whitelist IPs | ||
| Enter Blacklist IPs | ||
| Enter Whitelist IPs | ||
| Action Log Backup Configuration | ||
| Enable/Disable Action Log backup | ||
| Choose the frequency of action log backup: Daily, Weekly, Monthly | ||
| Enable Clear Log After Backup | ||
| Away Mode | ||
| File change configuration | ||
| Allow exclude files and folders | ||
| Create Master Hashes | ||
| Automatically check file changes and send an alert email daily using cron | ||
| Choose an email template to send alerts | ||
| Records | ||
| Record the Login Log | ||
| View login details | ||
| Display the 5 newest logins on the Dashboard with their Usernames, Login status and Time | ||
| Display the Last Login information | ||
| Provide Security Checklist | ||
| Auto-fix security issues | ||
| Trace all actions performed by anyone in the backend | ||
| Report on Action Log Backup | ||
| Detect file changes and notice admins on a regular basis | ||
| Support | ||
| Auto-fit with every device (Mobile, Tablet, PC) | ||
| Support multiple stores | ||
| Support multiple languages | ||
| Fully compatible with Mageplaza extensions | ||
| 1-year free support | ||
| Lifetime updates | ||
| 60 days guarantee money back |