Protect & Secure Online Store

Built by the Magento Security Experts

Magento 2 security designed
to keep the bad guys out

There have been up to 650,000 stores using Magento 2 platform all over the world, and they are being ideal prey for hackers. Your Magento 2 store needs Mageplaza Security module to keep the bad guys out. Mageplaza Security resolves common Magento 2 security issues

Mageplaza Security for Magento 2 is a perfect security solution for online stores built based on Magento platform. The module helps prevent break-in attempts to your store from hackers. Thanks to an effective warning system, your valued information will be completely protected

Stores have vulnerability
Stores do not use SSL
Stores have 4+ security issues

Highlight features

What stands out in Security
magento 2 Security Checklist

Security Checklist

Mageplaza Security extension provides store admins a security checklist which automatically displays all warnings of possible security risks about admin username, captcha, Magento version and database prefix.

Brute Force Attack Protection

Admins are allowed to set a limit for the number of failed login attempts. This restriction will become a fundamental for the module to send shop owners a warning message whenever the store encounters risks of break-in attempts.

Brute Force Attack Protection
Login Log

Login Log

Mageplaza Security extension tracks and records all logins in a log along with its information like ID, Time, User name, IP, Browser Agent, Url and Status (Failure or Success). Store admins can view the details and trace the IP.


magento 2 Security file-change-detection

File change detection

Important files in the admin panel should not be changed without any awareness. Unwanted adjustments in the backend made by hackers are harmful to online stores. Hence, a tracking and warning system will definitely provide better protection for your business. The module is able to detect every single change of files in the backend such as adding, editing and deleting. Once these changes are found, they are also recorded and saved in the admin log. Moreover, a report email will be sent to admins shortly.

Action Log

That an online store may have multiple admins and that hackers can break in and view or invisibly harm your store force us to find a solution to help you manage and protect it better. An advanced report of all actions performed in your store’s admin panel. In the action log, the information about time, IP, username, specific actions or changes will be reported in details. The datalog can also be compressed and backed up automatically to optimize your store's performance

Action log
Away mode

Away mode

It may seem unusual when your store's admin panel is logged into during your time/days off. Besides, break-ins often occur when your store is not looked after by you and admins. To eliminate the risks, unnecessary login attempts should be stopped. Hence, the away mode can be enabled to prevent any logins made in specific time. You will have peace of mind and have a good night.

Much more

Checkout more details of Mageplaza Security

Blacklist/Whitelist IPs

Block or allow a range of IP addresses in backend. It is easy to setup in backend.

Warning email templates

Various warning templates can be used in the backend. These become warning emails sent to store owners

Login report

A short report of the 5 most recent logins is featured on the Dashboard with the information of user names, login status and time.

Smart Pricing

Choose your suitable edition


Crafted for a Great Webstore Start




Great for Enterprise solution
  • Includes all Pro features plus
  • Supports for Enterprise Edition (Magento Commerce)
  • High priority support
  • View full features list

Add to cart

Magento Edition

Total: $0

Add to cart

Magento Edition

Total: $149

Add to cart

Magento Edition

Total: $200

Free Updates

Free lifetime updates

Premium Support

We offer fast response tickets.

30-day Money Back

There is no risk, why not give a try.

One-time payment

One-time payment, no hidden cost.

Frequently Asked Questions

We have answered a wide range of Questions for your Convenience

Q. When I receive login failed alert?

If the maximum number of times logins are failed is reached, a warning email will be sent to email addresses which are set.

Q. Can I custom my own warning email templates?

You sure can. It is easy to customize email templates. Read this guide

Q. What happens if I get locked?

In this case, any login attempts from your IP address will be blocked. If you assume that this is a mistake, please follow this guide to unblock.

Q. Will a successful login be recorded in the log?

Yes! It logs both Failure and Success status..

Q. Is it truely free?

It’s free of charge. We built this module with basic yet highlight features to help create a healthy and safe Magento community. If you are interested in Pro feature, you can purchase Pro edition.

Q. Is it monthly fee?

No, it is one-time payment, and there is no hidden cost.

Q. Why choose Mageplaza?

Magento 2 Security by Mageplaza is one of the most advanced Security extension. It comes with powerful features which help you save time to send invoice manually and your invoices are professional.

Q. What edition does this module support?

Mageplaza Security is compatible out-of-the-box with Magento Open (Community), Magento Commerce (Enterprise) 2.1.x, 2.2.x.

Reviews (10)

What our customers say
  • Great module

    This is a good idea to offer it with the free edition. So once you try it, you will feel that it's good enough to have the paid one. Again, I would like to mention how great the support team is. They are super friendly and willing to assist as well. I'm looking for my next step to buy the paid version.

    Posted by Abdulrahman on 10 November 2018
  • New product

    I needed to view the log action in my admin website, so I tried to use this product, what it offers is not bad so you can see some logs actions.

    Posted by lafaifia on 22 September 2018
  • Great plugin

    It is nice to have the ability to log the logins when you have multiple accounts and a need for seeing anywhen and anywhere they have occurred. Also, the checklist is a nice touch. Overall: Good stuff for free :=)

    Posted by Markus on 17 September 2018
  • Very good extension

    The installation was so easy and because there are many colleagues who have an account, I can see exactly what is going on. This is a must-have extension. Also, the support is also very good.

    Posted by Alexander on 05 September 2018
  • Great for basic logging

    This module is a very useful tool to control the basic logging of Admin users on your website. It would be better to have the action log of the users as well, but I guess it comes with a paid version :)

    Posted by kaznaur on 09 August 2018
  • Good extension

    I see no issues with Security extension. It seems to be running as it should. Now I am happy with my purchase. I have tested the features, and they are working well. I recommend this to anyone who wants little extra security.

    Posted by Nature Skin Shop on 20 July 2018
  • Well Worth Having

    The Standard (free) edition is a great way to get a security check that will advise you of ways to secure your store (I've implemented these changes), as well as getting a list of last logins to your admin panel. This can help reassure you that others are not accessing your store, and you can check the date of your last login to make sure that was you. The usefulness of this extension, and by making it free, means I will be considering the Professional edition.

    Posted by Donovan on 02 June 2018
  • Nice free module

    I’ve got to say that it’s too good to have a free extension like Mageplaza Security. It works well on my store and helps prevent bad break-in attempts so effectively. No complaints for this.

    Posted by Crue1980 on 15 March 2018
  • Great support

    I like the way Mageplaza support team works. Quick and effective! This extension is also awesome with adequate features for my online store.

    Posted by Harry on 15 March 2018
  • Good quality code

    I’m pleased with the quality of the extension, no bugs for my store. The extension gives me peace of mind about the security of my online store. Good work, Mageplaza~

    Posted by Lucy on 15 March 2018
  • Leave a Review

    How do you rate this product?

    Feature Comparison Table

    Mageplaza Security includes two packages: Standard and Professional. Let's take a glance at the comparison table.

    Features Standard Professional
    Enable/Disable module from the backend Yes Yes
    Send warning mails to chosen email addresses Yes Yes
    Restrict the number of failed login attempts allowed in a session Yes Yes
    Warning email templates Yes Yes
    Detect logins from Blacklist IPs and block these break-in attempts Yes Yes
    Ability to allow accesses from Whitelist IPs only Yes Yes
    Ability to prevent or grant logins from a range of IP addresses Yes Yes
    Keep track and record login details in the backend Yes Yes
    Display login status (Failed or Successful) in the log Yes Yes
    Trace login IPs function Yes Yes
    View login details Yes Yes
    Display the 5 newest logins on the Dashboard with their Usernames, Login status and Time Yes Yes
    Display the Last Login information Yes Yes
    Provide security checklist Yes Yes
    Auto-fix security issues _ Yes
    Detect file changes and notice admins on a regular basis _ Yes
    Trace all actions performed by anyone in the backend _ Yes
    Log all actions performed in the backend in a report _ Yes
    Disallow logins during specific time _ Yes