Magento Platform
Open Source (CE)
2.1, 2.2

Tech Specifications

Current Version:
Stable Build
10 May, 2018
Extensions, Content & Customizations
License Type:


Mageplaza Security for Magento 2 supports store owners to prevent bad break-in attempts and to protect important information by enhancing your warning system.

Other Extensions by Mageplaza


Back to top

Security extension is a powerful solution for the store’s admins to prevent any security issues. This extension is not only a strong defensive tool but also plays the role of an effective warning and controlling system for the store. Hence, owners can protect their stores with ease. 

  • Protect the store from brute force attack
  • Provide security checklist 
  • Track and record logins in a log
  • Help store owners to restrict/allow login actions through Blacklist/Whitelist IPs
  • Provide several templates for warning emails
  • Create a brief report for the most recent logins 


Problems & Solutions


Today, Magento 2 is becoming a popular e-commerce platform favored by hundred thousands of merchants all over the world. Consequently, the huge amount of data owned by these firms is an ideal prey for hackers to commit cybercrime. All of the precious data of orders, customers, or products, etc. could be stolen by these hackers. That information could be traded or could be used to commit frauds, which can result in financial loss and a bad reputation for the store.  Another situation is that all those valuable information could be destroyed entirely, and thus, all of the efforts made while building the business will become worthless. How worse can that be! 


A module that helps store admins keep track on every unusual login attempts and other security risks will be a perfect solution to protect the business’ s valuable data. Mageplaza Security extension allows users to do these tasks easily and effectively. Not only identifying the security issues, it can also warn the admins to be on alert for those issues in advance through its warning system. Obviously, prevention is better than cure.


What makes Mageplaza Security stand out

Security Checklist

The security checklist provided in Mageplaza Security extension can automatically identify the possible security flaws of the systems including admin usernames, captcha, Magento version and database prefixes. Those risks would be notified and displayed in a list. Noticeably, in Security Checklist Pro, these security issues can be auto-fixed only with few clicks.

Brute Force Attack Protection

Mageplaza Security extension allows admins to set the acceptable number of failed login attempts. The further purposive break-in attempts would be restricted immediately, along with warning messages being sent to the store owners. 

Login Log

Mageplaza Security extension keeps track on all logins and records those login information in a log. It enables store admins to manage the detailed data of ID, Time, Username, IP, Browser Agent, Url and Status (Failed or Successful), and trace back to the potentially harmful IPs if necessary.


More features

Blacklist/Whitelist IPs

The store admins can control the login attempts from particular IP addresses. Any break-in attempts from Blacklist IPs will be restricted, whereas the Whitelist IPs are the only addresses that are permitted to access.  

Warning Email Templates

Several templates are provided to design a warning email in the backend. Whenever the store encounters unusual failed login attempts, the store admins will be notified by these emails.    

Login Report

A brief report of 5 most recent logins, which provides information on usernames, login status and time, is presented on the Dashboard.


Full feature list

  • Turn on/off the module from the backend
  • Provide security checklist to identify security flaws
  • Send warning messages to particularly registered email addresses if facing security problems
  • Ability to limit the number of failed login attempts accepted in a session
  • Provide several templates for a warning email
  • Detect and restrict login attempts from Blacklist IPs
  • Permit accesses from Whitelist IPs only
  • Prevent or grant logins from a particular range of IP addresses
  • Keep track and record login details in the backend
  • Display login status (Failed or Successful) in the log
  • Trace back to login IPs if necessary 
  • View login details
  • Report the 5 latest logins on the Dashboard with their Usernames, Login status and Time
  • Display the Last Login’s detailed information



Release Notes

Back to top


  • Compatible with Open Source (CE) : 2.1 2.2
  • Stability: Stable Build
  • Description:

    Initial release: v1.0.0
    - v1.1.0
    Add Checklist feature
    Add Module Activation
    Move backend module menu to Magento System menu
    - v1.1.1
    Fix bug get wrong IP address if server use Varnish Cache
    - v1.1.2
    Update email template "lock-user"


Back to top
The best place to start if you need help with a specific extension is to contact the developer. All Magento developers have both a contact email and a support email listed.

Q & A

Back to top


Back to top