Download the PHP package mageplaza/module-security without Composer

On this page you can find all versions of the php package mageplaza/module-security. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package module-security

Magento 2 Security extension FREE

Security issues for Magento have left a big question mark in the community of online stores. This problem is specially cared when Magento-based stores which own critical information and huge transactional volume can easily become ideal prey for blackhat hackers to attack. To help online stores prevent brutal break-ins, Mageplaza has developed the Security extension.

Magento 2 Security extension by Mageplaza gives store owners the ability to detect the IP addresses that are intentionally attacking their store at any given time. Therefore, they have timely measures to prevent this issue such as blocking those IP addresses or sending warning emails to store owners.

Latest Stable Version Total Downloads

IMPORTANT NOTE: This version of Mageplaza Security extension on Github is free as a contribution to the Magento community from Mageplaza. This package does not include the technical support. Should you need technical support for this extension, you will have to buy a license from Mageplaza. Click here to buy.

1. Security Documentation

2. FAQs

Q: I got error: Mageplaza_Core has been already defined

A: Read solution: https://github.com/mageplaza/module-core/issues/3

3. How to install Magento 2 Security Extension

Install via composer (recommend)

Run the following command in Magento 2 root folder:

4. Contribute to Security module

Feel free to Fork and contrinute to this module and create a pull request so we will merge your changes to master branch.

Thanks the contributors


5. Security Suite Introduction

It’s a minor unnoticed fact that Magento 2 doesn’t limit any number of login attempts for vague reasons behind, why this potential danger has not been considered seriously? Displaying frontend, customer knowledge, sale figures and precious transaction database are recorded in the backend thoroughly. For that reason, it’s obvious logic that hackers will try their hard to impact brutal damages to your login in the backend. Consequently, your website can be bullied continuously by many computers at the same time, by any Badguy™ groups silently, in such vulnerable time you don’t notice.

Mageplaza Security extension comes up with various choices to let you have any idea how to massive protect your store firmly. You will be right the second such nonsense endeavors is entering your internal backend.

At the level of a free module, you can explore some fundamental yet indispensable configurations within this lightweight size that you should consider installing it to your store as soon as possible.

Failed login attempt limitation

An overwhelming number of failed logins is the first sign of unwanted attack. A tool a hacker uses will try over and over again until a correct credential is entered; therefore, that would be put in danger if you don’t limit a number of trying in a certain time, to both yourself and outer enemies.

In the backend configuration, there is a field called Maximum number of failed login attempts that is able to restrict the above danger. According to many popular security restrictions, the ideal number of failed login attempts should be limited to be under 5 times, it’s a safe way to follow this reliable figure. Also, the other factor to determine if they’re suspicious logins or not is the amount of time those break-in attempts are taken. For example, 5 failed logins within 10 minutes are undoubtedly unusual actions that store owners have to be aware.

When you enable the module, 5 is the default number of allowed unsuccessful attempts in a 10-minute session If you have no idea how you should set up for the guarding system, you can take advantage of this default settings quickly.

Automatic warning emails

In Magento 2, admins have no idea when the security wall was being reached. To remedy this passive situation, Mageplaza Security module is well integrated with the email engine. The exact helpful point in this function is, all recorded failed logins will be sent over to your email address automatically.

In the warning email, you can check out details in the abusive IP address as well as his login time.

Blacklist/Whitelist IP

Blacklist/Whitelist field is crafted and put in the configuration conveniently.

In the Blacklist field, in order to prevent strange IP addresses from abusing your backend login page, you can list those IPs in this field (multiple IPs or multiple IP ranges at a time). Now store admin can feel peace of mind, those blocked address cannot take further process to your store anymore.

Holding the reserved meaning, Whitelist field is for entering allowed IP addresses detecting which are safety authentications from your team or colleagues.

Login Logs

In case you’re running a store which is managed by several administrators, this tab will be definitely an ideal interface to summary all taken place under logged details. For each of a particular login, you can figure out its ID, Time, User name, IP, Browser Agent, Url and Status (Failed or Successful).

Security Checklist

Another additional function sticked on this module is the security checklist in the backend. The checklist technique will scan your internal gears generally and give some outlines that can be deemed to be a possible security issue. From this trait you can have timely solution to remedy the problem thanks to this convenient suggestions.

Full feature list

6. Security User Guide

How to use Security extension

You can review login records from the dashboard when entering the backend. The log displays the newest 5 logins and you can click on the login name to view the details.

How to use Magento 2 Security extension

How to configure Security Suite

After logging in Magento backend, go to System > Security. We will provide detail guides to these bellow configuration

How to configure Magento 2 Security Suite

I. Security Suite Configuration

1.1. Brute Force Protection Configuration.

Follow Mageplaza > Security > Configuration > General > Brute Force Protection

Magento 2 Brute Force Protection

Here’s an example of a warning emails:

Magento 2 Security Configuration

1.2. Blacklist/Whitelist IPs Configuration.

Magento 2 Blacklist and Whitelist IPs

II. Security Checklist Configuration.

Checklist is a bunch of outlines pointing out which factor(s) can be the possible vulnarablity for your stores. Go to System > Security > Checklist

Magento 2 Security Checklist

III. Login Log Configuration.

From the admin panel, make your way to Mageplaza > Security > Login Log. All logins and login attempts will be recorded here.

magento 2 secure login

Click View to see login details. Here’s an example:

magento 2 Login Log

Once an admin account has exceeded the allowed login attempts (which is configured at Store> Settings> Configuration> Advanced> Maximum Login Failures to Lockout Account), there will be a mail notification to the store owner that this account has been lock up. Store owner should review this case again to reset safety settings.

magento 2 Login Logs

Also, store owners can check the last login of a specific administratore. You can follow System > Permissions > All Users

magento 2 security Login Log

Reset Command line

Next, run this command line:

People also search:


All versions of module-security with dependencies

PHP Build Version
Package Version
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mageplaza/module-security contains the following files

Loading the files please wait ....