Would you like to provide your online shop with reliable security?
90% of all Magento shops don’t have /admin & /downloader protection on their Website.
What’s the matter?
- A Magento Shop is not protected out-of-the-box, therefore hackers can easily find default locations (/admin or /downloader) and launch brute-force attacks.
- As you know, Magento Shop has problems with performance. And to provide a fast access, it is required to install caches, configure your server and optimize scripts. If you have a secure password (long & strong) and an unprotected /admin or /downloader area, hackers can launch brute-force attacks. Every hacker’s request will heavily load your system. If hackers send 10+ requests per second, your Shop will have a lot of problems with performance.
How can I protect it?
- Change the default admin URL (e.g: “/admin” -> “/new_admin”) in config.xml. As for /downloader folder, you need to protect it by means of IP in Apache .htaccess or Nginx config every time when your IP is changed you should go to SSH and change your config.
- The second way is in fact much simpler and more secure. When you install the Secure Admin module, you will forget your problems with brute-force attacks forever. Thus, the “intruders” will not be able to get the access to your Magento store anyhow since IP address is the only thing on the Internet that cannot be faked.
How does it work?
For adding a new IP address you will get a secret admin link, here is an example: https://example.com/secureadmin/security/add?key=secure_core.
- Go to https://www.magereport.com/, and insert your Shop URL. If you have the "Admin/downloader unprotected? - unprotected" issue, follow the next step.
- Download the IOCheck Secure Admin module from the Magento official website or here
- Backup your /app folder
- Disable Magento Compiler and clear compiler cache
- Upload all files and folders to Magento root directory of your store, replacing all files.
- Verify the Magento store functionality and flush the cache.
- Go to System -> Configuration -> IOCheck Extensions -> Secure Admin, insert your license key and enable the extension.
- Copy and save your protection Admin Link, like: https://example.com/secureadmin/security/add?key=secure_core
- Go to https://www.magereport.com/ and check your Shop again. Now you have "Admin/downloader unprotected? protected"
- When your IP address is changed, please follow the secret Admin Link.
Write Your Own Review
Secure Admin module
Secure Admin module
Simple way for protecting your Magento Shop. The module protects /admin and /downloader areas from DDos attacks and brute-force attacks.The IP address is one of things in the Internet which can't be faked.
90% of all Magento shops don’t have /admin & /downloader protection on their Website. This module protects your /admin and /downloader area. After installation you don't need to install captchas, change IP into .htaccess (or Nginx config) or change the name of /admin directory. The module IOCheck Secure Module protects your the shop forever and you can always add a new IP to the system remotely.
Regular Price: $95.20
Special Price: $71.28
Money back & support
90 days of free support!
- All our extensions is 100% Open Source and can be modified as you need!
- 1 year of free upgrades and new versions!