Type
magento2-module
Brute force prevention system for Magento2 - Member of MageSpecialist SecuritySuite
magento2-module
OSL 3.0
None
None
None
None
Customer login brute force protection module.
This module can temporary lock a customer account when too many login password attempts fail are detected.
Member of MSP Security Suite
See: https://github.com/magespecialist/m2-MSP_Security_Suite
1. Install using composer
From command line:
composer require msp/userlockout
php bin/magento setup:upgrade
2. Enable and configure from your Magento backend config
When the amount of failed attempts is reached, this module prevents further attemps for a defined amount of seconds.
This is one of the most effective countermeasures for brute force.
You can monitor and manually unlock users from your Magento backend under Customers > Locked Users:
You can manually unlock one user from command-line if necessary:
php bin/magento msp:security:lockout:unlock <IP> <username>
Example:
php bin/magento msp:security:lockout:unlock 127.0.0.1 [email protected]