{"id":212993,"date":"2020-01-10T11:27:51","date_gmt":"2020-01-10T11:27:51","guid":{"rendered":"https:\/\/webkul.com\/blog\/?p=212993"},"modified":"2024-10-10T07:07:36","modified_gmt":"2024-10-10T07:07:36","slug":"magento2-web-security-module","status":"publish","type":"post","link":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/","title":{"rendered":"Web Security Module For Magento 2"},"content":{"rendered":"\n<p>With the <a href=\"https:\/\/store.webkul.com\/magento2-security-extension.html\">Magento 2 security extension<\/a>, the admin can provide security services for the Magento store from hackers. <\/p>\n\n\n\n<p>The admin can restrict any particular file type to get uploaded on the website and can ban the website for any country and IP address.<\/p>\n\n\n\n<p>Brute force attack notifications to the admin and validation for the customer email address options are also available.<\/p>\n\n\n\n<p>Note &#8211; If you want to secure your user logins and activity on various pages you can enable the EU captcha for the front with the help of the <a href=\"https:\/\/webkul.com\/blog\/magento2-eu-captcha-documentation\/\" target=\"_blank\" rel=\"noreferrer noopener\">Magento 2 EU Captcha<\/a> extension.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">To use this extension the store owner must have the access to the following third parties services:-<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>MaxMind&#8217;s IP Geo location services &#8211; <a rel=\"noreferrer noopener\" href=\"https:\/\/www.maxmind.com\/en\/geolite2\/signup\" target=\"_blank\">https:\/\/www.maxmind.com\/en\/geolite2\/signup<\/a><\/li>\n\n\n\n<li>AbuseIPDB API Plans &#8211;                               <a rel=\"noreferrer noopener\" href=\"https:\/\/www.abuseipdb.com\/pricing\" target=\"_blank\">https:\/\/www.abuseipdb.com\/pricing<\/a><\/li>\n\n\n\n<li>MailBoxLayer Services &#8211;                            <a rel=\"noreferrer noopener\" href=\"https:\/\/mailboxlayer.com\/product\" target=\"_blank\">https:\/\/mailboxlayer.com\/product<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Here comprehend the web security plugin workflow:-<\/h3>\n\n\n\n<div class=\"wp-block-wk-block-youtube-video wk-block--yt-video\"><div class=\"wk-block--yt-video-frame\"><div class=\"wk-block--yt-video-frame-request\" data-plyr-provider=\"youtube\" data-plyr-embed-id=\"yanshrxNvBQ\"><\/div><\/div><\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Features<\/h3><\/div><div class=\"margin-bottom-50\">\n<ul class=\"wp-block-list\">\n<li>The Adobe Commerce Web Security module provides admin to enable the unrecognized login notification.<\/li>\n\n\n\n<li>Master Password feature to block all sub-user accounts.<\/li>\n\n\n\n<li>Allow admin to get each file upload notification in the system.<\/li>\n\n\n\n<li>Admin can prevent file types to be upload.<\/li>\n\n\n\n<li>Ban any country from login into the admin panel.<\/li>\n\n\n\n<li>Admin can prevent the admin panel from a Brute Force attack.<\/li>\n\n\n\n<li>Brute force logs available to admin.<\/li>\n\n\n\n<li>Admin blacklist\/whitelist IPs.<\/li>\n\n\n\n<li>AbuseIPDB integrated to block and report IP.<\/li>\n\n\n\n<li>Mailboxlayer integrated to validate emails for customers.<\/li>\n\n\n\n<li>Real-time email validation for customers by admin.<\/li>\n\n\n\n<li>Create custom email templates for each action.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Install Extension from Webkul Store<\/h3><\/div><div class=\"margin-bottom-50\">\n<h3 class=\"wp-block-heading\">#1 Download Module<\/h3>\n\n\n\n<p>Firstly, you need to log in to Webkul Store, go to&nbsp;<strong>My Account<\/strong>&gt;<strong>My Purchased Products<\/strong>&nbsp;section, verify and then download and extract the contents of this zip folder on the system.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">#2 Upload Folder<\/h3>\n\n\n\n<p>Once the module zip is extracted, follow path&nbsp;<strong>src&gt;app<\/strong>&nbsp;and then copy the&nbsp;<strong>app<\/strong>&nbsp;folder into the&nbsp;<strong>Magento 2 root<\/strong>&nbsp;directory on the server as shown below:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1024\" height=\"386\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png\" alt=\"installation\" class=\"wp-image-76006\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png 1024w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45-250x94.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45-300x113.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45-768x290.png 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">#3 Run Commands<\/h3>\n\n\n\n<p>After uploading the module folder, you need to run the following commands in the Adobe Commerce root directory:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\">composer require geoip2\/geoip2:~2.0<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento setup:upgrade<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento setup:di:compile<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento setup:static-content:deploy<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento indexer:reindex<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento cache:flush<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-extension-from-magento-marketplace\">Install Extension from Adobe Commerce Cloud Marketplace<\/h3>\n\n\n\n<p>If you have purchased this extension from the Magento Marketplace then please follow the below process or visit&nbsp;<a href=\"https:\/\/devdocs.magento.com\/extensions\/install\/\" target=\"_blank\" rel=\"noreferrer noopener\">this<\/a>&nbsp;link.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">#1 Get Access Keys<\/h3>\n\n\n\n<p>You need to get access keys, navigate to&nbsp;<strong>My Profile<\/strong>&nbsp;in Adobe CommerceMarketplace, then choose&nbsp;<strong>Access Keys<\/strong>&nbsp;in the&nbsp;<strong>My Products<\/strong>&nbsp;section.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"1109\" height=\"554\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/07\/my-profile.png\" alt=\"my-profile\" class=\"wp-image-295111\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/07\/my-profile.png 1109w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/07\/my-profile-300x150.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/07\/my-profile-250x125.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/07\/my-profile-768x384.png 768w\" sizes=\"(max-width: 1109px) 100vw, 1109px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p>Go to&nbsp;<strong>Magento 2<\/strong>&nbsp;and then you need to copy both the Access Keys \u2013 Public Key and Private Key. These access keys will be needed in the next steps for authentication.<\/p>\n\n\n\n<p>If access keys are not created earlier, click&nbsp;<strong>Create A New Access Key<\/strong>, enter any name and click OK.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"1119\" height=\"538\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/create-key-name.png\" alt=\"create-key-name\" class=\"wp-image-295114\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/create-key-name.png 1119w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/create-key-name-300x144.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/create-key-name-250x120.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/create-key-name-768x369.png 768w\" sizes=\"(max-width: 1119px) 100vw, 1119px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">#2 Update composer.json File<\/h3>\n\n\n\n<p>To know the component name and version number, go to your Adobe Commerce Marketplace account section,&nbsp;<strong>My Profile&gt;My Purchases<\/strong>, then find this extension to view the details.<\/p>\n\n\n\n<p><strong>Please note \u2013 Below is an example image, every extension will have its unique component name and version.<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"1163\" height=\"727\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/know-component-name-version.png\" alt=\"know-component-name-version\" class=\"wp-image-295115\" style=\"object-fit:cover\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/know-component-name-version.png 1163w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/know-component-name-version-300x188.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/know-component-name-version-250x156.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/03\/know-component-name-version-768x480.png 768w\" sizes=\"(max-width: 1163px) 100vw, 1163px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n<p>After that, navigate to your Adobe Commerce Cloud project directory and update your composer.json file in the following format.<\/p>\n\n\n\n<p><strong>composer require &lt;component-name&gt;:&lt;version&gt;<\/strong><\/p>\n\n\n\n<p>For example, to install version 4.0.0 of this extension you need to run the following command:<\/p>\n\n\n\n<p><strong>composer require webkul\/module-application-firewall:5.0.0<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">#3 Enter Access Keys<\/h3>\n\n\n\n<p>Now you will need to enter the&nbsp;<a href=\"https:\/\/devdocs.magento.com\/guides\/v2.3\/install-gde\/prereq\/connect-auth.html\" target=\"_blank\" rel=\"noreferrer noopener\">Access Keys<\/a>&nbsp;that you obtained as explained in the first step #1 Get Access Keys. Wait for Composer to finish updating your project dependencies and make sure there aren\u2019t any errors.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">#4 Run Command<\/h3>\n\n\n\n<p>You need to run the following commands:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\">composer require geoip2\/geoip2:~2.0<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento setup:upgrade<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento setup:di:compile<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento setup:static-content:deploy<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento indexer:reindex<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\">php bin\/magento cache:flush<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"panel-2\">Multilingual Support<\/h3>\n\n\n\n<p>For multilingual&nbsp;support, the&nbsp;admin will navigate through&nbsp;Store-&gt;Configuration-&gt;General -&gt;Locale Options&nbsp;and select the locale as German (the language into which the admin wants to translate his store content).<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/multilingual-support-1.webp\" alt=\"multilingual-support\" class=\"wp-image-467953\" style=\"width:800px\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/multilingual-support-1.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/multilingual-support-1-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/multilingual-support-1-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/multilingual-support-1-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n<h3 class=\"wp-block-heading\" id=\"panel-3\">Module Translation<\/h3>\n\n\n\n<p>If you want to translate their module language from English to German then follow the path&nbsp;<strong>src\/app\/code\/Webkul\/WebApplicationFirewall\/i18n<\/strong>&nbsp;in their unzipped Magento 2 web security folder. Then you will get a CSV file with the name \u201cen_US.csv\u201d.<\/p>\n\n\n\n<p>Now, rename that CSV as to your region code and language code \u201cde_DE.csv\u201d and translate all right side content in your language.<\/p>\n\n\n\n<p>After editing the CSV, save it and then upload it where you have installed Magento 2 on the server.<\/p>\n\n\n\n<p>The module will get translated into your desired Language. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1301\" height=\"744\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/translation-2.png\" alt=\"translation-2\" class=\"wp-image-222984\" style=\"width:800px\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/translation-2.png 1301w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/translation-2-300x172.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/translation-2-1200x686.png 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/translation-2-250x143.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/translation-2-768x439.png 768w\" sizes=\"(max-width: 1301px) 100vw, 1301px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Admin Configuration<\/h2>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">General Setting<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin needs to configure the following sections as mentioned below to integrate the Adobe Commerce web security into the Adobe Commerce web. <\/p>\n\n\n\n<p>Under the general setting section, the admin will configure the following fields: Enable Adobe Commerce Cloud Security: The admin needs to select &#8220;Yes&#8221; for enabling the following Adobe Commerce cloud Security.<\/p>\n\n\n\n<p>Get Alerts about Unrecognized Admin Logins: The admin will get alerts each time admin logins through unrecognized means.<\/p>\n\n\n\n<p>Select CMS Page for Blocked IPs: The admin can select the CMS pages to be displayed for IPs which are blocked by the admin. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/general-settings.webp\" alt=\"general-settings\" class=\"wp-image-467203\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/general-settings.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/general-settings-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/general-settings-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/general-settings-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>If the admin selects <strong>404 Not Found<\/strong> as CMS Page to be displayed for the blocked IPs.                                    Then consequently, If the users with blocked IPs will try to sign in they will see the following page as shown:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1200\" height=\"249\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Page-not-found-web-security-1200x249.png\" alt=\"Page-not-found-web-security\" class=\"wp-image-276069\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Page-not-found-web-security-1200x249.png 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Page-not-found-web-security-300x62.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Page-not-found-web-security-250x52.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Page-not-found-web-security-768x159.png 768w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Page-not-found-web-security.png 1301w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Send Password Reset Request<\/h3>\n\n\n\n<p>If the admin selects this option, all the sub-admin or users will be blocked and will be shared an email with the reset password link. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/send-password-reset-request.webp\" alt=\"send-password-reset-request\" class=\"wp-image-467204\" style=\"object-fit:cover\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/send-password-reset-request.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/send-password-reset-request-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/send-password-reset-request-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/send-password-reset-request-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>After that, the sub-admins will receive the following mail as shown below:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1338\" height=\"293\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-Mail.png\" alt=\"Web-Security-Mail\" class=\"wp-image-275663\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-Mail.png 1338w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-Mail-300x66.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-Mail-1200x263.png 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-Mail-250x55.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-Mail-768x168.png 768w\" sizes=\"(max-width: 1338px) 100vw, 1338px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Malicious File Security<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin will be able to enhance the <a href=\"https:\/\/store.webkul.com\/magento2-security-extension.html\">Magento 2 security<\/a> of the website from malicious files by configuring the following as mentioned below. <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Get Notification if Any File Uploads by Adobe Commerce: The admin will get the notification for all the files uploaded on the Magento website. <\/li>\n\n\n\n<li>Prevent Uploading File With Extension(s): Add the extensions that you want to prevent uploading on your website and get a notification for prevented file uploads. <\/li>\n\n\n\n<li>Receive File Malicious Notification on Email Address: Set the Email Address on which the notification will be shared when the malicious file is uploaded. <\/li>\n\n\n\n<li>Check Multi Extension: Enable it (set it to &#8216;Yes&#8217;) to check for multiple extensions.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/malicious-file-security-1.webp\" alt=\"malicious-file-security\" class=\"wp-image-467337\" style=\"object-fit:cover\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/malicious-file-security-1.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/malicious-file-security-1-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/malicious-file-security-1-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/malicious-file-security-1-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Prevent Uploading File With Extension(s):<\/h4>\n\n\n\n<p>Admin\/Sub-admin will get a notification for prevented file uploads as depicted below:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1200\" height=\"796\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/disallowed-file-type-1200x796.webp\" alt=\"disallowed-file-type\" class=\"wp-image-467907\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/disallowed-file-type-1200x796.webp 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/disallowed-file-type-300x199.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/disallowed-file-type-250x166.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/disallowed-file-type-768x509.webp 768w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/disallowed-file-type.webp 1508w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>Also, the admin will receive a mail regarding this on the registered mail.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1200\" height=\"260\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-security-mail-1-1200x260.png\" alt=\"Web-security-mail-1\" class=\"wp-image-276175\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-security-mail-1-1200x260.png 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-security-mail-1-300x65.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-security-mail-1-250x54.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-security-mail-1-768x167.png 768w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-security-mail-1.png 1350w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Receive File Malicious Notification on Email Address:<\/h4>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1235\" height=\"424\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/web-security-new-file-alert.png\" alt=\"web-security-new-file-alert\" class=\"wp-image-276192\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/web-security-new-file-alert.png 1235w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/web-security-new-file-alert-300x103.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/web-security-new-file-alert-1200x412.png 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/web-security-new-file-alert-250x86.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/web-security-new-file-alert-768x264.png 768w\" sizes=\"(max-width: 1235px) 100vw, 1235px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Ban User Country Wise<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin can even configure to ban the country where the admin panel will not be accessible as mentioned below. <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Enable: The admin can enable or disable this country ban functionality. <\/li>\n\n\n\n<li>GeoIP2 Library: On selecting the Download (Update) GeoIP2 Library will update the library of detecting the current geolocation of the customer using his IP address.    <\/li>\n\n\n\n<li>Select Specific Countries: If enabled, the admin can select the country for which country ban will be enabled.   <\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ban-user-country-wise.webp\" alt=\"ban-user-country-wise\" class=\"wp-image-467207\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ban-user-country-wise.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ban-user-country-wise-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ban-user-country-wise-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ban-user-country-wise-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">How to generate GeoIP Key?<\/h3>\n\n\n\n<p>To generate GeoIP Key, Navigate through <strong>Stores -&gt; Configuration,<\/strong> and under the section <strong>Ban User Country Wise<\/strong> click on the &#8220;<strong>Sign up free for a MaxMind account<\/strong>&#8220;. You can also <a href=\"https:\/\/www.maxmind.com\/en\/geolite2\/signup\">Create an Account<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"775\" height=\"397\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/GeoIP-1-777x1024-2-final-part-2.png\" alt=\"GeoIP-1-777x1024-2-final-part-2\" class=\"wp-image-275599\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/GeoIP-1-777x1024-2-final-part-2.png 775w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/GeoIP-1-777x1024-2-final-part-2-300x154.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/GeoIP-1-777x1024-2-final-part-2-250x128.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/GeoIP-1-777x1024-2-final-part-2-768x393.png 768w\" sizes=\"(max-width: 775px) 100vw, 775px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>You will land up on a Sign Up page to create a new account. By filling up the details create your new account. In case, you already have an account, you can login with your credentials. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-resister.webp\" alt=\"maxmind-resister\" class=\"wp-image-467229\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-resister.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-resister-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-resister-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-resister-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>This is how your account will look like after successfully setting it up. On the Left Hand Side, Under the <strong>Services<\/strong> click on &#8220;<strong>My License Key<\/strong>&#8221; to generate a <strong>new GeoIP key<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-account-summary.webp\" alt=\"maxmind-account-summary\" class=\"wp-image-467326\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-account-summary.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-account-summary-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-account-summary-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-account-summary-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-licence-keys.webp\" alt=\"maxmind-licence-keys\" class=\"wp-image-467328\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-licence-keys.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-licence-keys-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-licence-keys-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-licence-keys-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>Here, You will get your License Key for usage with GeoIP Update. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-new-licence-key.webp\" alt=\"maxmind-new-licence-key\" class=\"wp-image-467330\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-new-licence-key.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-new-licence-key-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-new-licence-key-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/maxmind-new-licence-key-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">IPs Allowed Setting in Web Security module for Adobe Commerce Cloud<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin will be able to configure the whitelisted and blacklisted IPs through the following fields as mentioned below. <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Blacklist IP(s): The admin will be able to list all the blacklisted IPs by mentioning them in the following section. The admin can even block IPs for the complete classes like 192.168.1.*, 101.22.*.*<\/li>\n\n\n\n<li>Whitelist IP(s): The admin will be able to list all the whitelisted IPs by mentioning them in the following section. The admin can even whitelist IPs for the complete classes like 192.168.1.*, 101.22.*.* <\/li>\n\n\n\n<li>Enable IP Debug Log: The admin will be able to maintain the debug logs for enabling IP.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ips-allowed-settings.webp\" alt=\"ips-allowed-setting\" class=\"wp-image-467208\" style=\"width:800px;height:undefinedpx\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ips-allowed-settings.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ips-allowed-settings-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ips-allowed-settings-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/ips-allowed-settings-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>If any user with blacklisted IP will try to sign in then consequently the following page will be displayed:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1117\" height=\"255\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/https-magento234-webkul-com-ee2401-admin-admin-system_config-edit-key-45e0d2d7586ccfa48ed6fc112e7168619dfab7f7763255f81674b541fe07c214-section-waf_setting-.png\" alt=\"https-magento234-webkul-com-ee2401-admin-admin-system_config-edit-key-45e0d2d7586ccfa48ed6fc112e7168619dfab7f7763255f81674b541fe07c214-section-waf_setting-\" class=\"wp-image-276275\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/https-magento234-webkul-com-ee2401-admin-admin-system_config-edit-key-45e0d2d7586ccfa48ed6fc112e7168619dfab7f7763255f81674b541fe07c214-section-waf_setting-.png 1117w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/https-magento234-webkul-com-ee2401-admin-admin-system_config-edit-key-45e0d2d7586ccfa48ed6fc112e7168619dfab7f7763255f81674b541fe07c214-section-waf_setting--300x68.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/https-magento234-webkul-com-ee2401-admin-admin-system_config-edit-key-45e0d2d7586ccfa48ed6fc112e7168619dfab7f7763255f81674b541fe07c214-section-waf_setting--250x57.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/https-magento234-webkul-com-ee2401-admin-admin-system_config-edit-key-45e0d2d7586ccfa48ed6fc112e7168619dfab7f7763255f81674b541fe07c214-section-waf_setting--768x175.png 768w\" sizes=\"(max-width: 1117px) 100vw, 1117px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p><strong>Note:<\/strong>&#8211; If the admin has whitelisted any IP(s) then except for that particular IP, users with all other IPs will see the above depicted page on the login attempt.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Frontend Two Step Authentication<\/h2>\n\n\n\n<p>This functionality will allow the store owner to have two-step authentication for the login. The admin will be able to configure the following module: <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Enable Google Two Factor Auth: The admin can enable or disable the two-factor authentication. <\/li>\n\n\n\n<li>Enable &#8220;trust this device&#8221; option: If this option is enabled then you can set the trust device option. <\/li>\n<\/ol>\n\n\n\n<p>Note: The trust this device will work with the HTTPS website only. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/front-end-two-step-verification.webp\" alt=\"front-end-two-step-verification\" class=\"wp-image-467209\" style=\"width:800px;height:undefinedpx\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/front-end-two-step-verification.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/front-end-two-step-verification-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/front-end-two-step-verification-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/front-end-two-step-verification-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Protect Against Brute-force<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin can configure the website against proxy login attacks by configuring the following sections as mentioned below. <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Enable: The admin enable or disable the proxy login or brute force<\/li>\n\n\n\n<li>Send Warning Emails To: Add the email address to which warning emails will be shared. <\/li>\n\n\n\n<li>Send Alert on Each Login Failed: To receive alerts on every failed login. <\/li>\n\n\n\n<li>Admin User Locked Alert: If enabled, the admin can send alert mail when an admin user is locked(Admin User Lock Setting: Advanced-&gt;Admin-&gt;Security)<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brout-force-proxy-2.webp\" alt=\"brout-force-proxy\" class=\"wp-image-467338\" style=\"width:800px;height:undefinedpx\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brout-force-proxy-2.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brout-force-proxy-2-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brout-force-proxy-2-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brout-force-proxy-2-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<p>The admin will receive the warning emails on the registered mail for each failed login attempts or proxy login attacks.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1200\" height=\"252\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-brute-force-1200x252.png\" alt=\"Web-Security-brute-force\" class=\"wp-image-276178\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-brute-force-1200x252.png 1200w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-brute-force-300x63.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-brute-force-250x53.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-brute-force-768x161.png 768w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/11\/Web-Security-brute-force.png 1346w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Abuse IPDB<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin can report IP abuse through the following module by configuring as mentioned below. <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Activate: The admin needs to activate the following section. <\/li>\n\n\n\n<li>API Key: Please add the API Key that you will get on creating the account on Abuse IPDB.<\/li>\n\n\n\n<li>Max Days: Enter the number of days between 1-365 to determines how far back in time we go to fetch reports.<\/li>\n\n\n\n<li>Report IPs If Brute Force Attempt Detected: If the proxy login attack is detected then the IP will be auto reported if enabled.<\/li>\n\n\n\n<li>Block IP Based on Abuse Confidence Score: The admin can enable IP block based on the confidence score of the abuse. <\/li>\n\n\n\n<li>Block IPs If Minimum Abuse Confidence Score:  The admin can define the fixed score as to above which IP will be rejected. <\/li>\n<\/ol>\n\n\n\n<p>Note: You need to signup for the Abuse IPDB and select a suitable plan. To know more, please visit the following link: <a href=\"https:\/\/www.abuseipdb.com\/pricing\"><strong>HERE<\/strong><\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-resgister.webp\" alt=\"abuse-resgister\" class=\"wp-image-467224\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-resgister.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-resgister-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-resgister-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-resgister-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>After the successful registration, you will be directed to a page where you need to navigate to the <strong>API<\/strong> section. There you will get the required <strong>API key<\/strong> as shown below.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-api.webp\" alt=\"abuse-api\" class=\"wp-image-467331\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-api.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-api-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-api-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuse-api-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>After registering for an AbuseIPDB account and getting an API key, You need to configure the following:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuos-ipdb.webp\" alt=\"abuos-ipdb\" class=\"wp-image-467211\" style=\"width:auto;height:undefinedpx\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuos-ipdb.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuos-ipdb-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuos-ipdb-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/abuos-ipdb-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">MailBox Layered Email Verification<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin can enable the mailbox real-time layered email address verification <\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>API Key: The admin can add the API keys as fetched on creating the account at mailboxlayer.com<\/li>\n\n\n\n<li>Enable for Customer: The admin can enable the following mailbox at the customer end. <\/li>\n<\/ol>\n\n\n\n<p>Note: You need to select the plan for the MailBox layer and to register for an account to generate an API key as shown below. To know more visit the following link: <strong><a href=\"https:\/\/mailboxlayer.com\/product\">HERE<\/a><\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-1.webp\" alt=\"mailbox-layer-signup\" class=\"wp-image-467332\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-1.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-1-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-1-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-1-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-2.webp\" alt=\"mailbox-layer-signup-2\" class=\"wp-image-467334\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-2.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-2-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-2-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-signup-2-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>After the successful registration, you will be directed to a page where you can see the required <strong>API key<\/strong> as shown below.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-dashboard.webp\" alt=\"mailbox-layer-dashboard\" class=\"wp-image-467335\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-dashboard.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-dashboard-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-dashboard-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/mailbox-layer-dashboard-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>Use this API Access key to configure the following:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/realtime-mail-validation.webp\" alt=\"realtime-mail-validation\" class=\"wp-image-467212\" style=\"width:auto;height:undefinedpx\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/realtime-mail-validation.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/realtime-mail-validation-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/realtime-mail-validation-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/realtime-mail-validation-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Email Sender and Templates<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>The admin can set different templates that will be shared with the sub-user and admin in the following scenario as mentioned below. <\/p>\n\n\n\n<p>Moreover, the admin can select the sender to whom the notification will be shared and assign a different templates for different scenarios.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/email-sender.webp\" alt=\"email-sender\" class=\"wp-image-467213\" style=\"width:auto;height:undefinedpx\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/email-sender.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/email-sender-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/email-sender-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/email-sender-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Admin Login Logs<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>All the admin&#8217;s login logs will be displayed under the following section as shown in the image below. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/admin-login-logs-1.webp\" alt=\"admin-login-logs\" class=\"wp-image-467336\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/admin-login-logs-1.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/admin-login-logs-1-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/admin-login-logs-1-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/admin-login-logs-1-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">View Permissions<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>On the whole, this feature enables the admin to identify  whether the Magento store is on Production or Developer, or Default mode. <\/p>\n\n\n\n<p>The admin needs to select the server hosting whether shared(one user) or private(two user). Consequently, the directories will be visible as shown in the image below. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/view-permissions.webp\" alt=\"view-permissions\" class=\"wp-image-467215\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/view-permissions.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/view-permissions-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/view-permissions-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/view-permissions-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>Also, this will enable the admin to view all the files and their permission. In a brief, the admin will get the status error if the permission is not ideal.<\/p>\n\n\n\n<p> In addition, this will help the admin to optimize the file permissions. Thus, it will protect the websites from any vulnerability of the site. <\/p>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Brute Force Login Logs<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>This section will specifically keep a detailed record of all the brute force login logs. Thus, the store owner can view all the IPs and their login URL, browser and even the login time details. <\/p>\n\n\n\n<p>To illustrate, please see the snapshot attached below:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brute-force-login-logs.webp\" alt=\"brute-force-login-logs\" class=\"wp-image-467217\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brute-force-login-logs.webp 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brute-force-login-logs-300x236.webp 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brute-force-login-logs-250x196.webp 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/brute-force-login-logs-768x603.webp 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>In conclusion, this will help the admin to detect the frauds count and can even report them or can blocklist the frauds. <\/p>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Customer Front End Email Address Validation <\/h3><\/div><div class=\"margin-bottom-50\">\n<p>If the admin has enabled the mailbox real-time layered email address verification. Then the customer will have to enter a valid email address during registration. <\/p>\n\n\n\n<p>Otherwise, the following error message will be displayed as shown in the image below. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_create_hd-capture-1.png\" alt=\"Magento2 security customer account\" class=\"wp-image-221679\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_create_hd-capture-1.png 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_create_hd-capture-1-300x236.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_create_hd-capture-1-250x196.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_create_hd-capture-1-768x603.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wk-index-wrap\"><h3 class=\"index-title\">Two Factor Authentication<\/h3><\/div><div class=\"margin-bottom-50\">\n<p>If the admin enables the two-factor authentication then the customer will have to go through two steps authentication for each time the customer logs in, subsequently. Thereafter, an OTP will generate which needs to be scan through the Google Authenticator to be input for the login.<\/p>\n\n\n\n<p><strong>Note<\/strong>: You need to have the <a href=\"https:\/\/play.google.com\/store\/apps\/details?id=com.google.android.apps.authenticator2&amp;hl=en\">Google Authenticator Application<\/a> installed on the mobile in order to scan the QR Code. <\/p>\n\n\n\n<p>Specifically for iOS click the link to get Google Authenticator <a rel=\"noreferrer noopener\" href=\"https:\/\/apps.apple.com\/in\/app\/google-authenticator\/id388497605\" target=\"_blank\">https:\/\/apps.apple.com\/in\/app\/google-authenticator\/id388497605<\/a> <\/p>\n\n\n\n<p>After the first time registration, the customer will now navigate to the dashboard. Thereafter, the customer will register for two-step authentication as shown in the image below.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_index_hd-capture.png\" alt=\"Magento2 security Google authentication register\" class=\"wp-image-221689\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_index_hd-capture.png 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_index_hd-capture-300x236.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_index_hd-capture-250x196.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_index_hd-capture-768x603.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n\n\n\n<p>After registering, the customer will navigate to the QR code page. Thereafter, the customer will scan the QR through Google Authenticator. To illustrate, Please check the screenshot given below:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_waf_account_login_param_MDozOjg1ZFUvc1Z0TUFXMmxwNDl4V3JkbjVxaE9wMEJ0S3g0WSs2ZlprUHJoUT09_hd-capture-1.png\" alt=\"QR code\" class=\"wp-image-223516\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_waf_account_login_param_MDozOjg1ZFUvc1Z0TUFXMmxwNDl4V3JkbjVxaE9wMEJ0S3g0WSs2ZlprUHJoUT09_hd-capture-1.png 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_waf_account_login_param_MDozOjg1ZFUvc1Z0TUFXMmxwNDl4V3JkbjVxaE9wMEJ0S3g0WSs2ZlprUHJoUT09_hd-capture-1-300x236.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_waf_account_login_param_MDozOjg1ZFUvc1Z0TUFXMmxwNDl4V3JkbjVxaE9wMEJ0S3g0WSs2ZlprUHJoUT09_hd-capture-1-250x196.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_waf_account_login_param_MDozOjg1ZFUvc1Z0TUFXMmxwNDl4V3JkbjVxaE9wMEJ0S3g0WSs2ZlprUHJoUT09_hd-capture-1-768x603.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>The OTP will be received on the Google Authenticator after scanning the QR code.<\/p>\n\n\n\n\n<div class=\"wp-block-columns wk-bg-radial-gradient is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading\">OTP received on Google Authenticator<\/h2>\n\n\n\n<p>The OTP will be received on the Google Authenticator after scanning the QR code.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column wk-video-mockup-frame is-layout-flow wp-block-column-is-layout-flow\">\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"576\" height=\"1024\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/img_20201202_wa0022.jpg\" alt=\"img_20201202_wa0022\" class=\"wp-image-276381\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/img_20201202_wa0022.jpg 576w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/img_20201202_wa0022-169x300.jpg 169w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/12\/img_20201202_wa0022-140x249.jpg 140w\" sizes=\"(max-width: 576px) 100vw, 576px\" loading=\"lazy\" \/><\/figure>\n<\/div>\n<\/div>\n\n\n\n\n<p>After the authentication, now the customer will add the OTP in the respective field. The OTP valid notification will display as shown in the image below. After the first login through Google authentication, the customer can enable or disable the OTP authentication.<\/p>\n\n\n\n<p>The \u201cTrust my device\u201d option will help the customer to select those devices in which the OTP authentication will not be required even if the authentication is enabled.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_hd-capture-1.png\" alt=\"my account page\" class=\"wp-image-221705\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_hd-capture-1.png 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_hd-capture-1-300x236.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_hd-capture-1-250x196.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/magento2user.webkul.com_m2301_customer_account_hd-capture-1-768x603.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>After that, the customer will visit the OTP section again if you enable the Two Factor Authentication. The customer can now choose to add the device as a trusted device. If selected, the customer does not have to truly scan the QR code. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1120\" height=\"880\" src=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/image-5.png\" alt=\"Magento2 security two factor authentication\" class=\"wp-image-221710\" srcset=\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/image-5.png 1120w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/image-5-300x236.png 300w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/image-5-250x196.png 250w, https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2020\/01\/image-5-768x603.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" loading=\"lazy\" \/><\/figure>\n\n\n\n<p>So, that\u2019s all for the Adobe Commerce  Web Security module, for any question\/query, please raise a&nbsp;<strong><a href=\"https:\/\/webkul.uvdesk.com\/en\/customer\/create-ticket\/\" target=\"_blank\" rel=\"noreferrer noopener\">Ticket<\/a><\/strong>&nbsp;at our&nbsp;<strong>HelpDesk<\/strong>&nbsp;system. We are always happy to help you out. You can also get back to us via mail&nbsp;<a href=\"mailto:support@webkul.com\">support@webkul.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With the Magento 2 security extension, the admin can provide security services for the Magento store from hackers. The admin can restrict any particular file type to get uploaded on the website and can ban the website for any country and IP address. Brute force attack notifications to the admin and validation for the customer <a href=\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\">[&#8230;]<\/a><\/p>\n","protected":false},"author":202,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2383,9121,1],"tags":[],"class_list":["post-212993","post","type-post","status-publish","format-standard","hentry","category-blog","category-magento-2","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Web Security Module For Magento 2 | Web Firewall Extension<\/title>\n<meta name=\"description\" content=\"Magento2 web security module will allow the store owner to provide enhanced security for Magento2 website by banning IPs and secure login\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Web Security Module For Magento 2 | Web Firewall Extension\" \/>\n<meta property=\"og:description\" content=\"Magento2 web security module will allow the store owner to provide enhanced security for Magento2 website by banning IPs and secure login\" \/>\n<meta property=\"og:url\" content=\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\" \/>\n<meta property=\"og:site_name\" content=\"Webkul Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/webkul\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-10T11:27:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-10-10T07:07:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png\" \/>\n<meta name=\"author\" content=\"Abhishek Oberoi\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@webkul\" \/>\n<meta name=\"twitter:site\" content=\"@webkul\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Abhishek Oberoi\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"20 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\"},\"author\":{\"name\":\"Abhishek Oberoi\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/person\/047f826cffc5888aa2c8ca5b947f686c\"},\"headline\":\"Web Security Module For Magento 2\",\"datePublished\":\"2020-01-10T11:27:51+00:00\",\"dateModified\":\"2024-10-10T07:07:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\"},\"wordCount\":2560,\"commentCount\":4,\"publisher\":{\"@id\":\"https:\/\/webkul.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png\",\"articleSection\":[\"blog\",\"Magento 2\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\",\"url\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\",\"name\":\"Web Security Module For Magento 2 | Web Firewall Extension\",\"isPartOf\":{\"@id\":\"https:\/\/webkul.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png\",\"datePublished\":\"2020-01-10T11:27:51+00:00\",\"dateModified\":\"2024-10-10T07:07:36+00:00\",\"description\":\"Magento2 web security module will allow the store owner to provide enhanced security for Magento2 website by banning IPs and secure login\",\"breadcrumb\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage\",\"url\":\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png\",\"contentUrl\":\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png\",\"width\":1024,\"height\":386,\"caption\":\"Installation using Zip\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/webkul.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Web Security Module For Magento 2\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/webkul.com\/blog\/#website\",\"url\":\"https:\/\/webkul.com\/blog\/\",\"name\":\"Webkul Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/webkul.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/webkul.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/webkul.com\/blog\/#organization\",\"name\":\"WebKul Software Private Limited\",\"url\":\"https:\/\/webkul.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png\",\"contentUrl\":\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png\",\"width\":380,\"height\":380,\"caption\":\"WebKul Software Private Limited\"},\"image\":{\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/webkul\/\",\"https:\/\/x.com\/webkul\",\"https:\/\/www.instagram.com\/webkul\/\",\"https:\/\/www.linkedin.com\/company\/webkul\",\"https:\/\/www.youtube.com\/user\/webkul\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/person\/047f826cffc5888aa2c8ca5b947f686c\",\"name\":\"Abhishek Oberoi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/883e0458dc99284b17bec40fc0f9d0ed9a8855afd3539a5a68a831438f075ad6?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/883e0458dc99284b17bec40fc0f9d0ed9a8855afd3539a5a68a831438f075ad6?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g\",\"caption\":\"Abhishek Oberoi\"},\"url\":\"https:\/\/webkul.com\/blog\/author\/abhishekoberoi-bd437\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Web Security Module For Magento 2 | Web Firewall Extension","description":"Magento2 web security module will allow the store owner to provide enhanced security for Magento2 website by banning IPs and secure login","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/","og_locale":"en_US","og_type":"article","og_title":"Web Security Module For Magento 2 | Web Firewall Extension","og_description":"Magento2 web security module will allow the store owner to provide enhanced security for Magento2 website by banning IPs and secure login","og_url":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/","og_site_name":"Webkul Blog","article_publisher":"https:\/\/www.facebook.com\/webkul\/","article_published_time":"2020-01-10T11:27:51+00:00","article_modified_time":"2024-10-10T07:07:36+00:00","og_image":[{"url":"https:\/\/webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png","type":"","width":"","height":""}],"author":"Abhishek Oberoi","twitter_card":"summary_large_image","twitter_creator":"@webkul","twitter_site":"@webkul","twitter_misc":{"Written by":"Abhishek Oberoi","Est. reading time":"20 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#article","isPartOf":{"@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/"},"author":{"name":"Abhishek Oberoi","@id":"https:\/\/webkul.com\/blog\/#\/schema\/person\/047f826cffc5888aa2c8ca5b947f686c"},"headline":"Web Security Module For Magento 2","datePublished":"2020-01-10T11:27:51+00:00","dateModified":"2024-10-10T07:07:36+00:00","mainEntityOfPage":{"@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/"},"wordCount":2560,"commentCount":4,"publisher":{"@id":"https:\/\/webkul.com\/blog\/#organization"},"image":{"@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage"},"thumbnailUrl":"https:\/\/webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png","articleSection":["blog","Magento 2"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/webkul.com\/blog\/magento2-web-security-module\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/","url":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/","name":"Web Security Module For Magento 2 | Web Firewall Extension","isPartOf":{"@id":"https:\/\/webkul.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage"},"image":{"@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage"},"thumbnailUrl":"https:\/\/webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png","datePublished":"2020-01-10T11:27:51+00:00","dateModified":"2024-10-10T07:07:36+00:00","description":"Magento2 web security module will allow the store owner to provide enhanced security for Magento2 website by banning IPs and secure login","breadcrumb":{"@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/webkul.com\/blog\/magento2-web-security-module\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#primaryimage","url":"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png","contentUrl":"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2017\/02\/2017-02-28_12-22-45.png","width":1024,"height":386,"caption":"Installation using Zip"},{"@type":"BreadcrumbList","@id":"https:\/\/webkul.com\/blog\/magento2-web-security-module\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/webkul.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Web Security Module For Magento 2"}]},{"@type":"WebSite","@id":"https:\/\/webkul.com\/blog\/#website","url":"https:\/\/webkul.com\/blog\/","name":"Webkul Blog","description":"","publisher":{"@id":"https:\/\/webkul.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/webkul.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/webkul.com\/blog\/#organization","name":"WebKul Software Private Limited","url":"https:\/\/webkul.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png","contentUrl":"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png","width":380,"height":380,"caption":"WebKul Software Private Limited"},"image":{"@id":"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/webkul\/","https:\/\/x.com\/webkul","https:\/\/www.instagram.com\/webkul\/","https:\/\/www.linkedin.com\/company\/webkul","https:\/\/www.youtube.com\/user\/webkul\/"]},{"@type":"Person","@id":"https:\/\/webkul.com\/blog\/#\/schema\/person\/047f826cffc5888aa2c8ca5b947f686c","name":"Abhishek Oberoi","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/webkul.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/883e0458dc99284b17bec40fc0f9d0ed9a8855afd3539a5a68a831438f075ad6?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/883e0458dc99284b17bec40fc0f9d0ed9a8855afd3539a5a68a831438f075ad6?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g","caption":"Abhishek Oberoi"},"url":"https:\/\/webkul.com\/blog\/author\/abhishekoberoi-bd437\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts\/212993","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/users\/202"}],"replies":[{"embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/comments?post=212993"}],"version-history":[{"count":155,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts\/212993\/revisions"}],"predecessor-version":[{"id":467954,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts\/212993\/revisions\/467954"}],"wp:attachment":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/media?parent=212993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/categories?post=212993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/tags?post=212993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}