beebots/magento2-brute-bouncer

Brute Force Protection Module for Magento 2

Maintainers

Details

github.com/beebots/magento2-brute-bouncer

Source

Issues

Documentation

Installs: 13

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 3

Forks: 0

Open Issues: 1

Type:magento2-module

1.0.2 2022-11-03 13:45 UTC

Requires

  • php: ^8.1
  • magento/module-cron: *

MIT 14567b3fbb31f70925cc314c3257a84b07b4cf07

This package is auto-updated.

Last update: 2024-04-30 00:42:18 UTC

README

Brute Force Protection Module for Magento 2. This module does not do anything on it's own. This module is utility that you can use to protect a given URL or rest endpoint using Magento's plugin system. This module creates it's own database table that it maintains to track attempts to access a given endpoint or resource by an IP address. This module also includes a cron task that is used to periodically clean up records of old access attempts.

Installation

composer require beebots/magento2-brute-bouncer

A note about IP Addresses

Make sure that you use the customer/user's IP address with this module and not the local IP address. Many Magento setups use Varnish with an outer nginx server that can end up making all the IP addresses 127.0.0.1. If you are setup this way you'll want to pull the real IP out of the headers before passing it to this module for validation.

License

MIT